The patch titled xattr: fix error results for non-existent / invisible attributes has been removed from the -mm tree. Its filename was xattr-fix-error-results-for-non-existent-invisible-attributes.patch This patch was dropped because it was merged into mainline or a subsystem tree The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/ ------------------------------------------------------ Subject: xattr: fix error results for non-existent / invisible attributes From: Andreas Gruenbacher <agruen@xxxxxxxxxx> Return -ENODATA when trying to read a user.* attribute which cannot exist: user space otherwise does not have a reasonable way to distinguish between non-existent and inaccessible attributes. Likewise, return -ENODATA when an unprivileged process tries to read a trusted.* attribute: to unprivileged processes, those attributes are invisible (listxattr() won't include them). Related to this bug report: https://bugzilla.redhat.com/660613 Signed-off-by: Andreas Gruenbacher <agruen@xxxxxxxxxx> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Cc: Eric Paris <eparis@xxxxxxxxxx> Cc: Christoph Hellwig <hch@xxxxxx> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> --- fs/xattr.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff -puN fs/xattr.c~xattr-fix-error-results-for-non-existent-invisible-attributes fs/xattr.c --- a/fs/xattr.c~xattr-fix-error-results-for-non-existent-invisible-attributes +++ a/fs/xattr.c @@ -46,18 +46,22 @@ xattr_permission(struct inode *inode, co return 0; /* - * The trusted.* namespace can only be accessed by a privileged user. + * The trusted.* namespace can only be accessed by privileged users. */ - if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) - return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM); + if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) { + if (!capable(CAP_SYS_ADMIN)) + return (mask & MAY_WRITE) ? -EPERM : -ENODATA; + return 0; + } - /* In user.* namespace, only regular files and directories can have + /* + * In the user.* namespace, only regular files and directories can have * extended attributes. For sticky directories, only the owner and - * privileged user can write attributes. + * privileged users can write attributes. */ if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) { if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) - return -EPERM; + return (mask & MAY_WRITE) ? -EPERM : -ENODATA; if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) return -EPERM; _ Patches currently in -mm which might be from agruen@xxxxxxxxxx are linux-next.patch -- To unsubscribe from this list: send the line "unsubscribe mm-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html