From nobody Tue Sep 12 16:44:13 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4RlTv12XKwz4stxM;
	Tue, 12 Sep 2023 16:44:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4RlTv11pTVz3dm7;
	Tue, 12 Sep 2023 16:44:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1694537053;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Zel52JLvPLeU5A2eTCmLZdfdDWobqLRJADU5wK8N36U=;
	b=RELLaI6siF59CIGRQGbD+6L/i6EvwbqOcA3I6T3H9eTuZyZkYK+L3eS34masTDyADHbHqp
	tehBr8fzf26fdq0Lb85Qvvjbce6QUhJnUZET5wIu+TRWdOA+BbT/BZow16CjUVCRUrQHZZ
	8Y4A2gIoKO/jCNVbitMVUp8NmOB0rBjTmZnLj5TurS6fHBmMn7XYM0dxvJbLM7AxmkTLQm
	feJy7Y0DWixsSPQsl/vx1VaP8dmbonHrHVlh7LNiT81DyUq5omoUpHhUdlwkLuXfP961fI
	fT5QzI6oH6jVh8iulwIL4R2hGXn41IicZERKH0CIIgus3PbbWCdrVotNgu8yDQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1694537053; a=rsa-sha256; cv=none;
	b=CodyyTBR669gmIM7t78k6uDD+mFghyfm6e22zSD8PoFkHzC18BCKXr5dc961XqfN2W9lcC
	nqFcoSu89mK0QyspfzCvkgb+nj9tlqhABBnSRIHlzmXyfrT9UMwsY0N4F0YqKI+ctULmkV
	RYvfxzoA4kAhFQ0MuLCpfZtT8uZqbeFHzZLzi043xA6xDBcBcgGX7BZwp5Xk4hFZFxmtIX
	S/z8jJ86tFqHjd4oLK6SaM5Ig0JYe/0VWOVf7wRrZ+tnw7svSmqecwwGXi9GFOKij23Sj2
	oKi8/uxoBI8PS+aNF8qAqdEqTRtszIpK1Sw0N42qvpeWMWJ3nuRJt7GydCOmMw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1694537053;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=Zel52JLvPLeU5A2eTCmLZdfdDWobqLRJADU5wK8N36U=;
	b=Ntv83BGoLOsGsjj+Zp5c/0c1HjNZB0Tt7N6oNNFngD/CYYomVPd+VTUMWHpX4ueJZIZzGi
	e7IyjJZHTUCAuz2LEFHvuqFIpAaJWgXpz2voRdrIzXzyVLm0lw/OhbYz5IBB0xz1eP9Jcx
	X4+O5jsSt2sCzPxK1HrbS43Xi/pDQhUR3YlQROQmIQdnNCO1RUrLJoixXW7ORY8maNCot4
	F8cgcJspM32Er+kKMktMbIyPtL3aHerVM2XpE07hheJAia3qgILx62DGivXCaqvoQZNNaq
	WGJ4ZPE/YVDlRhOfZvWOcjNfeoi8b/8ePZfOrTK0ywp7osyVGFr3Bb1sXysmhg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4RlTv10mPbzfvW;
	Tue, 12 Sep 2023 16:44:13 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 38CGiDhY071097;
	Tue, 12 Sep 2023 16:44:13 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 38CGiDs8071094;
	Tue, 12 Sep 2023 16:44:13 GMT
	(envelope-from git)
Date: Tue, 12 Sep 2023 16:44:13 GMT
Message-Id: <202309121644.38CGiDs8071094@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Dmitry Chagin <dchagin@FreeBSD.org>
Subject: git: 108d330fe3a3 - releng/14.0 - linux(4): Return ENOTSUP
  from xattr syscalls instead of EPERM
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: dchagin
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: 108d330fe3a3e84ff86737a0ad6fa1de375023e8
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by dchagin:

URL: https://cgit.FreeBSD.org/src/commit/?id=108d330fe3a3e84ff86737a0ad6fa1de375023e8

commit 108d330fe3a3e84ff86737a0ad6fa1de375023e8
Author:     Dmitry Chagin <dchagin@FreeBSD.org>
AuthorDate: 2023-09-01 08:11:02 +0000
Commit:     Dmitry Chagin <dchagin@FreeBSD.org>
CommitDate: 2023-09-12 16:42:50 +0000

    linux(4): Return ENOTSUP from xattr syscalls instead of EPERM
    
    FreeBSD does not permits manipulating extended attributes in the system
    namespace by unprivileged accounts, even if account has appropriate
    privileges to access filesystem object.
    In Linux the system namespace is used to preserve posix acls. Some Gnu
    coreutils binaries uses posix acls, eg, install, ls.  And fails if we
    unexpectedly return EPERM error from xattr system calls.
    
    In the other hands, in Linux read and write access to the system
    namespace depend on the policy implemented for each filesystem, so we'll
    mimics we're a filesystem that prohibits this for unpriveleged accounts.
    
    Approved by:            re (gjb)
    Reported by:            zirias
    Tested by:              zirias
    MFC after:              1 week
    
    (cherry picked from commit 1bfc4574f78653e4b64ac9dd31518c96a17fe52b)
    (cherry picked from commit bce9c2e34006dd70fb77a72f8cce1ead8a01db9e)
---
 sys/compat/linux/linux_xattr.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/sys/compat/linux/linux_xattr.c b/sys/compat/linux/linux_xattr.c
index 2b46cf708c7d..74b47f1cbaec 100644
--- a/sys/compat/linux/linux_xattr.c
+++ b/sys/compat/linux/linux_xattr.c
@@ -87,6 +87,16 @@ struct removexattr_args {
 static char *extattr_namespace_names[] = EXTATTR_NAMESPACE_NAMES;
 
 
+static int
+error_to_xattrerror(int attrnamespace, int error)
+{
+
+	if (attrnamespace == EXTATTR_NAMESPACE_SYSTEM && error == EPERM)
+		return (ENOTSUP);
+	else
+		return (error);
+}
+
 static int
 xatrr_to_extattr(const char *uattrname, int *attrnamespace, char *attrname)
 {
@@ -188,7 +198,7 @@ listxattr(struct thread *td, struct listxattr_args *args)
 	if (error == 0)
 		td->td_retval[0] = cnt;
 	free(data, M_LINUX);
-	return (error);
+	return (error_to_xattrerror(attrnamespace, error));
 }
 
 int
@@ -248,7 +258,7 @@ removexattr(struct thread *td, struct removexattr_args *args)
 	else
 		error = kern_extattr_delete_fd(td, args->fd, attrnamespace,
 		    attrname);
-	return (error);
+	return (error_to_xattrerror(attrnamespace, error));
 }
 
 int
@@ -392,7 +402,7 @@ setxattr(struct thread *td, struct setxattr_args *args)
 		    attrname, args->value, args->size);
 out:
 	td->td_retval[0] = 0;
-	return (error);
+	return (error_to_xattrerror(attrnamespace, error));
 }
 
 int