1 // SPDX-License-Identifier: GPL-2.0-only
5 Extended attribute handling.
7 Copyright (C) 2001 by Andreas Gruenbacher <a.gruenbacher@computer.org>
8 Copyright (C) 2001 SGI - Silicon Graphics, Inc <linux-xfs@oss.sgi.com>
9 Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
12 #include <linux/slab.h>
13 #include <linux/file.h>
14 #include <linux/xattr.h>
15 #include <linux/mount.h>
16 #include <linux/namei.h>
17 #include <linux/security.h>
18 #include <linux/evm.h>
19 #include <linux/syscalls.h>
20 #include <linux/export.h>
21 #include <linux/fsnotify.h>
22 #include <linux/audit.h>
23 #include <linux/vmalloc.h>
24 #include <linux/posix_acl_xattr.h>
26 #include <linux/uaccess.h>
29 strcmp_prefix(const char *a, const char *a_prefix)
31 while (*a_prefix && *a == *a_prefix) {
35 return *a_prefix ? NULL : a;
39 * In order to implement different sets of xattr operations for each xattr
40 * prefix, a filesystem should create a null-terminated array of struct
41 * xattr_handler (one for each prefix) and hang a pointer to it off of the
42 * s_xattr field of the superblock.
44 #define for_each_xattr_handler(handlers, handler) \
46 for ((handler) = *(handlers)++; \
48 (handler) = *(handlers)++)
51 * Find the xattr_handler with the matching prefix.
53 static const struct xattr_handler *
54 xattr_resolve_name(struct inode *inode, const char **name)
56 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
57 const struct xattr_handler *handler;
59 if (!(inode->i_opflags & IOP_XATTR)) {
60 if (unlikely(is_bad_inode(inode)))
62 return ERR_PTR(-EOPNOTSUPP);
64 for_each_xattr_handler(handlers, handler) {
67 n = strcmp_prefix(*name, xattr_prefix(handler));
69 if (!handler->prefix ^ !*n) {
72 return ERR_PTR(-EINVAL);
78 return ERR_PTR(-EOPNOTSUPP);
82 * Check permissions for extended attribute access. This is a bit complicated
83 * because different namespaces have very different rules.
86 xattr_permission(struct inode *inode, const char *name, int mask)
89 * We can never set or remove an extended attribute on a read-only
90 * filesystem or on an immutable / append-only inode.
92 if (mask & MAY_WRITE) {
93 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
96 * Updating an xattr will likely cause i_uid and i_gid
97 * to be writen back improperly if their true value is
100 if (HAS_UNMAPPED_ID(inode))
105 * No restriction for security.* and system.* from the VFS. Decision
106 * on these is left to the underlying filesystem / security module.
108 if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN) ||
109 !strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN))
113 * The trusted.* namespace can only be accessed by privileged users.
115 if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
116 if (!capable(CAP_SYS_ADMIN))
117 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
122 * In the user.* namespace, only regular files and directories can have
123 * extended attributes. For sticky directories, only the owner and
124 * privileged users can write attributes.
126 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
127 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
128 return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
129 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
130 (mask & MAY_WRITE) &&
131 !inode_owner_or_capable(&init_user_ns, inode))
135 return inode_permission(&init_user_ns, inode, mask);
139 * Look for any handler that deals with the specified namespace.
142 xattr_supported_namespace(struct inode *inode, const char *prefix)
144 const struct xattr_handler **handlers = inode->i_sb->s_xattr;
145 const struct xattr_handler *handler;
148 if (!(inode->i_opflags & IOP_XATTR)) {
149 if (unlikely(is_bad_inode(inode)))
154 preflen = strlen(prefix);
156 for_each_xattr_handler(handlers, handler) {
157 if (!strncmp(xattr_prefix(handler), prefix, preflen))
163 EXPORT_SYMBOL(xattr_supported_namespace);
166 __vfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name,
167 const void *value, size_t size, int flags)
169 const struct xattr_handler *handler;
171 handler = xattr_resolve_name(inode, &name);
173 return PTR_ERR(handler);
177 value = ""; /* empty EA, do not remove */
178 return handler->set(handler, dentry, inode, name, value, size, flags);
180 EXPORT_SYMBOL(__vfs_setxattr);
183 * __vfs_setxattr_noperm - perform setxattr operation without performing
186 * @dentry - object to perform setxattr on
187 * @name - xattr name to set
188 * @value - value to set @name to
189 * @size - size of @value
190 * @flags - flags to pass into filesystem operations
192 * returns the result of the internal setxattr or setsecurity operations.
194 * This function requires the caller to lock the inode's i_mutex before it
195 * is executed. It also assumes that the caller will make the appropriate
198 int __vfs_setxattr_noperm(struct dentry *dentry, const char *name,
199 const void *value, size_t size, int flags)
201 struct inode *inode = dentry->d_inode;
203 int issec = !strncmp(name, XATTR_SECURITY_PREFIX,
204 XATTR_SECURITY_PREFIX_LEN);
207 inode->i_flags &= ~S_NOSEC;
208 if (inode->i_opflags & IOP_XATTR) {
209 error = __vfs_setxattr(dentry, inode, name, value, size, flags);
211 fsnotify_xattr(dentry);
212 security_inode_post_setxattr(dentry, name, value,
216 if (unlikely(is_bad_inode(inode)))
219 if (error == -EAGAIN) {
223 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
225 error = security_inode_setsecurity(inode, suffix, value,
228 fsnotify_xattr(dentry);
236 * __vfs_setxattr_locked - set an extended attribute while holding the inode
239 * @dentry: object to perform setxattr on
240 * @name: xattr name to set
241 * @value: value to set @name to
242 * @size: size of @value
243 * @flags: flags to pass into filesystem operations
244 * @delegated_inode: on return, will contain an inode pointer that
245 * a delegation was broken on, NULL if none.
248 __vfs_setxattr_locked(struct dentry *dentry, const char *name,
249 const void *value, size_t size, int flags,
250 struct inode **delegated_inode)
252 struct inode *inode = dentry->d_inode;
255 error = xattr_permission(inode, name, MAY_WRITE);
259 error = security_inode_setxattr(dentry, name, value, size, flags);
263 error = try_break_deleg(inode, delegated_inode);
267 error = __vfs_setxattr_noperm(dentry, name, value, size, flags);
272 EXPORT_SYMBOL_GPL(__vfs_setxattr_locked);
275 vfs_setxattr(struct dentry *dentry, const char *name, const void *value,
276 size_t size, int flags)
278 struct inode *inode = dentry->d_inode;
279 struct inode *delegated_inode = NULL;
280 const void *orig_value = value;
283 if (size && strcmp(name, XATTR_NAME_CAPS) == 0) {
284 error = cap_convert_nscap(dentry, &value, size);
292 error = __vfs_setxattr_locked(dentry, name, value, size, flags,
296 if (delegated_inode) {
297 error = break_deleg_wait(&delegated_inode);
301 if (value != orig_value)
306 EXPORT_SYMBOL_GPL(vfs_setxattr);
309 xattr_getsecurity(struct inode *inode, const char *name, void *value,
315 if (!value || !size) {
316 len = security_inode_getsecurity(inode, name, &buffer, false);
320 len = security_inode_getsecurity(inode, name, &buffer, true);
327 memcpy(value, buffer, len);
335 * vfs_getxattr_alloc - allocate memory, if necessary, before calling getxattr
337 * Allocate memory, if not already allocated, or re-allocate correct size,
338 * before retrieving the extended attribute.
340 * Returns the result of alloc, if failed, or the getxattr operation.
343 vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
344 size_t xattr_size, gfp_t flags)
346 const struct xattr_handler *handler;
347 struct inode *inode = dentry->d_inode;
348 char *value = *xattr_value;
351 error = xattr_permission(inode, name, MAY_READ);
355 handler = xattr_resolve_name(inode, &name);
357 return PTR_ERR(handler);
360 error = handler->get(handler, dentry, inode, name, NULL, 0);
364 if (!value || (error > xattr_size)) {
365 value = krealloc(*xattr_value, error + 1, flags);
368 memset(value, 0, error + 1);
371 error = handler->get(handler, dentry, inode, name, value, error);
372 *xattr_value = value;
377 __vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
378 void *value, size_t size)
380 const struct xattr_handler *handler;
382 handler = xattr_resolve_name(inode, &name);
384 return PTR_ERR(handler);
387 return handler->get(handler, dentry, inode, name, value, size);
389 EXPORT_SYMBOL(__vfs_getxattr);
392 vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size)
394 struct inode *inode = dentry->d_inode;
397 error = xattr_permission(inode, name, MAY_READ);
401 error = security_inode_getxattr(dentry, name);
405 if (!strncmp(name, XATTR_SECURITY_PREFIX,
406 XATTR_SECURITY_PREFIX_LEN)) {
407 const char *suffix = name + XATTR_SECURITY_PREFIX_LEN;
408 int ret = xattr_getsecurity(inode, suffix, value, size);
410 * Only overwrite the return value if a security module
411 * is actually active.
413 if (ret == -EOPNOTSUPP)
418 return __vfs_getxattr(dentry, inode, name, value, size);
420 EXPORT_SYMBOL_GPL(vfs_getxattr);
423 vfs_listxattr(struct dentry *dentry, char *list, size_t size)
425 struct inode *inode = d_inode(dentry);
428 error = security_inode_listxattr(dentry);
431 if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {
432 error = inode->i_op->listxattr(dentry, list, size);
434 error = security_inode_listsecurity(inode, list, size);
435 if (size && error > size)
440 EXPORT_SYMBOL_GPL(vfs_listxattr);
443 __vfs_removexattr(struct dentry *dentry, const char *name)
445 struct inode *inode = d_inode(dentry);
446 const struct xattr_handler *handler;
448 handler = xattr_resolve_name(inode, &name);
450 return PTR_ERR(handler);
453 return handler->set(handler, dentry, inode, name, NULL, 0, XATTR_REPLACE);
455 EXPORT_SYMBOL(__vfs_removexattr);
458 * __vfs_removexattr_locked - set an extended attribute while holding the inode
461 * @dentry: object to perform setxattr on
462 * @name: name of xattr to remove
463 * @delegated_inode: on return, will contain an inode pointer that
464 * a delegation was broken on, NULL if none.
467 __vfs_removexattr_locked(struct dentry *dentry, const char *name,
468 struct inode **delegated_inode)
470 struct inode *inode = dentry->d_inode;
473 error = xattr_permission(inode, name, MAY_WRITE);
477 error = security_inode_removexattr(dentry, name);
481 error = try_break_deleg(inode, delegated_inode);
485 error = __vfs_removexattr(dentry, name);
488 fsnotify_xattr(dentry);
489 evm_inode_post_removexattr(dentry, name);
495 EXPORT_SYMBOL_GPL(__vfs_removexattr_locked);
498 vfs_removexattr(struct dentry *dentry, const char *name)
500 struct inode *inode = dentry->d_inode;
501 struct inode *delegated_inode = NULL;
506 error = __vfs_removexattr_locked(dentry, name, &delegated_inode);
509 if (delegated_inode) {
510 error = break_deleg_wait(&delegated_inode);
517 EXPORT_SYMBOL_GPL(vfs_removexattr);
520 * Extended attribute SET operations
523 setxattr(struct dentry *d, const char __user *name, const void __user *value,
524 size_t size, int flags)
528 char kname[XATTR_NAME_MAX + 1];
530 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
533 error = strncpy_from_user(kname, name, sizeof(kname));
534 if (error == 0 || error == sizeof(kname))
540 if (size > XATTR_SIZE_MAX)
542 kvalue = kvmalloc(size, GFP_KERNEL);
545 if (copy_from_user(kvalue, value, size)) {
549 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
550 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
551 posix_acl_fix_xattr_from_user(kvalue, size);
554 error = vfs_setxattr(d, kname, kvalue, size, flags);
561 static int path_setxattr(const char __user *pathname,
562 const char __user *name, const void __user *value,
563 size_t size, int flags, unsigned int lookup_flags)
568 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
571 error = mnt_want_write(path.mnt);
573 error = setxattr(path.dentry, name, value, size, flags);
574 mnt_drop_write(path.mnt);
577 if (retry_estale(error, lookup_flags)) {
578 lookup_flags |= LOOKUP_REVAL;
584 SYSCALL_DEFINE5(setxattr, const char __user *, pathname,
585 const char __user *, name, const void __user *, value,
586 size_t, size, int, flags)
588 return path_setxattr(pathname, name, value, size, flags, LOOKUP_FOLLOW);
591 SYSCALL_DEFINE5(lsetxattr, const char __user *, pathname,
592 const char __user *, name, const void __user *, value,
593 size_t, size, int, flags)
595 return path_setxattr(pathname, name, value, size, flags, 0);
598 SYSCALL_DEFINE5(fsetxattr, int, fd, const char __user *, name,
599 const void __user *,value, size_t, size, int, flags)
601 struct fd f = fdget(fd);
607 error = mnt_want_write_file(f.file);
609 error = setxattr(f.file->f_path.dentry, name, value, size, flags);
610 mnt_drop_write_file(f.file);
617 * Extended attribute GET operations
620 getxattr(struct dentry *d, const char __user *name, void __user *value,
625 char kname[XATTR_NAME_MAX + 1];
627 error = strncpy_from_user(kname, name, sizeof(kname));
628 if (error == 0 || error == sizeof(kname))
634 if (size > XATTR_SIZE_MAX)
635 size = XATTR_SIZE_MAX;
636 kvalue = kvzalloc(size, GFP_KERNEL);
641 error = vfs_getxattr(d, kname, kvalue, size);
643 if ((strcmp(kname, XATTR_NAME_POSIX_ACL_ACCESS) == 0) ||
644 (strcmp(kname, XATTR_NAME_POSIX_ACL_DEFAULT) == 0))
645 posix_acl_fix_xattr_to_user(kvalue, error);
646 if (size && copy_to_user(value, kvalue, error))
648 } else if (error == -ERANGE && size >= XATTR_SIZE_MAX) {
649 /* The file system tried to returned a value bigger
650 than XATTR_SIZE_MAX bytes. Not possible. */
659 static ssize_t path_getxattr(const char __user *pathname,
660 const char __user *name, void __user *value,
661 size_t size, unsigned int lookup_flags)
666 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
669 error = getxattr(path.dentry, name, value, size);
671 if (retry_estale(error, lookup_flags)) {
672 lookup_flags |= LOOKUP_REVAL;
678 SYSCALL_DEFINE4(getxattr, const char __user *, pathname,
679 const char __user *, name, void __user *, value, size_t, size)
681 return path_getxattr(pathname, name, value, size, LOOKUP_FOLLOW);
684 SYSCALL_DEFINE4(lgetxattr, const char __user *, pathname,
685 const char __user *, name, void __user *, value, size_t, size)
687 return path_getxattr(pathname, name, value, size, 0);
690 SYSCALL_DEFINE4(fgetxattr, int, fd, const char __user *, name,
691 void __user *, value, size_t, size)
693 struct fd f = fdget(fd);
694 ssize_t error = -EBADF;
699 error = getxattr(f.file->f_path.dentry, name, value, size);
705 * Extended attribute LIST operations
708 listxattr(struct dentry *d, char __user *list, size_t size)
714 if (size > XATTR_LIST_MAX)
715 size = XATTR_LIST_MAX;
716 klist = kvmalloc(size, GFP_KERNEL);
721 error = vfs_listxattr(d, klist, size);
723 if (size && copy_to_user(list, klist, error))
725 } else if (error == -ERANGE && size >= XATTR_LIST_MAX) {
726 /* The file system tried to returned a list bigger
727 than XATTR_LIST_MAX bytes. Not possible. */
736 static ssize_t path_listxattr(const char __user *pathname, char __user *list,
737 size_t size, unsigned int lookup_flags)
742 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
745 error = listxattr(path.dentry, list, size);
747 if (retry_estale(error, lookup_flags)) {
748 lookup_flags |= LOOKUP_REVAL;
754 SYSCALL_DEFINE3(listxattr, const char __user *, pathname, char __user *, list,
757 return path_listxattr(pathname, list, size, LOOKUP_FOLLOW);
760 SYSCALL_DEFINE3(llistxattr, const char __user *, pathname, char __user *, list,
763 return path_listxattr(pathname, list, size, 0);
766 SYSCALL_DEFINE3(flistxattr, int, fd, char __user *, list, size_t, size)
768 struct fd f = fdget(fd);
769 ssize_t error = -EBADF;
774 error = listxattr(f.file->f_path.dentry, list, size);
780 * Extended attribute REMOVE operations
783 removexattr(struct dentry *d, const char __user *name)
786 char kname[XATTR_NAME_MAX + 1];
788 error = strncpy_from_user(kname, name, sizeof(kname));
789 if (error == 0 || error == sizeof(kname))
794 return vfs_removexattr(d, kname);
797 static int path_removexattr(const char __user *pathname,
798 const char __user *name, unsigned int lookup_flags)
803 error = user_path_at(AT_FDCWD, pathname, lookup_flags, &path);
806 error = mnt_want_write(path.mnt);
808 error = removexattr(path.dentry, name);
809 mnt_drop_write(path.mnt);
812 if (retry_estale(error, lookup_flags)) {
813 lookup_flags |= LOOKUP_REVAL;
819 SYSCALL_DEFINE2(removexattr, const char __user *, pathname,
820 const char __user *, name)
822 return path_removexattr(pathname, name, LOOKUP_FOLLOW);
825 SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
826 const char __user *, name)
828 return path_removexattr(pathname, name, 0);
831 SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
833 struct fd f = fdget(fd);
839 error = mnt_want_write_file(f.file);
841 error = removexattr(f.file->f_path.dentry, name);
842 mnt_drop_write_file(f.file);
849 * Combine the results of the list() operation from every xattr_handler in the
853 generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
855 const struct xattr_handler *handler, **handlers = dentry->d_sb->s_xattr;
856 unsigned int size = 0;
859 for_each_xattr_handler(handlers, handler) {
860 if (!handler->name ||
861 (handler->list && !handler->list(dentry)))
863 size += strlen(handler->name) + 1;
869 for_each_xattr_handler(handlers, handler) {
870 if (!handler->name ||
871 (handler->list && !handler->list(dentry)))
873 len = strlen(handler->name);
874 if (len + 1 > buffer_size)
876 memcpy(buf, handler->name, len + 1);
878 buffer_size -= len + 1;
884 EXPORT_SYMBOL(generic_listxattr);
887 * xattr_full_name - Compute full attribute name from suffix
889 * @handler: handler of the xattr_handler operation
890 * @name: name passed to the xattr_handler operation
892 * The get and set xattr handler operations are called with the remainder of
893 * the attribute name after skipping the handler's prefix: for example, "foo"
894 * is passed to the get operation of a handler with prefix "user." to get
895 * attribute "user.foo". The full name is still "there" in the name though.
897 * Note: the list xattr handler operation when called from the vfs is passed a
898 * NULL name; some file systems use this operation internally, with varying
901 const char *xattr_full_name(const struct xattr_handler *handler,
904 size_t prefix_len = strlen(xattr_prefix(handler));
906 return name - prefix_len;
908 EXPORT_SYMBOL(xattr_full_name);
911 * Allocate new xattr and copy in the value; but leave the name to callers.
913 struct simple_xattr *simple_xattr_alloc(const void *value, size_t size)
915 struct simple_xattr *new_xattr;
919 len = sizeof(*new_xattr) + size;
920 if (len < sizeof(*new_xattr))
923 new_xattr = kvmalloc(len, GFP_KERNEL);
927 new_xattr->size = size;
928 memcpy(new_xattr->value, value, size);
933 * xattr GET operation for in-memory/pseudo filesystems
935 int simple_xattr_get(struct simple_xattrs *xattrs, const char *name,
936 void *buffer, size_t size)
938 struct simple_xattr *xattr;
941 spin_lock(&xattrs->lock);
942 list_for_each_entry(xattr, &xattrs->head, list) {
943 if (strcmp(name, xattr->name))
948 if (size < xattr->size)
951 memcpy(buffer, xattr->value, xattr->size);
955 spin_unlock(&xattrs->lock);
960 * simple_xattr_set - xattr SET operation for in-memory/pseudo filesystems
961 * @xattrs: target simple_xattr list
962 * @name: name of the extended attribute
963 * @value: value of the xattr. If %NULL, will remove the attribute.
964 * @size: size of the new xattr
965 * @flags: %XATTR_{CREATE|REPLACE}
966 * @removed_size: returns size of the removed xattr, -1 if none removed
968 * %XATTR_CREATE is set, the xattr shouldn't exist already; otherwise fails
969 * with -EEXIST. If %XATTR_REPLACE is set, the xattr should exist;
970 * otherwise, fails with -ENODATA.
972 * Returns 0 on success, -errno on failure.
974 int simple_xattr_set(struct simple_xattrs *xattrs, const char *name,
975 const void *value, size_t size, int flags,
976 ssize_t *removed_size)
978 struct simple_xattr *xattr;
979 struct simple_xattr *new_xattr = NULL;
985 /* value == NULL means remove */
987 new_xattr = simple_xattr_alloc(value, size);
991 new_xattr->name = kstrdup(name, GFP_KERNEL);
992 if (!new_xattr->name) {
998 spin_lock(&xattrs->lock);
999 list_for_each_entry(xattr, &xattrs->head, list) {
1000 if (!strcmp(name, xattr->name)) {
1001 if (flags & XATTR_CREATE) {
1004 } else if (new_xattr) {
1005 list_replace(&xattr->list, &new_xattr->list);
1007 *removed_size = xattr->size;
1009 list_del(&xattr->list);
1011 *removed_size = xattr->size;
1016 if (flags & XATTR_REPLACE) {
1020 list_add(&new_xattr->list, &xattrs->head);
1024 spin_unlock(&xattrs->lock);
1033 static bool xattr_is_trusted(const char *name)
1035 return !strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN);
1038 static int xattr_list_one(char **buffer, ssize_t *remaining_size,
1041 size_t len = strlen(name) + 1;
1043 if (*remaining_size < len)
1045 memcpy(*buffer, name, len);
1048 *remaining_size -= len;
1053 * xattr LIST operation for in-memory/pseudo filesystems
1055 ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
1056 char *buffer, size_t size)
1058 bool trusted = capable(CAP_SYS_ADMIN);
1059 struct simple_xattr *xattr;
1060 ssize_t remaining_size = size;
1063 #ifdef CONFIG_FS_POSIX_ACL
1064 if (IS_POSIXACL(inode)) {
1066 err = xattr_list_one(&buffer, &remaining_size,
1067 XATTR_NAME_POSIX_ACL_ACCESS);
1071 if (inode->i_default_acl) {
1072 err = xattr_list_one(&buffer, &remaining_size,
1073 XATTR_NAME_POSIX_ACL_DEFAULT);
1080 spin_lock(&xattrs->lock);
1081 list_for_each_entry(xattr, &xattrs->head, list) {
1082 /* skip "trusted." attributes for unprivileged callers */
1083 if (!trusted && xattr_is_trusted(xattr->name))
1086 err = xattr_list_one(&buffer, &remaining_size, xattr->name);
1090 spin_unlock(&xattrs->lock);
1092 return err ? err : size - remaining_size;
1096 * Adds an extended attribute to the list
1098 void simple_xattr_list_add(struct simple_xattrs *xattrs,
1099 struct simple_xattr *new_xattr)
1101 spin_lock(&xattrs->lock);
1102 list_add(&new_xattr->list, &xattrs->head);
1103 spin_unlock(&xattrs->lock);