[dump.git] / restore / xattr.c

/*
 * Copyright (c) 1999-2004
 *	Stelian Pop <stelian@popies.net>, 1999-2004
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of the University nor the names of its contributors
 *    may be used to endorse or promote products derived from this software
 *    without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#ifndef lint
static const char rcsid[] =
	"$Id: xattr.c,v 1.7 2010/06/11 11:19:17 stelian Exp $";
#endif /* not lint */

#include <config.h>
#include <compatlfs.h>
#include <compaterr.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <bsdcompat.h>
#include <protocols/dumprestore.h>
#ifdef TRANSSELINUX			/*GAN6May06 SELinux MLS */
# include <selinux/selinux.h>
#endif
#include "restore.h"
#include "extern.h"
#include "pathnames.h"

/*
 * Data structures below taken from the kernel
 */

/* Maximum number of references to one attribute block */
#define EXT2_XATTR_REFCOUNT_MAX		1024

/* Name indexes */
#define EXT2_XATTR_INDEX_MAX			10
#define EXT2_XATTR_INDEX_USER			1
#define EXT2_XATTR_INDEX_POSIX_ACL_ACCESS	2
#define EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT	3
#define EXT2_XATTR_INDEX_TRUSTED		4
#define	EXT2_XATTR_INDEX_LUSTRE			5
#define EXT2_XATTR_INDEX_SECURITY	        6

struct ext2_xattr_header {
	u_int32_t	h_magic;	/* magic number for identification */
	u_int32_t	h_refcount;	/* reference count */
	u_int32_t	h_blocks;	/* number of disk blocks used */
	u_int32_t	h_hash;		/* hash value of all attributes */
	u_int32_t	h_reserved[4];	/* zero right now */
};

struct ext3_xattr_ibody_header {
	u_int32_t	h_magic;	/* magic number for identification */
};

struct ext2_xattr_entry {
	u_char		e_name_len;	/* length of name */
	u_char		e_name_index;	/* attribute name index */
	u_int16_t	e_value_offs;	/* offset in disk block of value */
	u_int32_t	e_value_block;	/* disk block attribute is stored on (n/i) */
	u_int32_t	e_value_size;	/* size of attribute value */
	u_int32_t	e_hash;		/* hash value of name and value */
	char		e_name[0];	/* attribute name */
};

#define EXT2_XATTR_PAD_BITS		2
#define EXT2_XATTR_PAD		(1<<EXT2_XATTR_PAD_BITS)
#define EXT2_XATTR_ROUND		(EXT2_XATTR_PAD-1)
#ifndef EXT2_XATTR_LEN
#define EXT2_XATTR_LEN(name_len) \
	(((name_len) + EXT2_XATTR_ROUND + \
	sizeof(struct ext2_xattr_entry)) & ~EXT2_XATTR_ROUND)
#endif
#define EXT2_XATTR_NEXT(entry) \
	( (struct ext2_xattr_entry *)( \
	  (char *)(entry) + EXT2_XATTR_LEN((entry)->e_name_len)) )
#define EXT3_XATTR_SIZE(size) \
	(((size) + EXT2_XATTR_ROUND) & ~EXT2_XATTR_ROUND)

#define HDR(buffer) ((struct ext2_xattr_header *)(buffer))
#define ENTRY(ptr) ((struct ext2_xattr_entry *)(ptr))
#define IS_LAST_ENTRY(entry) (*(__u32 *)(entry) == 0)

#define BFIRST(buffer) ENTRY(HDR(buffer)+1)
#define IFIRST(buffer) ENTRY(((struct ext3_xattr_ibody_header *)(buffer))+1)

#define FIRST_ENTRY(buffer) \
	((HDR(buffer)->h_magic == EXT2_XATTR_MAGIC2) ? \
		IFIRST(buffer) : \
		BFIRST(buffer))

/*
 * On-block xattr value offsets start at the beginning of the block, but
 * on-inode xattr value offsets start after the initial header 
 * (ext3_xattr_ibody_header).
 */
#define VALUE_OFFSET(buffer, entry) \
	(((HDR(buffer)->h_magic == EXT2_XATTR_MAGIC2) ? \
		(entry)->e_value_offs + sizeof(struct ext3_xattr_ibody_header) : \
		(entry)->e_value_offs))
	
/*
 * xattr syscalls do not exist yet in libc, get our own copy here,
 * taken from libattr.
 */
#if defined (__i386__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		227
# define __NR_lgetxattr		230
# define __NR_llistxattr	233
#elif defined (__sparc__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		170
# define __NR_lgetxattr		173
# define __NR_llistxattr	179
#elif defined (__ia64__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		1218
# define __NR_lgetxattr		1221
# define __NR_llistxattr	1224
#elif defined (__powerpc__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		210
# define __NR_lgetxattr		213
# define __NR_llistxattr	216
#elif defined (__x86_64__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		189
# define __NR_lgetxattr		192
# define __NR_llistxattr	195
#elif defined (__s390__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		225
# define __NR_lgetxattr		228
# define __NR_llistxattr	231
#elif defined (__arm__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_SYSCALL_BASE 0x900000
# define __NR_lsetxattr		(__NR_SYSCALL_BASE+227)
# define __NR_lgetxattr		(__NR_SYSCALL_BASE+230)
# define __NR_llistxattr	(__NR_SYSCALL_BASE+233)
#elif defined (__mips64__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_Linux 5000
# define __NR_lsetxattr		(__NR_Linux + 218)
# define __NR_lgetxattr		(__NR_Linux + 221)
# define __NR_llistxattr	(__NR_Linux + 224)
#elif defined (__mips__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_Linux 4000
# define __NR_lsetxattr		(__NR_Linux + 225)
# define __NR_lgetxattr		(__NR_Linux + 228)
# define __NR_llistxattr	(__NR_Linux + 231)
#elif defined (__alpha__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		383
# define __NR_lgetxattr		386
# define __NR_llistxattr	389
#elif defined (__mc68000__)
# define HAVE_XATTR_SYSCALLS 1
# define __NR_lsetxattr		224
# define __NR_lgetxattr		227
# define __NR_llistxattr	230
#else
# warning "Extended attribute syscalls undefined for this architecture"
# define HAVE_XATTR_SYSCALLS 0
#endif

#if HAVE_XATTR_SYSCALLS
# define SYSCALL(args...)	syscall(args)
#else
# define SYSCALL(args...)	( errno = ENOSYS, -1 )
#endif

static int lsetxattr __P((const char *, const char *, void *, size_t, int));
static ssize_t lgetxattr __P((const char *, const char *, void *, size_t));
static ssize_t llistxattr __P((const char *, char *, size_t));
static int xattr_cb_list __P((char *, char *, int, int, void *));
static int xattr_cb_set __P((char *, char *, int, int, void *));
static int xattr_cb_compare __P((char *, char *, int, int, void *));
static int xattr_verify __P((char *));
static int xattr_count __P((char *, int *));
static int xattr_walk __P((char *, int (*)(char *, char *, int, int, void *), void *));

static int
lsetxattr(const char *path, const char *name, void *value, size_t size, int flags)
{
	return SYSCALL(__NR_lsetxattr, path, name, value, size, flags);
}

static ssize_t
lgetxattr(const char *path, const char *name, void *value, size_t size)
{
	return SYSCALL(__NR_lgetxattr, path, name, value, size);
}

static ssize_t
llistxattr(const char *path, char *list, size_t size)
{
	return SYSCALL(__NR_llistxattr, path, list, size);
}

#define POSIX_ACL_XATTR_VERSION 0x0002

#define ACL_UNDEFINED_ID        (-1)

#define ACL_USER_OBJ            (0x01)
#define ACL_USER                (0x02)
#define ACL_GROUP_OBJ           (0x04)
#define ACL_GROUP               (0x08)
#define ACL_MASK                (0x10)
#define ACL_OTHER               (0x20)

typedef struct {
	u_int16_t	e_tag;
	u_int16_t	e_perm;
	u_int32_t	e_id;
} posix_acl_xattr_entry;

typedef struct {
	u_int32_t		a_version;
	posix_acl_xattr_entry	a_entries[0];
} posix_acl_xattr_header;

static inline size_t
posix_acl_xattr_size(int count)
{
	return (sizeof(posix_acl_xattr_header) +
		(count * sizeof(posix_acl_xattr_entry)));
}

struct posix_acl_entry {
	short		e_tag;
	unsigned short	e_perm;
	unsigned int	e_id;
};

struct posix_acl {
	unsigned int		a_count;
	struct posix_acl_entry	a_entries[0];
};

#define EXT3_ACL_VERSION        0x0001

typedef struct {
	u_int16_t	e_tag;
	u_int16_t	e_perm;
	u_int32_t	e_id;
} ext3_acl_entry;

typedef struct {
	u_int16_t	e_tag;
	u_int16_t	e_perm;
} ext3_acl_entry_short;

typedef struct {
	u_int32_t	a_version;
} ext3_acl_header;

static inline int ext3_acl_count(size_t size)
{
	ssize_t s;
	size -= sizeof(ext3_acl_header);
	s = size - 4 * sizeof(ext3_acl_entry_short);
	if (s < 0) {
		if (size % sizeof(ext3_acl_entry_short))
			return -1;
		return size / sizeof(ext3_acl_entry_short);
	} else {
		if (s % sizeof(ext3_acl_entry))
			return -1;
		return s / sizeof(ext3_acl_entry) + 4;
	}
}

int
posix_acl_to_xattr(const struct posix_acl *acl, void *buffer, size_t size) {
	posix_acl_xattr_header *ext_acl = (posix_acl_xattr_header *)buffer;
	posix_acl_xattr_entry *ext_entry = ext_acl->a_entries;
	int real_size, n;

	real_size = posix_acl_xattr_size(acl->a_count);
	if (!buffer)
		return real_size;
	if (real_size > size) {
		fprintf(stderr, "ACL: not enough space to convert (%d %d)\n", real_size, (int)size);
		return -1;
	}

	ext_acl->a_version = POSIX_ACL_XATTR_VERSION;
#if BYTE_ORDER == BIG_ENDIAN
	swabst("1i", (u_char *)ext_acl);
#endif

	for (n=0; n < acl->a_count; n++, ext_entry++) {
		ext_entry->e_tag  = acl->a_entries[n].e_tag;
		ext_entry->e_perm = acl->a_entries[n].e_perm;
		ext_entry->e_id   = acl->a_entries[n].e_id;
#if BYTE_ORDER == BIG_ENDIAN
		swabst("2s1i", (u_char *)ext_entry);
#endif
	}
	return real_size;
}

static struct posix_acl *
ext3_acl_from_disk(const void *value, size_t size)
{
	const char *end = (char *)value + size;
	int n, count;
	struct posix_acl *acl;

	if (!value)
		return NULL;
	if (size < sizeof(ext3_acl_header)) {
		fprintf(stderr, "ACL size too little\n");
		return NULL;
	}
#if BYTE_ORDER == BIG_ENDIAN
	swabst("1i", (u_char *)value);
#endif
	if (((ext3_acl_header *)value)->a_version != EXT3_ACL_VERSION) {
		fprintf(stderr, "ACL version unknown\n");
		return NULL;
	}
	value = (char *)value + sizeof(ext3_acl_header);
	count = ext3_acl_count(size);
	if (count < 0) {
		fprintf(stderr, "ACL bad count\n");
		return NULL;
	}
	if (count == 0)
		return NULL;
	acl = malloc(sizeof(struct posix_acl) + count * sizeof(struct posix_acl_entry));
	if (!acl) {
		fprintf(stderr, "ACL malloc failed\n");
		return NULL;
	}
	acl->a_count = count;

	for (n=0; n < count; n++) {
		ext3_acl_entry *entry = (ext3_acl_entry *)value;
#if BYTE_ORDER == BIG_ENDIAN
		swabst("2s", (u_char *)entry);
#endif
		if ((char *)value + sizeof(ext3_acl_entry_short) > end)
			goto fail;
		acl->a_entries[n].e_tag  = entry->e_tag;
		acl->a_entries[n].e_perm = entry->e_perm;
		switch(acl->a_entries[n].e_tag) {
		case ACL_USER_OBJ:
		case ACL_GROUP_OBJ:
		case ACL_MASK:
		case ACL_OTHER:
			value = (char *)value + sizeof(ext3_acl_entry_short);
			acl->a_entries[n].e_id = ACL_UNDEFINED_ID;
			break;

		case ACL_USER:
		case ACL_GROUP:
#if BYTE_ORDER == BIG_ENDIAN
			swabst("4b1i", (u_char *)entry);
#endif
			value = (char *)value + sizeof(ext3_acl_entry);
			if ((char *)value > end)
				goto fail;
			acl->a_entries[n].e_id = entry->e_id;
			break;

		default:
			goto fail;
		}
	}
	if (value != end)
		goto fail;
	return acl;

fail:
	fprintf(stderr, "ACL bad entry\n");
	free(acl);
	return NULL;
}

/*
 * Dump code starts here :)
 */

static int
xattr_cb_list(char *name, char *value, int valuelen, int isSELinux, void *private)
{
	isSELinux;
	value[valuelen] = '\0';
	printf("EA: %s:%s\n", name, value);

	return GOOD;
}

static int
xattr_cb_set(char *name, char *value, int valuelen, int isSELinux, void *private)
{
	char *path = (char *)private;
	int err;

	if (Nflag)
		return GOOD;

	isSELinux;
#ifdef TRANSSELINUX			/*GAN6May06 SELinux MLS */
	if (isSELinux)
		err = lsetfilecon(path, value);
	else
#endif
		err = lsetxattr(path, name, value, valuelen, 0);
	
	if (err) {
		warn("%s: EA set %s:%s failed", path, name, value);
		return FAIL;
	}
	
	return GOOD;
}

static int
xattr_cb_compare(char *name, char *value, int valuelen, int isSELinux, void *private)
{
	char *path = (char *)private;
	char valuef[XATTR_MAXSIZE];
	int valuesz;
	
	isSELinux;
#ifdef TRANSSELINUX			/*GAN6May06 SELinux MLS */
	if (isSELinux)
	{
		security_context_t con = NULL;
		
		if (lgetfilecon(path, &con) < 0) {
			warn("%s: EA compare lgetfilecon failed\n", path);
			return FAIL;
		}
		
		valuesz = strlen(con) + 1;
		valuef[0] = 0;
		strncat(valuef, con, sizeof(valuef) - 1);
		freecon(con);
	}
	else {
#endif
		valuesz = lgetxattr(path, name, valuef, XATTR_MAXSIZE);
		if (valuesz < 0) {
			warn("%s: EA compare lgetxattr failed\n", path);
			return FAIL;
		}
#ifdef TRANSSELINUX			/*GAN6May06 SELinux MLS */
	}
#endif
	
	if (valuesz != valuelen || memcmp(value, valuef, valuelen)) {
		/* GAN24May06: show name and new value for user to compare */
		fprintf(stderr, "%s: EA %s:%s value changed to %s\n", path, name, value, valuef);
		return FAIL;
	}

	return GOOD;
}

static int
xattr_verify(char *buffer)
{
	struct ext2_xattr_entry *entry;
	char *end;

	end = buffer + XATTR_MAXSIZE;

#if BYTE_ORDER == BIG_ENDIAN
	swabst("4i", (u_char *)buffer);
#endif

	if (HDR(buffer)->h_magic != EXT2_XATTR_MAGIC &&
	    HDR(buffer)->h_magic != EXT2_XATTR_MAGIC2) {
		fprintf(stderr, "error in EA block 1\n");
		fprintf(stderr, "magic = %x\n", HDR(buffer)->h_magic);
		
		return FAIL;
	}

	/* check the on-disk data structure */
	entry = FIRST_ENTRY(buffer);
#if BYTE_ORDER == BIG_ENDIAN
	swabst("2b1s3i", (u_char *)entry);
#endif
	while (!IS_LAST_ENTRY(entry)) {
		struct ext2_xattr_entry *next = EXT2_XATTR_NEXT(entry);

		if ((char *)next >= end) {
			fprintf(stderr, "error in EA block\n");
			return FAIL;
		}
		entry = next;
#if BYTE_ORDER == BIG_ENDIAN
		swabst("2b1s3i", (u_char *)entry);
#endif
	}
	return GOOD;
}

static int
xattr_count(char *buffer, int *count)
{
	struct ext2_xattr_entry *entry;
	int result = 0;

	/* list the attribute names */
	for (entry = FIRST_ENTRY(buffer); !IS_LAST_ENTRY(entry);
	     entry = EXT2_XATTR_NEXT(entry))
		result++;

	*count = result;
	return GOOD;
}

static int
xattr_walk(char *buffer, int (*xattr_cb)(char *, char *, int, int, void *), void *private)
{
	struct ext2_xattr_entry *entry;

	/* list the attribute names */
	for (entry = FIRST_ENTRY(buffer); !IS_LAST_ENTRY(entry);
	     entry = EXT2_XATTR_NEXT(entry)) {
	     	char name[XATTR_MAXSIZE], value[XATTR_MAXSIZE];
		int size;
		int off;
		int convertacl = 0;
		int convertcon = 0;

		switch (entry->e_name_index) {
		case EXT2_XATTR_INDEX_USER:
			strcpy(name, "user.");
			break;
		case EXT2_XATTR_INDEX_POSIX_ACL_ACCESS:
			strcpy(name, "system.posix_acl_access");
			convertacl = 1;
			break;
		case EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT:
			strcpy(name, "system.posix_acl_default");
			convertacl = 1;
			break;
		case EXT2_XATTR_INDEX_TRUSTED:
			strcpy(name, "trusted.");
			break;
		case EXT2_XATTR_INDEX_LUSTRE:
			strcpy(name, "lustre.");
			break;
		case EXT2_XATTR_INDEX_SECURITY:
			strcpy(name, "security.");
#ifdef TRANSSELINUX			/*GAN6May06 SELinux MLS */
			convertcon = transselinuxflag;
#endif
			break;
		default:
			fprintf(stderr, "Unknown EA index\n");
			return FAIL;
		}

		off = strlen(name);
		memcpy(name + off, entry->e_name, entry->e_name_len);
		name[off + entry->e_name_len] = '\0';
		size = entry->e_value_size;

		memcpy(value, buffer + VALUE_OFFSET(buffer, entry), size);

		if (convertacl) {
			struct posix_acl *acl;

			acl = ext3_acl_from_disk(value, size);
			if (!acl)
				return FAIL;
			size = posix_acl_to_xattr(acl, value, XATTR_MAXSIZE);
			if (size < 0)
				return FAIL;
			free(acl);
		}
		
#ifdef TRANSSELINUX			/*GAN6May06 SELinux MLS */
		if (convertcon  &&  strcmp(name, "security.selinux"))
			convertcon = 0;	/*GAN24May06 only for selinux */
		
		if (convertcon)
		{
			security_context_t con = NULL;
			int err;
			
			if (!transselinuxarg)
				err = security_canonicalize_context(value, &con);
			else {
				strncat(value, transselinuxarg, sizeof(value) - 1);
				err = security_canonicalize_context_raw(value, &con);
			}
			
			if (err < 0) {
				warn("%s: EA canonicalize failed\n", value);
				return FAIL;
			}

			size = strlen(con) + 1;
			value[0] = 0;
			strncat(value, con, sizeof(value) - 1);
			freecon(con);
		}
#endif

		if (xattr_cb(name, value, size, convertcon, private) != GOOD)
			return FAIL;
	}

	return GOOD;
}

int
xattr_compare(char *path, char *buffer)
{
	int countf, countt;
	char *names = NULL, *end_names, *name;

	countf = llistxattr(path, NULL, 0);
	if (countf < 0) {
		warn("%s: llistxattr failed", path);
		return FAIL;
	}

	names = malloc(countf + 1);
	if (!names) {
		warn("%s: llistxattr failed", path);
		return FAIL;
	}

	countf = llistxattr(path, names, countf);
	if (countf < 0) {
		warn("%s: llistxattr failed", path);
		free(names);
		return FAIL;
	}

	names[countf] = '\0';
	end_names = names + countf;

	countf = 0;
	for (name = names; name != end_names; name = strchr(name, '\0') + 1) {
		if (!*name)
			continue;
		countf++;
	}

	free(names);

	if (buffer) {
		if (xattr_verify(buffer) == FAIL)
			return FAIL;

		if (xattr_count(buffer, &countt) == FAIL)
			return FAIL;
	}
	else
		countt = 0;

	if (countf != countt) {
		fprintf(stderr, "%s: EA count changed from %d to %d\n", path, countt, countf);
		return FAIL;
	}

	if (!buffer)
		return GOOD;

	return xattr_walk(buffer, xattr_cb_compare, path);
}

int
xattr_extract(char *path, char *buffer)
{
	if (dflag) {
		fprintf(stderr, "xattr_extract(%s)\n", path);
		xattr_walk(buffer, xattr_cb_list, NULL);
	}

	if (xattr_verify(buffer) == FAIL)
		return FAIL;

	return xattr_walk(buffer, xattr_cb_set, path);
}
Commit	Line	Data
cca7148b SP	1	/*
	2	* Copyright (c) 1999-2004
	3	* Stelian Pop <stelian@popies.net>, 1999-2004
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	* 1. Redistributions of source code must retain the above copyright
	9	* notice, this list of conditions and the following disclaimer.
	10	* 2. Redistributions in binary form must reproduce the above copyright
	11	* notice, this list of conditions and the following disclaimer in the
	12	* documentation and/or other materials provided with the distribution.
	13	* 3. Neither the name of the University nor the names of its contributors
	14	* may be used to endorse or promote products derived from this software
	15	* without specific prior written permission.
	16	*
	17	* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
	18	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	19	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	20	* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	21	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	22	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	23	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	24	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	25	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	26	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	27	* SUCH DAMAGE.
	28	*/
	29
	30	#ifndef lint
	31	static const char rcsid[] =
67febcc5	32	"$Id: xattr.c,v 1.7 2010/06/11 11:19:17 stelian Exp $";
cca7148b SP	33	#endif /* not lint */
	34
	35	#include <config.h>
	36	#include <compatlfs.h>
	37	#include <compaterr.h>
	38	#include <sys/types.h>
	39	#include <stdio.h>
	40	#include <stdlib.h>
	41	#include <string.h>
	42	#include <unistd.h>
	43	#include <errno.h>
	44	#include <bsdcompat.h>
	45	#include <protocols/dumprestore.h>
7f7d329e SP	46	#ifdef TRANSSELINUX /GAN6May06 SELinux MLS /
	47	# include <selinux/selinux.h>
	48	#endif
cca7148b SP	49	#include "restore.h"
	50	#include "extern.h"
	51	#include "pathnames.h"
	52
	53	/*
	54	* Data structures below taken from the kernel
	55	*/
	56
	57	/* Maximum number of references to one attribute block */
	58	#define EXT2_XATTR_REFCOUNT_MAX 1024
	59
	60	/* Name indexes */
	61	#define EXT2_XATTR_INDEX_MAX 10
	62	#define EXT2_XATTR_INDEX_USER 1
	63	#define EXT2_XATTR_INDEX_POSIX_ACL_ACCESS 2
	64	#define EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT 3
	65	#define EXT2_XATTR_INDEX_TRUSTED 4
	66	#define EXT2_XATTR_INDEX_LUSTRE 5
	67	#define EXT2_XATTR_INDEX_SECURITY 6
	68
	69	struct ext2_xattr_header {
	70	u_int32_t h_magic; /* magic number for identification */
	71	u_int32_t h_refcount; /* reference count */
	72	u_int32_t h_blocks; /* number of disk blocks used */
	73	u_int32_t h_hash; /* hash value of all attributes */
	74	u_int32_t h_reserved[4]; /* zero right now */
	75	};
	76
	77	struct ext3_xattr_ibody_header {
	78	u_int32_t h_magic; /* magic number for identification */
	79	};
	80
	81	struct ext2_xattr_entry {
	82	u_char e_name_len; /* length of name */
	83	u_char e_name_index; /* attribute name index */
	84	u_int16_t e_value_offs; /* offset in disk block of value */
	85	u_int32_t e_value_block; /* disk block attribute is stored on (n/i) */
	86	u_int32_t e_value_size; /* size of attribute value */
	87	u_int32_t e_hash; /* hash value of name and value */
	88	char e_name[0]; /* attribute name */
	89	};
	90
	91	#define EXT2_XATTR_PAD_BITS 2
	92	#define EXT2_XATTR_PAD (1<<EXT2_XATTR_PAD_BITS)
	93	#define EXT2_XATTR_ROUND (EXT2_XATTR_PAD-1)
67febcc5	94	#ifndef EXT2_XATTR_LEN
cca7148b SP	95	#define EXT2_XATTR_LEN(name_len) \
	96	(((name_len) + EXT2_XATTR_ROUND + \
	97	sizeof(struct ext2_xattr_entry)) & ~EXT2_XATTR_ROUND)
67febcc5	98	#endif
cca7148b SP	99	#define EXT2_XATTR_NEXT(entry) \
	100	( (struct ext2_xattr_entry *)( \
	101	(char *)(entry) + EXT2_XATTR_LEN((entry)->e_name_len)) )
	102	#define EXT3_XATTR_SIZE(size) \
	103	(((size) + EXT2_XATTR_ROUND) & ~EXT2_XATTR_ROUND)
	104
	105	#define HDR(buffer) ((struct ext2_xattr_header *)(buffer))
	106	#define ENTRY(ptr) ((struct ext2_xattr_entry *)(ptr))
	107	#define IS_LAST_ENTRY(entry) ((__u32 )(entry) == 0)
	108
	109	#define BFIRST(buffer) ENTRY(HDR(buffer)+1)
	110	#define IFIRST(buffer) ENTRY(((struct ext3_xattr_ibody_header *)(buffer))+1)
	111
	112	#define FIRST_ENTRY(buffer) \
	113	((HDR(buffer)->h_magic == EXT2_XATTR_MAGIC2) ? \
	114	IFIRST(buffer) : \
	115	BFIRST(buffer))
	116
	117	/*
	118	* On-block xattr value offsets start at the beginning of the block, but
	119	* on-inode xattr value offsets start after the initial header
	120	* (ext3_xattr_ibody_header).
	121	*/
	122	#define VALUE_OFFSET(buffer, entry) \
	123	(((HDR(buffer)->h_magic == EXT2_XATTR_MAGIC2) ? \
	124	(entry)->e_value_offs + sizeof(struct ext3_xattr_ibody_header) : \
	125	(entry)->e_value_offs))
	126
	127	/*
	128	* xattr syscalls do not exist yet in libc, get our own copy here,
	129	* taken from libattr.
	130	*/
	131	#if defined (__i386__)
	132	# define HAVE_XATTR_SYSCALLS 1
	133	# define __NR_lsetxattr 227
	134	# define __NR_lgetxattr 230
	135	# define __NR_llistxattr 233
	136	#elif defined (__sparc__)
	137	# define HAVE_XATTR_SYSCALLS 1
	138	# define __NR_lsetxattr 170
	139	# define __NR_lgetxattr 173
	140	# define __NR_llistxattr 179
	141	#elif defined (__ia64__)
	142	# define HAVE_XATTR_SYSCALLS 1
	143	# define __NR_lsetxattr 1218
	144	# define __NR_lgetxattr 1221
	145	# define __NR_llistxattr 1224
	146	#elif defined (__powerpc__)
	147	# define HAVE_XATTR_SYSCALLS 1
	148	# define __NR_lsetxattr 210
	149	# define __NR_lgetxattr 213
	150	# define __NR_llistxattr 216
	151	#elif defined (__x86_64__)
	152	# define HAVE_XATTR_SYSCALLS 1
	153	# define __NR_lsetxattr 189
	154	# define __NR_lgetxattr 192
	155	# define __NR_llistxattr 195
	156	#elif defined (__s390__)
	157	# define HAVE_XATTR_SYSCALLS 1
	158	# define __NR_lsetxattr 225
	159	# define __NR_lgetxattr 228
	160	# define __NR_llistxattr 231
	161	#elif defined (__arm__)
	162	# define HAVE_XATTR_SYSCALLS 1
163	# define __NR_SYSCALL_BASE 0x900000
164	# define __NR_lsetxattr (__NR_SYSCALL_BASE+227)
165	# define __NR_lgetxattr (__NR_SYSCALL_BASE+230)
166	# define __NR_llistxattr (__NR_SYSCALL_BASE+233)
167	#elif defined (__mips64__)
168	# define HAVE_XATTR_SYSCALLS 1
169	# define __NR_Linux 5000
170	# define __NR_lsetxattr (__NR_Linux + 218)
171	# define __NR_lgetxattr (__NR_Linux + 221)
172	# define __NR_llistxattr (__NR_Linux + 224)
173	#elif defined (__mips__)
174	# define HAVE_XATTR_SYSCALLS 1
175	# define __NR_Linux 4000
176	# define __NR_lsetxattr (__NR_Linux + 225)
177	# define __NR_lgetxattr (__NR_Linux + 228)
178	# define __NR_llistxattr (__NR_Linux + 231)
179	#elif defined (__alpha__)
180	# define HAVE_XATTR_SYSCALLS 1
181	# define __NR_lsetxattr 383
182	# define __NR_lgetxattr 386
183	# define __NR_llistxattr 389
184	#elif defined (__mc68000__)
185	# define HAVE_XATTR_SYSCALLS 1
186	# define __NR_lsetxattr 224
187	# define __NR_lgetxattr 227
188	# define __NR_llistxattr 230
189	#else
190	# warning "Extended attribute syscalls undefined for this architecture"
191	# define HAVE_XATTR_SYSCALLS 0
192	#endif
193
194	#if HAVE_XATTR_SYSCALLS
195	# define SYSCALL(args...) syscall(args)
196	#else
197	# define SYSCALL(args...) ( errno = ENOSYS, -1 )
198	#endif
199
200	static int lsetxattr __P((const char , const char , void *, size_t, int));
201	static ssize_t lgetxattr __P((const char , const char , void *, size_t));
202	static ssize_t llistxattr __P((const char , char , size_t));
7f7d329e SP	203	static int xattr_cb_list __P((char , char , int, int, void *));
	204	static int xattr_cb_set __P((char , char , int, int, void *));
	205	static int xattr_cb_compare __P((char , char , int, int, void *));
cca7148b SP	206	static int xattr_verify __P((char *));
cca7148b SP	207	static int xattr_count __P((char , int ));
7f7d329e	208	static int xattr_walk __P((char , int ()(char , char , int, int, void ), void ));
cca7148b SP	209
	210	static int
	211	lsetxattr(const char path, const char name, void *value, size_t size, int flags)
	212	{
	213	return SYSCALL(__NR_lsetxattr, path, name, value, size, flags);
	214	}
	215
	216	static ssize_t
	217	lgetxattr(const char path, const char name, void *value, size_t size)
	218	{
	219	return SYSCALL(__NR_lgetxattr, path, name, value, size);
	220	}
	221
	222	static ssize_t
	223	llistxattr(const char path, char list, size_t size)
	224	{
	225	return SYSCALL(__NR_llistxattr, path, list, size);
	226	}
	227
b630baf0 SP	228	#define POSIX_ACL_XATTR_VERSION 0x0002
	229
	230	#define ACL_UNDEFINED_ID (-1)
	231
	232	#define ACL_USER_OBJ (0x01)
	233	#define ACL_USER (0x02)
	234	#define ACL_GROUP_OBJ (0x04)
	235	#define ACL_GROUP (0x08)
	236	#define ACL_MASK (0x10)
	237	#define ACL_OTHER (0x20)
	238
	239	typedef struct {
	240	u_int16_t e_tag;
	241	u_int16_t e_perm;
	242	u_int32_t e_id;
	243	} posix_acl_xattr_entry;
	244
	245	typedef struct {
	246	u_int32_t a_version;
	247	posix_acl_xattr_entry a_entries[0];
	248	} posix_acl_xattr_header;
	249
	250	static inline size_t
	251	posix_acl_xattr_size(int count)
	252	{
	253	return (sizeof(posix_acl_xattr_header) +
	254	(count * sizeof(posix_acl_xattr_entry)));
	255	}
	256
	257	struct posix_acl_entry {
	258	short e_tag;
	259	unsigned short e_perm;
	260	unsigned int e_id;
	261	};
	262
	263	struct posix_acl {
	264	unsigned int a_count;
	265	struct posix_acl_entry a_entries[0];
	266	};
	267
	268	#define EXT3_ACL_VERSION 0x0001
	269
	270	typedef struct {
	271	u_int16_t e_tag;
	272	u_int16_t e_perm;
	273	u_int32_t e_id;
	274	} ext3_acl_entry;
	275
	276	typedef struct {
	277	u_int16_t e_tag;
	278	u_int16_t e_perm;
	279	} ext3_acl_entry_short;
	280
	281	typedef struct {
	282	u_int32_t a_version;
	283	} ext3_acl_header;
	284
	285	static inline int ext3_acl_count(size_t size)
	286	{
	287	ssize_t s;
	288	size -= sizeof(ext3_acl_header);
	289	s = size - 4 * sizeof(ext3_acl_entry_short);
	290	if (s < 0) {
	291	if (size % sizeof(ext3_acl_entry_short))
292	return -1;
293	return size / sizeof(ext3_acl_entry_short);
294	} else {
295	if (s % sizeof(ext3_acl_entry))
296	return -1;
297	return s / sizeof(ext3_acl_entry) + 4;
298	}
299	}
300
301	int
302	posix_acl_to_xattr(const struct posix_acl acl, void buffer, size_t size) {
303	posix_acl_xattr_header ext_acl = (posix_acl_xattr_header )buffer;
304	posix_acl_xattr_entry *ext_entry = ext_acl->a_entries;
305	int real_size, n;
306
307	real_size = posix_acl_xattr_size(acl->a_count);
308	if (!buffer)
309	return real_size;
310	if (real_size > size) {
67febcc5	311	fprintf(stderr, "ACL: not enough space to convert (%d %d)\n", real_size, (int)size);
b630baf0 SP	312	return -1;
	313	}
	314
	315	ext_acl->a_version = POSIX_ACL_XATTR_VERSION;
cb6d3f79 SP	316	#if BYTE_ORDER == BIG_ENDIAN
	317	swabst("1i", (u_char *)ext_acl);
	318	#endif
b630baf0 SP	319
	320	for (n=0; n < acl->a_count; n++, ext_entry++) {
	321	ext_entry->e_tag = acl->a_entries[n].e_tag;
	322	ext_entry->e_perm = acl->a_entries[n].e_perm;
	323	ext_entry->e_id = acl->a_entries[n].e_id;
cb6d3f79 SP	324	#if BYTE_ORDER == BIG_ENDIAN
	325	swabst("2s1i", (u_char *)ext_entry);
	326	#endif
b630baf0 SP	327	}
	328	return real_size;
	329	}
	330
	331	static struct posix_acl *
	332	ext3_acl_from_disk(const void *value, size_t size)
	333	{
	334	const char end = (char )value + size;
	335	int n, count;
	336	struct posix_acl *acl;
	337
	338	if (!value)
	339	return NULL;
	340	if (size < sizeof(ext3_acl_header)) {
	341	fprintf(stderr, "ACL size too little\n");
	342	return NULL;
	343	}
cb6d3f79 SP	344	#if BYTE_ORDER == BIG_ENDIAN
	345	swabst("1i", (u_char *)value);
	346	#endif
b630baf0 SP	347	if (((ext3_acl_header *)value)->a_version != EXT3_ACL_VERSION) {
	348	fprintf(stderr, "ACL version unknown\n");
	349	return NULL;
	350	}
	351	value = (char *)value + sizeof(ext3_acl_header);
	352	count = ext3_acl_count(size);
	353	if (count < 0) {
	354	fprintf(stderr, "ACL bad count\n");
	355	return NULL;
	356	}
	357	if (count == 0)
	358	return NULL;
	359	acl = malloc(sizeof(struct posix_acl) + count * sizeof(struct posix_acl_entry));
	360	if (!acl) {
	361	fprintf(stderr, "ACL malloc failed\n");
	362	return NULL;
	363	}
	364	acl->a_count = count;
	365
	366	for (n=0; n < count; n++) {
b630baf0	367	ext3_acl_entry entry = (ext3_acl_entry )value;
cb6d3f79 SP	368	#if BYTE_ORDER == BIG_ENDIAN
	369	swabst("2s", (u_char *)entry);
	370	#endif
b630baf0 SP	371	if ((char *)value + sizeof(ext3_acl_entry_short) > end)
	372	goto fail;
	373	acl->a_entries[n].e_tag = entry->e_tag;
	374	acl->a_entries[n].e_perm = entry->e_perm;
	375	switch(acl->a_entries[n].e_tag) {
	376	case ACL_USER_OBJ:
	377	case ACL_GROUP_OBJ:
	378	case ACL_MASK:
	379	case ACL_OTHER:
	380	value = (char *)value + sizeof(ext3_acl_entry_short);
	381	acl->a_entries[n].e_id = ACL_UNDEFINED_ID;
	382	break;
	383
	384	case ACL_USER:
	385	case ACL_GROUP:
cb6d3f79 SP	386	#if BYTE_ORDER == BIG_ENDIAN
	387	swabst("4b1i", (u_char *)entry);
	388	#endif
b630baf0 SP	389	value = (char *)value + sizeof(ext3_acl_entry);
	390	if ((char *)value > end)
	391	goto fail;
	392	acl->a_entries[n].e_id = entry->e_id;
	393	break;
	394
	395	default:
	396	goto fail;
	397	}
	398	}
	399	if (value != end)
	400	goto fail;
	401	return acl;
	402
	403	fail:
	404	fprintf(stderr, "ACL bad entry\n");
	405	free(acl);
	406	return NULL;
	407	}
	408
cca7148b SP	409	/*
	410	* Dump code starts here :)
	411	*/
	412
	413	static int
7f7d329e	414	xattr_cb_list(char name, char value, int valuelen, int isSELinux, void *private)
cca7148b	415	{
7f7d329e	416	isSELinux;
cca7148b SP	417	value[valuelen] = '\0';
	418	printf("EA: %s:%s\n", name, value);
	419
	420	return GOOD;
	421	}
	422
	423	static int
7f7d329e	424	xattr_cb_set(char name, char value, int valuelen, int isSELinux, void *private)
cca7148b SP	425	{
cca7148b SP	426	char path = (char )private;
7f7d329e	427	int err;
15508d36 SP	428
	429	if (Nflag)
	430	return GOOD;
	431
7f7d329e SP	432	isSELinux;
	433	#ifdef TRANSSELINUX /GAN6May06 SELinux MLS /
	434	if (isSELinux)
	435	err = lsetfilecon(path, value);
	436	else
	437	#endif
	438	err = lsetxattr(path, name, value, valuelen, 0);
	439
	440	if (err) {
	441	warn("%s: EA set %s:%s failed", path, name, value);
cca7148b SP	442	return FAIL;
cca7148b SP	443	}
7f7d329e	444
cca7148b SP	445	return GOOD;
	446	}
	447
	448	static int
7f7d329e	449	xattr_cb_compare(char name, char value, int valuelen, int isSELinux, void *private)
cca7148b SP	450	{
	451	char path = (char )private;
	452	char valuef[XATTR_MAXSIZE];
	453	int valuesz;
7f7d329e SP	454
	455	isSELinux;
	456	#ifdef TRANSSELINUX /GAN6May06 SELinux MLS /
	457	if (isSELinux)
	458	{
	459	security_context_t con = NULL;
	460
	461	if (lgetfilecon(path, &con) < 0) {
	462	warn("%s: EA compare lgetfilecon failed\n", path);
	463	return FAIL;
	464	}
	465
	466	valuesz = strlen(con) + 1;
	467	valuef[0] = 0;
67febcc5	468	strncat(valuef, con, sizeof(valuef) - 1);
7f7d329e	469	freecon(con);
cca7148b	470	}
7f7d329e SP	471	else {
	472	#endif
	473	valuesz = lgetxattr(path, name, valuef, XATTR_MAXSIZE);
	474	if (valuesz < 0) {
	475	warn("%s: EA compare lgetxattr failed\n", path);
	476	return FAIL;
	477	}
	478	#ifdef TRANSSELINUX /GAN6May06 SELinux MLS /
cca7148b	479	}
7f7d329e SP	480	#endif
	481
	482	if (valuesz != valuelen \|\| memcmp(value, valuef, valuelen)) {
	483	/* GAN24May06: show name and new value for user to compare */
	484	fprintf(stderr, "%s: EA %s:%s value changed to %s\n", path, name, value, valuef);
cca7148b SP	485	return FAIL;
	486	}
	487
	488	return GOOD;
	489	}
	490
	491	static int
	492	xattr_verify(char *buffer)
	493	{
	494	struct ext2_xattr_entry *entry;
	495	char *end;
	496
	497	end = buffer + XATTR_MAXSIZE;
	498
cb6d3f79 SP	499	#if BYTE_ORDER == BIG_ENDIAN
	500	swabst("4i", (u_char *)buffer);
	501	#endif
cca7148b SP	502
	503	if (HDR(buffer)->h_magic != EXT2_XATTR_MAGIC &&
	504	HDR(buffer)->h_magic != EXT2_XATTR_MAGIC2) {
	505	fprintf(stderr, "error in EA block 1\n");
	506	fprintf(stderr, "magic = %x\n", HDR(buffer)->h_magic);
	507
	508	return FAIL;
	509	}
	510
	511	/* check the on-disk data structure */
	512	entry = FIRST_ENTRY(buffer);
cb6d3f79 SP	513	#if BYTE_ORDER == BIG_ENDIAN
	514	swabst("2b1s3i", (u_char *)entry);
	515	#endif
cca7148b SP	516	while (!IS_LAST_ENTRY(entry)) {
	517	struct ext2_xattr_entry *next = EXT2_XATTR_NEXT(entry);
	518
	519	if ((char *)next >= end) {
	520	fprintf(stderr, "error in EA block\n");
	521	return FAIL;
	522	}
	523	entry = next;
cb6d3f79 SP	524	#if BYTE_ORDER == BIG_ENDIAN
	525	swabst("2b1s3i", (u_char *)entry);
	526	#endif
cca7148b SP	527	}
	528	return GOOD;
	529	}
	530
	531	static int
	532	xattr_count(char buffer, int count)
	533	{
	534	struct ext2_xattr_entry *entry;
	535	int result = 0;
	536
	537	/* list the attribute names */
	538	for (entry = FIRST_ENTRY(buffer); !IS_LAST_ENTRY(entry);
	539	entry = EXT2_XATTR_NEXT(entry))
	540	result++;
	541
	542	*count = result;
	543	return GOOD;
	544	}
	545
	546	static int
7f7d329e	547	xattr_walk(char buffer, int (xattr_cb)(char , char , int, int, void ), void private)
cca7148b SP	548	{
	549	struct ext2_xattr_entry *entry;
	550
	551	/* list the attribute names */
	552	for (entry = FIRST_ENTRY(buffer); !IS_LAST_ENTRY(entry);
	553	entry = EXT2_XATTR_NEXT(entry)) {
	554	char name[XATTR_MAXSIZE], value[XATTR_MAXSIZE];
11997d3b	555	int size;
cca7148b	556	int off;
b630baf0	557	int convertacl = 0;
7f7d329e	558	int convertcon = 0;
cca7148b SP	559
	560	switch (entry->e_name_index) {
	561	case EXT2_XATTR_INDEX_USER:
	562	strcpy(name, "user.");
	563	break;
	564	case EXT2_XATTR_INDEX_POSIX_ACL_ACCESS:
b630baf0 SP	565	strcpy(name, "system.posix_acl_access");
	566	convertacl = 1;
	567	break;
cca7148b	568	case EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT:
b630baf0 SP	569	strcpy(name, "system.posix_acl_default");
b630baf0 SP	570	convertacl = 1;
cca7148b SP	571	break;
	572	case EXT2_XATTR_INDEX_TRUSTED:
	573	strcpy(name, "trusted.");
	574	break;
	575	case EXT2_XATTR_INDEX_LUSTRE:
	576	strcpy(name, "lustre.");
	577	break;
	578	case EXT2_XATTR_INDEX_SECURITY:
	579	strcpy(name, "security.");
7f7d329e SP	580	#ifdef TRANSSELINUX /GAN6May06 SELinux MLS /
	581	convertcon = transselinuxflag;
	582	#endif
cca7148b SP	583	break;
	584	default:
	585	fprintf(stderr, "Unknown EA index\n");
	586	return FAIL;
	587	}
	588
	589	off = strlen(name);
	590	memcpy(name + off, entry->e_name, entry->e_name_len);
	591	name[off + entry->e_name_len] = '\0';
11997d3b	592	size = entry->e_value_size;
cca7148b	593
11997d3b	594	memcpy(value, buffer + VALUE_OFFSET(buffer, entry), size);
cca7148b	595
b630baf0 SP	596	if (convertacl) {
b630baf0 SP	597	struct posix_acl *acl;
b630baf0	598
11997d3b	599	acl = ext3_acl_from_disk(value, size);
b630baf0 SP	600	if (!acl)
	601	return FAIL;
	602	size = posix_acl_to_xattr(acl, value, XATTR_MAXSIZE);
	603	if (size < 0)
	604	return FAIL;
b630baf0 SP	605	free(acl);
b630baf0 SP	606	}
7f7d329e SP	607
	608	#ifdef TRANSSELINUX /GAN6May06 SELinux MLS /
	609	if (convertcon && strcmp(name, "security.selinux"))
	610	convertcon = 0; /GAN24May06 only for selinux /
	611
	612	if (convertcon)
	613	{
	614	security_context_t con = NULL;
	615	int err;
	616
	617	if (!transselinuxarg)
	618	err = security_canonicalize_context(value, &con);
	619	else {
67febcc5	620	strncat(value, transselinuxarg, sizeof(value) - 1);
7f7d329e SP	621	err = security_canonicalize_context_raw(value, &con);
	622	}
	623
	624	if (err < 0) {
	625	warn("%s: EA canonicalize failed\n", value);
	626	return FAIL;
	627	}
	628
11997d3b	629	size = strlen(con) + 1;
7f7d329e	630	value[0] = 0;
67febcc5	631	strncat(value, con, sizeof(value) - 1);
7f7d329e SP	632	freecon(con);
	633	}
	634	#endif
b630baf0	635
11997d3b	636	if (xattr_cb(name, value, size, convertcon, private) != GOOD)
cca7148b SP	637	return FAIL;
	638	}
	639
	640	return GOOD;
	641	}
	642
	643	int
	644	xattr_compare(char path, char buffer)
	645	{
	646	int countf, countt;
	647	char names = NULL, end_names, *name;
	648
	649	countf = llistxattr(path, NULL, 0);
	650	if (countf < 0) {
	651	warn("%s: llistxattr failed", path);
	652	return FAIL;
	653	}
	654
	655	names = malloc(countf + 1);
	656	if (!names) {
	657	warn("%s: llistxattr failed", path);
	658	return FAIL;
	659	}
	660
	661	countf = llistxattr(path, names, countf);
	662	if (countf < 0) {
	663	warn("%s: llistxattr failed", path);
	664	free(names);
	665	return FAIL;
	666	}
	667
	668	names[countf] = '\0';
	669	end_names = names + countf;
	670
	671	countf = 0;
	672	for (name = names; name != end_names; name = strchr(name, '\0') + 1) {
	673	if (!*name)
	674	continue;
	675	countf++;
	676	}
	677
	678	free(names);
	679
	680	if (buffer) {
	681	if (xattr_verify(buffer) == FAIL)
	682	return FAIL;
	683
	684	if (xattr_count(buffer, &countt) == FAIL)
	685	return FAIL;
	686	}
	687	else
	688	countt = 0;
	689
	690	if (countf != countt) {
	691	fprintf(stderr, "%s: EA count changed from %d to %d\n", path, countt, countf);
	692	return FAIL;
	693	}
	694
	695	if (!buffer)
	696	return GOOD;
	697
	698	return xattr_walk(buffer, xattr_cb_compare, path);
	699	}
	700
701	int
702	xattr_extract(char path, char buffer)
703	{
704	if (dflag) {
705	fprintf(stderr, "xattr_extract(%s)\n", path);
706	xattr_walk(buffer, xattr_cb_list, NULL);
707	}
708
709	if (xattr_verify(buffer) == FAIL)
710	return FAIL;
711
712	return xattr_walk(buffer, xattr_cb_set, path);
713	}
714