vfs: Check for the IOP_XATTR flag in listxattr

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When an inode doesn't support xattrs, turn listxattr off as well.

(When xattrs are "turned off", the VFS still passes security xattr
operations through to security modules, which can still expose inode
security labels that way.)

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

authored by

Andreas Gruenbacher and committed by

Al Viro 9 years ago bf3ee713 5d6c3191

+7 -6

1 changed file

expand all

xattr.c

+7 -6

fs/xattr.c

··· 326 326 EXPORT_SYMBOL_GPL(vfs_getxattr); 327 327 328 328 ssize_t 329 - vfs_listxattr(struct dentry *d, char *list, size_t size) 329 + vfs_listxattr(struct dentry *dentry, char *list, size_t size) 330 330 { 331 + struct inode *inode = d_inode(dentry); 331 332 ssize_t error; 332 333 333 - error = security_inode_listxattr(d); 334 + error = security_inode_listxattr(dentry); 334 335 if (error) 335 336 return error; 336 - error = -EOPNOTSUPP; 337 - if (d->d_inode->i_op->listxattr) { 338 - error = d->d_inode->i_op->listxattr(d, list, size); 337 + if (inode->i_op->listxattr && (inode->i_opflags & IOP_XATTR)) { 338 + error = -EOPNOTSUPP; 339 + error = inode->i_op->listxattr(dentry, list, size); 339 340 } else { 340 - error = security_inode_listsecurity(d->d_inode, list, size); 341 + error = security_inode_listsecurity(inode, list, size); 341 342 if (size && error > size) 342 343 error = -ERANGE; 343 344 }