From: Andreas Gruenbacher <agruenba@redhat.com>
To: James Simmons <jsimmons@infradead.org>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
Tyler Hicks <tyhicks@canonical.com>,
ecryptfs@vger.kernel.org, Miklos Szeredi <miklos@szeredi.hu>,
linux-unionfs@vger.kernel.org, fuse-devel@lists.sourceforge.net,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
linux-ima-devel@lists.sourceforge.net,
LSM <linux-security-module@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
Serge Hallyn <serge.hallyn@canonical.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
Paul Moore <paul@paul-moore.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Eric Paris <eparis@parisplace.org>,
Casey Schaufler <casey@schaufler-ca.com>,
Oleg Drokin <oleg.drokin@intel.com>,
Andreas Dilger <andreas.dilger@intel.com>,
Lustre Developement <lustre-devel@lists.lustre.org>
Subject: Re: [PATCH] xattr handlers: fixup generic_listxattr
Date: Tue, 17 May 2016 04:03:32 +0200 [thread overview]
Message-ID: <CAHc6FU5x2ShKT1FYvSMtX2ucqQNO9ojm434hPEPKSGYM_FREjw@mail.gmail.com> (raw)
In-Reply-To: <alpine.LFD.2.20.1605170137480.13979@casper.infradead.org>
On Tue, May 17, 2016 at 3:12 AM, James Simmons <jsimmons@infradead.org> wrote:
>> generic_listxattr() is different from generic_getxattr() /
>> generic_setxattr() / generic_removexattr. It makes sense only for
>> filesystems that support a fixed set of xattrs, which means that all
>> handlers will have handler->name set.
>>
>> If any of the handlers has handler->prefix set instead, that handler
>> matches a whole set of attributes. Generic_listxattr() would have to
>> fill in all of those names matching that handler, but it doesn't know
>> which those are.
>>
>> It is common for filesystems to have their own listxattr inode
>> operation and still use generic_{get,set,remove}xattr.
>
> That clears things up a bit. So that leaves a few questions. First
> question is looking at several of the file system's implementations
> I noticed it contains loops such as:
>
> list_for_each_xattr(entry, base_addr) {
> const struct xattr_handler *handler =
> blah_xattr_handler(entry->e_name_index);
> const char *prefix;
> size_t prefix_len;
> size_t size;
>
> if (!handler || (handler->list && !handler->list(dentry)))
> continue;
>
> ...
> }
>
> Is the handler->list() test needed for a private listxattr implementation?
> Also I don't see anyone using handler->list() which which brings up the
> next question. What is the purpose of list() function?
Trusted xattrs are meant to only be visible to tasks with the
CAP_SYS_ADMIN capability. For deciding which names to include in its
result, listxattr implementations can use the list function, or any
other suitable mechanism. On filesystems that store the complete xattr
names as strings, a strncmp check for a "trusted." prefix together
with capable(CAP_SYS_ADMIN) would do, for example.
Andreas
next prev parent reply other threads:[~2016-05-17 2:03 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-02 22:45 [RFC 0/8] Xattr inode operation removal Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 1/8] ecryptfs: Switch to generic xattr handlers Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 2/8] overlayfs: " Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 3/8] fuse: " Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 4/8] evm: Turn evm_update_evmxattr into void function Andreas Gruenbacher
2016-05-04 7:23 ` James Morris
2016-05-04 11:20 ` Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 5/8] xattr: Add per-inode xattr handlers as a new inode operation Andreas Gruenbacher
2016-05-14 18:21 ` Al Viro
2016-05-02 22:45 ` [RFC 6/8] xattr: Add __vfs_{get,set,remove}xattr helpers Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 7/8] xattr: Stop calling {get,set,remove}xattr inode operations Andreas Gruenbacher
2016-05-02 22:45 ` [RFC 8/8] xattr: Remove generic xattr handlers Andreas Gruenbacher
2016-05-15 15:10 ` Al Viro
2016-05-02 23:23 ` [RFC 0/8] Xattr inode operation removal Andreas Dilger
2016-05-03 10:38 ` Andreas Gruenbacher
2016-05-04 20:13 ` James Simmons
2016-05-11 15:54 ` [PATCH] xattr handlers: fixup generic_listxattr James Simmons
2016-05-11 17:01 ` Andreas Gruenbacher
2016-05-17 1:12 ` James Simmons
2016-05-17 2:03 ` Andreas Gruenbacher [this message]
2016-05-03 2:40 ` [RFC 0/8] Xattr inode operation removal Mimi Zohar
2016-05-03 11:49 ` Andreas Gruenbacher
2016-05-03 13:12 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHc6FU5x2ShKT1FYvSMtX2ucqQNO9ojm434hPEPKSGYM_FREjw@mail.gmail.com \
--to=agruenba@redhat.com \
--cc=andreas.dilger@intel.com \
--cc=casey@schaufler-ca.com \
--cc=dhowells@redhat.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=ecryptfs@vger.kernel.org \
--cc=eparis@parisplace.org \
--cc=fuse-devel@lists.sourceforge.net \
--cc=jsimmons@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-ima-devel@lists.sourceforge.net \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-unionfs@vger.kernel.org \
--cc=lustre-devel@lists.lustre.org \
--cc=miklos@szeredi.hu \
--cc=oleg.drokin@intel.com \
--cc=paul@paul-moore.com \
--cc=sds@tycho.nsa.gov \
--cc=serge.hallyn@canonical.com \
--cc=tyhicks@canonical.com \
--cc=viro@zeniv.linux.org.uk \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).