upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-10 09:11:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

linux(4): Return ENOTSUP from listxattr instead of EPERM

Browse source 
FreeBSD does not permits manipulating extended attributes in the system
namespace by unprivileged accounts, even if account has appropriate
privileges to access filesystem object.
In Linux the system namespace is used to preserve posix acls. Some Gnu
coreutils binaries uses posix acls, eg, install, ls, cp.  And fails if
we unexpectedly return EPERM error from xattr system calls.

In the other hands, in Linux read and write access to the system
namespace depend on the policy implemented for each filesystem, so we'll
mimics we're a filesystem that prohibits this for unpriveleged accounts.

Reported by:		zirias
Tested by:		zirias
MFC after:		1 week
This commit is contained in:
Dmitry Chagin 2023-09-05 11:52:27 +03:00
parent 18d1c86788
commit 11e37048db
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sys/compat/linux/linux_xattr.c
View file

@ -165,6 +165,8 @@ listxattr(struct thread *td, struct listxattr_args *args)
error = kern_extattr_list_fd(td, args->fd,
attrnamespace, &auio);
rs = sz - auio.uio_resid;
if (error == EPERM)
break;
if (error != 0 || rs == 0)
continue;
prefix = extattr_namespace_names[attrnamespace];