version 1.36, 2012/01/27 19:22:49 |
version 1.37, 2012/03/13 18:41:14 |
Line 108 static int ufs_extattr_get_header(struct |
|
Line 108 static int ufs_extattr_get_header(struct |
|
struct ufs_extattr_header *, off_t *); |
struct ufs_extattr_header *, off_t *); |
|
|
/* |
/* |
|
* Convert a FreeBSD extended attribute and namespace to a consistent string |
|
* representation. |
|
* |
|
* The returned value, if not NULL, is guaranteed to be an allocated object |
|
* of its size as returned by strlen() + 1 and must be freed by the caller. |
|
*/ |
|
static char * |
|
from_freebsd_extattr(int attrnamespace, const char *attrname) |
|
{ |
|
const char *namespace; |
|
char *attr; |
|
size_t len; |
|
|
|
if (attrnamespace == EXTATTR_NAMESPACE_SYSTEM) |
|
namespace = "system"; |
|
else if (attrnamespace == EXTATTR_NAMESPACE_USER) |
|
namespace = "user"; |
|
else |
|
return NULL; |
|
|
|
/* <namespace>.<attrname>\0 */ |
|
len = strlen(namespace) + 1 + strlen(attrname) + 1; |
|
|
|
attr = kmem_alloc(len, KM_SLEEP); |
|
|
|
snprintf(attr, len, "%s.%s", namespace, attr); |
|
|
|
return attr; |
|
} |
|
|
|
/* |
|
* Internal wrapper around a conversion-check-free sequence. |
|
*/ |
|
static int |
|
internal_extattr_check_cred(vnode_t *vp, int attrnamespace, const char *name, |
|
kauth_cred_t cred, int access_mode) |
|
{ |
|
char *attr; |
|
int error; |
|
|
|
attr = from_freebsd_extattr(attrnamespace, name); |
|
if (attr == NULL) |
|
return EINVAL; |
|
|
|
error = extattr_check_cred(vp, attr, cred, access_mode); |
|
|
|
kmem_free(attr, strlen(attr) + 1); |
|
|
|
return error; |
|
} |
|
|
|
/* |
* Per-FS attribute lock protecting attribute operations. |
* Per-FS attribute lock protecting attribute operations. |
* XXX Right now there is a lot of lock contention due to having a single |
* XXX Right now there is a lot of lock contention due to having a single |
* lock per-FS; really, this should be far more fine-grained. |
* lock per-FS; really, this should be far more fine-grained. |
Line 862 ufs_extattrctl(struct mount *mp, int cmd |
|
Line 914 ufs_extattrctl(struct mount *mp, int cmd |
|
/* |
/* |
* Only privileged processes can configure extended attributes. |
* Only privileged processes can configure extended attributes. |
*/ |
*/ |
if ((error = kauth_authorize_generic(l->l_cred, KAUTH_GENERIC_ISSUSER, |
error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FS_EXTATTR, |
NULL)) != 0) { |
0, mp, NULL, NULL); |
|
if (error) { |
if (filename_vp != NULL) |
if (filename_vp != NULL) |
VOP_UNLOCK(filename_vp); |
VOP_UNLOCK(filename_vp); |
return (error); |
return (error); |
Line 1060 ufs_extattr_get(struct vnode *vp, int at |
|
Line 1113 ufs_extattr_get(struct vnode *vp, int at |
|
if (strlen(name) == 0) |
if (strlen(name) == 0) |
return (EINVAL); |
return (EINVAL); |
|
|
error = extattr_check_cred(vp, attrnamespace, cred, l, IREAD); |
error = internal_extattr_check_cred(vp, attrnamespace, name, cred, |
|
VREAD); |
if (error) |
if (error) |
return (error); |
return (error); |
|
|
Line 1174 ufs_extattr_list(struct vnode *vp, int a |
|
Line 1228 ufs_extattr_list(struct vnode *vp, int a |
|
if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED)) |
if (!(ump->um_extattr.uepm_flags & UFS_EXTATTR_UEPM_STARTED)) |
return (EOPNOTSUPP); |
return (EOPNOTSUPP); |
|
|
error = extattr_check_cred(vp, attrnamespace, cred, l, IREAD); |
/* |
|
* XXX: We can move this inside the loop and iterate on individual |
|
* attributes. |
|
*/ |
|
error = internal_extattr_check_cred(vp, attrnamespace, "", cred, |
|
VREAD); |
if (error) |
if (error) |
return (error); |
return (error); |
|
|
Line 1339 ufs_extattr_set(struct vnode *vp, int at |
|
Line 1398 ufs_extattr_set(struct vnode *vp, int at |
|
if (!ufs_extattr_valid_attrname(attrnamespace, name)) |
if (!ufs_extattr_valid_attrname(attrnamespace, name)) |
return (EINVAL); |
return (EINVAL); |
|
|
error = extattr_check_cred(vp, attrnamespace, cred, l, IWRITE); |
error = internal_extattr_check_cred(vp, attrnamespace, name, cred, |
|
VWRITE); |
if (error) |
if (error) |
return (error); |
return (error); |
|
|
Line 1451 ufs_extattr_rm(struct vnode *vp, int att |
|
Line 1511 ufs_extattr_rm(struct vnode *vp, int att |
|
if (!ufs_extattr_valid_attrname(attrnamespace, name)) |
if (!ufs_extattr_valid_attrname(attrnamespace, name)) |
return (EINVAL); |
return (EINVAL); |
|
|
error = extattr_check_cred(vp, attrnamespace, cred, l, IWRITE); |
error = internal_extattr_check_cred(vp, attrnamespace, name, cred, |
|
VWRITE); |
if (error) |
if (error) |
return (error); |
return (error); |
|
|