| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250725-vfs-fileattr-fcfc534aac44@brauner>
Date: Fri, 25 Jul 2025 13:27:18 +0200
From: Christian Brauner <brauner@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Christian Brauner <brauner@...nel.org>,
linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [GIT PULL 12/14 for v6.17] vfs fileattr
Hey Linus,
/* Summary */
This introduces the new file_getattr() and file_setattr() system calls
after lengthy discussions. Both system calls serve as successors and
extensible companions to the FS_IOC_FSGETXATTR and FS_IOC_FSSETXATTR
system calls which have started to show their age in addition to being
named in a way that makes it easy to conflate them with extended
attribute related operations.
These syscalls allow userspace to set filesystem inode attributes on
special files. One of the usage examples is the XFS quota projects.
XFS has project quotas which could be attached to a directory. All new
inodes in these directories inherit project ID set on parent directory.
The project is created from userspace by opening and calling
FS_IOC_FSSETXATTR on each inode. This is not possible for special files
such as FIFO, SOCK, BLK etc. Therefore, some inodes are left with empty
project ID. Those inodes then are not shown in the quota accounting but
still exist in the directory. This is not critical but in the case when
special files are created in the directory with already existing project
quota, these new inodes inherit extended attributes. This creates a mix
of special files with and without attributes. Moreover, special files
with attributes don't have a possibility to become clear or change the
attributes. This, in turn, prevents userspace from re-creating quota
project on these existing files.
In addition, these new system calls allow the implementation of
additional attributes that we couldn't or didn't want to fit into the
legacy ioctls anymore.
/* Testing */
gcc (Debian 14.2.0-19) 14.2.0
Debian clang version 19.1.7 (3)
No build failures or warnings were observed.
/* Conflicts */
Merge conflicts with mainline
=============================
No known conflicts.
Merge conflicts with other trees
================================
No known conflicts.
The following changes since commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494:
Linux 6.16-rc1 (2025-06-08 13:44:43 -0700)
are available in the Git repository at:
git@...olite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs tags/vfs-6.17-rc1.fileattr
for you to fetch changes up to e85931d1cd699307e6a3f1060cbe4c42748f3fff:
fs: tighten a sanity check in file_attr_to_fileattr() (2025-07-16 10:22:01 +0200)
Please consider pulling these changes from the signed vfs-6.17-rc1.fileattr tag.
Thanks!
Christian
----------------------------------------------------------------
vfs-6.17-rc1.fileattr
----------------------------------------------------------------
Amir Goldstein (1):
fs: prepare for extending file_get/setattr()
Andrey Albershteyn (5):
fs: split fileattr related helpers into separate file
lsm: introduce new hooks for setting/getting inode fsxattr
selinux: implement inode_file_[g|s]etattr hooks
fs: make vfs_fileattr_[get|set] return -EOPNOTSUPP
fs: introduce file_getattr and file_setattr syscalls
Christian Brauner (2):
Merge patch series "fs: introduce file_getattr and file_setattr syscalls"
tree-wide: s/struct fileattr/struct file_kattr/g
Dan Carpenter (1):
fs: tighten a sanity check in file_attr_to_fileattr()
Documentation/filesystems/locking.rst | 4 +-
Documentation/filesystems/vfs.rst | 4 +-
arch/alpha/kernel/syscalls/syscall.tbl | 2 +
arch/arm/tools/syscall.tbl | 2 +
arch/arm64/tools/syscall_32.tbl | 2 +
arch/m68k/kernel/syscalls/syscall.tbl | 2 +
arch/microblaze/kernel/syscalls/syscall.tbl | 2 +
arch/mips/kernel/syscalls/syscall_n32.tbl | 2 +
arch/mips/kernel/syscalls/syscall_n64.tbl | 2 +
arch/mips/kernel/syscalls/syscall_o32.tbl | 2 +
arch/parisc/kernel/syscalls/syscall.tbl | 2 +
arch/powerpc/kernel/syscalls/syscall.tbl | 2 +
arch/s390/kernel/syscalls/syscall.tbl | 2 +
arch/sh/kernel/syscalls/syscall.tbl | 2 +
arch/sparc/kernel/syscalls/syscall.tbl | 2 +
arch/x86/entry/syscalls/syscall_32.tbl | 2 +
arch/x86/entry/syscalls/syscall_64.tbl | 2 +
arch/xtensa/kernel/syscalls/syscall.tbl | 2 +
fs/Makefile | 3 +-
fs/bcachefs/fs.c | 4 +-
fs/btrfs/ioctl.c | 4 +-
fs/btrfs/ioctl.h | 6 +-
fs/ecryptfs/inode.c | 4 +-
fs/efivarfs/inode.c | 4 +-
fs/ext2/ext2.h | 4 +-
fs/ext2/ioctl.c | 4 +-
fs/ext4/ext4.h | 4 +-
fs/ext4/ioctl.c | 4 +-
fs/f2fs/f2fs.h | 4 +-
fs/f2fs/file.c | 4 +-
fs/file_attr.c | 498 ++++++++++++++++++++++++++++
fs/fuse/fuse_i.h | 4 +-
fs/fuse/ioctl.c | 8 +-
fs/gfs2/file.c | 4 +-
fs/gfs2/inode.h | 4 +-
fs/hfsplus/hfsplus_fs.h | 4 +-
fs/hfsplus/inode.c | 4 +-
fs/ioctl.c | 309 -----------------
fs/jfs/ioctl.c | 4 +-
fs/jfs/jfs_inode.h | 4 +-
fs/nilfs2/ioctl.c | 4 +-
fs/nilfs2/nilfs.h | 4 +-
fs/ocfs2/ioctl.c | 4 +-
fs/ocfs2/ioctl.h | 4 +-
fs/orangefs/inode.c | 4 +-
fs/overlayfs/copy_up.c | 6 +-
fs/overlayfs/inode.c | 17 +-
fs/overlayfs/overlayfs.h | 10 +-
fs/overlayfs/util.c | 2 +-
fs/ubifs/ioctl.c | 4 +-
fs/ubifs/ubifs.h | 4 +-
fs/xfs/xfs_ioctl.c | 18 +-
fs/xfs/xfs_ioctl.h | 4 +-
include/linux/fileattr.h | 38 ++-
include/linux/fs.h | 6 +-
include/linux/lsm_hook_defs.h | 2 +
include/linux/security.h | 16 +
include/linux/syscalls.h | 7 +
include/uapi/asm-generic/unistd.h | 8 +-
include/uapi/linux/fs.h | 18 +
mm/shmem.c | 4 +-
scripts/syscall.tbl | 2 +
security/security.c | 30 ++
security/selinux/hooks.c | 14 +
64 files changed, 752 insertions(+), 410 deletions(-)
create mode 100644 fs/file_attr.c
Powered by blists - more mailing lists