tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

xattr: Fix error results for non-existent / invisible attributes

Return -ENODATA when trying to read a user.* attribute which cannot
exist: user space otherwise does not have a reasonable way to
distinguish between non-existent and inaccessible attributes.

Likewise, return -ENODATA when an unprivileged process tries to read a
trusted.* attribute: to unprivileged processes, those attributes are
invisible (listxattr() won't include them).

Related to this bug report: https://bugzilla.redhat.com/660613

Signed-off-by: Andreas Gruenbacher <agruen@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

authored by

Andreas Gruenbacher and committed by
Al Viro 55b23bde aa385729

+10 -6
+10 -6
fs/xattr.c
··· 46 46 return 0; 47 47 48 48 /* 49 - * The trusted.* namespace can only be accessed by a privileged user. 49 + * The trusted.* namespace can only be accessed by privileged users. 50 50 */ 51 - if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) 52 - return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM); 51 + if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) { 52 + if (!capable(CAP_SYS_ADMIN)) 53 + return (mask & MAY_WRITE) ? -EPERM : -ENODATA; 54 + return 0; 55 + } 53 56 54 - /* In user.* namespace, only regular files and directories can have 57 + /* 58 + * In the user.* namespace, only regular files and directories can have 55 59 * extended attributes. For sticky directories, only the owner and 56 - * privileged user can write attributes. 60 + * privileged users can write attributes. 57 61 */ 58 62 if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) { 59 63 if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) 60 - return -EPERM; 64 + return (mask & MAY_WRITE) ? -EPERM : -ENODATA; 61 65 if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && 62 66 (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) 63 67 return -EPERM;