Hi Christian,
On Thu, May 11, 2023 at 5:10 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
Add the four syscalls setxattrat(), getxattrat(), listxattrat() and
removexattrat(). Those can be used to operate on extended attributes,
especially security related ones, either relative to a pinned directory
or on a file descriptor without read access, avoiding a
/proc/<pid>/fd/<fd> detour, requiring a mounted procfs.
One use case will be setfiles(8) setting SELinux file contexts
("security.selinux") without race conditions.
Add XATTR flags to the private namespace of AT_* flags.
Use the do_{name}at() pattern from fs/open.c.
Use a single flag parameter for extended attribute flags (currently
XATTR_CREATE and XATTR_REPLACE) and *at() flags to not exceed six
syscall arguments in setxattrat().
Previous approach ("f*xattr: allow O_PATH descriptors"): https://lore.kernel.org/all/20220607153139.35588-1-cgzones@xxxxxxxxxxxxxx/
v1 discussion: https://lore.kernel.org/all/20220830152858.14866-2-cgzones@xxxxxxxxxxxxxx/
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Thanks for your patch!
The syscall numbers conflict with those used in "[PATCH] cachestat:
wire up cachestat for other architectures", so this needs some
synchronization.
https://lore.kernel.org/linux-sh/20230510195806.2902878-1-nphamcs@xxxxxxxxx
arch/m68k/kernel/syscalls/syscall.tbl | 4 +
For m68k:
Acked-by: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
