Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bf3ee713 authored by Andreas Gruenbacher's avatar Andreas Gruenbacher Committed by Al Viro
Browse files

vfs: Check for the IOP_XATTR flag in listxattr 



When an inode doesn't support xattrs, turn listxattr off as well.

(When xattrs are "turned off", the VFS still passes security xattr
operations through to security modules, which can still expose inode
security labels that way.)

Signed-off-by: default avatarAndreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 5d6c3191

fs/xattr.c

+7 −6
Original line number Diff line number Diff line
@@ -326,18 +326,19 @@ vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size) 
EXPORT_SYMBOL_GPL(vfs_getxattr);



ssize_t

vfs_listxattr(struct dentry *d, char *list, size_t size)

vfs_listxattr(struct dentry *dentry, char *list, size_t size)

{

	struct inode *inode = d_inode(dentry);

	ssize_t error;



	error = security_inode_listxattr(d);

	error = security_inode_listxattr(dentry);

	if (error)

		return error;

	if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) {

		error = -EOPNOTSUPP;

	if (d->d_inode->i_op->listxattr) {

		error = d->d_inode->i_op->listxattr(d, list, size);

		error = inode->i_op->listxattr(dentry, list, size);

	} else {

		error = security_inode_listsecurity(d->d_inode, list, size);

		error = security_inode_listsecurity(inode, list, size);

		if (size && error > size)

			error = -ERANGE;

	}