staging: lustre: llite: Setting xattr are properly checked with and without ACLs

Setting extended attributes permissions are properly checked with and without ACLs. In user.* namespace, only regular files and directories can have extended attributes. For sticky directories, only the owner and privileged user can write attributes. Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com> Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-1482 Reviewed-on: http://review.whamcloud.com/21496 Reviewed-by: John L. Hammond <john.hammond@intel.com> Reviewed-by: Alex Zhuravlev <alexey.zhuravlev@intel.com> Reviewed-by: Oleg Drokin <oleg.drokin@intel.com> Signed-off-by: James Simmons <jsimmons@infradead.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Dmitry Eremin <dmitry.eremin@intel.com> 2017-01-28 19:04:57 -0500
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2017-02-03 07:01:37 -0500
commit: 07b71df1496b602ca36af42a6e217cde7ba6902c (patch)
tree: dcf414557fc58d8b72bbaa7dd57b7f926de4b218
parent: aad88bde74dc8530a5a8332a78f608f8e66cd038 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c
index 7a848ebc57c1..421cc04ecf1e 100644
--- a/drivers/staging/lustre/lustre/llite/xattr.c
+++ b/drivers/staging/lustre/lustre/llite/xattr.c
@@ -132,6 +132,15 @@ ll_xattr_set_common(const struct xattr_handler *handler,
            (!strcmp(name, "ima") || !strcmp(name, "evm")))
                return -EOPNOTSUPP;
+        /*
+         * In user.* namespace, only regular files and directories can have
+         * extended attributes.
+         */
+        if (handler->flags == XATTR_USER_T) {
+                if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
+                        return -EPERM;
+        }
        sprintf(fullname, "%s%s\n", handler->prefix, name);
        rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode),
                         valid, fullname, pv, size, 0, flags,
author	Dmitry Eremin <dmitry.eremin@intel.com>	2017-01-28 19:04:57 -0500
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2017-02-03 07:01:37 -0500
commit	07b71df1496b602ca36af42a6e217cde7ba6902c (patch)
tree	dcf414557fc58d8b72bbaa7dd57b7f926de4b218
parent	aad88bde74dc8530a5a8332a78f608f8e66cd038 (diff)

diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c index 7a848ebc57c1..421cc04ecf1e 100644 --- a/drivers/staging/lustre/lustre/llite/xattr.c +++ b/drivers/staging/lustre/lustre/llite/xattr.c
@@ -132,6 +132,15 @@ ll_xattr_set_common(const struct xattr_handler *handler,
132	(!strcmp(name, "ima") \|\| !strcmp(name, "evm")))	132	(!strcmp(name, "ima") \|\| !strcmp(name, "evm")))
133	return -EOPNOTSUPP;	133	return -EOPNOTSUPP;
134		134
		135	/*
		136	* In user.* namespace, only regular files and directories can have
		137	* extended attributes.
		138	*/
		139	if (handler->flags == XATTR_USER_T) {
		140	if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
		141	return -EPERM;
		142	}
		143
135	sprintf(fullname, "%s%s\n", handler->prefix, name);	144	sprintf(fullname, "%s%s\n", handler->prefix, name);
136	rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode),	145	rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode),
137	valid, fullname, pv, size, 0, flags,	146	valid, fullname, pv, size, 0, flags,