1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * This file is part of UBIFS. 4 * 5 * Copyright (C) 2006-2008 Nokia Corporation. 6 * 7 * Authors: Artem Bityutskiy (Битюцкий Артём) 8 * Adrian Hunter 9 */ 10 11 /* 12 * This file implements UBIFS extended attributes support. 13 * 14 * Extended attributes are implemented as regular inodes with attached data, 15 * which limits extended attribute size to UBIFS block size (4KiB). Names of 16 * extended attributes are described by extended attribute entries (xentries), 17 * which are almost identical to directory entries, but have different key type. 18 * 19 * In other words, the situation with extended attributes is very similar to 20 * directories. Indeed, any inode (but of course not xattr inodes) may have a 21 * number of associated xentries, just like directory inodes have associated 22 * directory entries. Extended attribute entries store the name of the extended 23 * attribute, the host inode number, and the extended attribute inode number. 24 * Similarly, direntries store the name, the parent and the target inode 25 * numbers. Thus, most of the common UBIFS mechanisms may be re-used for 26 * extended attributes. 27 * 28 * The number of extended attributes is not limited, but there is Linux 29 * limitation on the maximum possible size of the list of all extended 30 * attributes associated with an inode (%XATTR_LIST_MAX), so UBIFS makes sure 31 * the sum of all extended attribute names of the inode does not exceed that 32 * limit. 33 * 34 * Extended attributes are synchronous, which means they are written to the 35 * flash media synchronously and there is no write-back for extended attribute 36 * inodes. The extended attribute values are not stored in compressed form on 37 * the media. 38 * 39 * Since extended attributes are represented by regular inodes, they are cached 40 * in the VFS inode cache. The xentries are cached in the LNC cache (see 41 * tnc.c). 42 * 43 * ACL support is not implemented. 44 */ 45 46 #include "ubifs.h" 47 #include <linux/fs.h> 48 #include <linux/slab.h> 49 #include <linux/xattr.h> 50 51 static const struct inode_operations empty_iops; 52 static const struct file_operations empty_fops; 53 54 /** 55 * create_xattr - create an extended attribute. 56 * @c: UBIFS file-system description object 57 * @host: host inode 58 * @nm: extended attribute name 59 * @value: extended attribute value 60 * @size: size of extended attribute value 61 * 62 * This is a helper function which creates an extended attribute of name @nm 63 * and value @value for inode @host. The host inode is also updated on flash 64 * because the ctime and extended attribute accounting data changes. This 65 * function returns zero in case of success and a negative error code in case 66 * of failure. 67 */ 68 static int create_xattr(struct ubifs_info *c, struct inode *host, 69 const struct fscrypt_name *nm, const void *value, int size) 70 { 71 int err, names_len; 72 struct inode *inode; 73 struct ubifs_inode *ui, *host_ui = ubifs_inode(host); 74 struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, 75 .new_ino_d = ALIGN(size, 8), .dirtied_ino = 1, 76 .dirtied_ino_d = ALIGN(host_ui->data_len, 8) }; 77 78 if (host_ui->xattr_cnt >= ubifs_xattr_max_cnt(c)) { 79 ubifs_err(c, "inode %lu already has too many xattrs (%d), cannot create more", 80 host->i_ino, host_ui->xattr_cnt); 81 return -ENOSPC; 82 } 83 /* 84 * Linux limits the maximum size of the extended attribute names list 85 * to %XATTR_LIST_MAX. This means we should not allow creating more 86 * extended attributes if the name list becomes larger. This limitation 87 * is artificial for UBIFS, though. 88 */ 89 names_len = host_ui->xattr_names + host_ui->xattr_cnt + fname_len(nm) + 1; 90 if (names_len > XATTR_LIST_MAX) { 91 ubifs_err(c, "cannot add one more xattr name to inode %lu, total names length would become %d, max. is %d", 92 host->i_ino, names_len, XATTR_LIST_MAX); 93 return -ENOSPC; 94 } 95 96 err = ubifs_budget_space(c, &req); 97 if (err) 98 return err; 99 100 inode = ubifs_new_inode(c, host, S_IFREG | S_IRWXUGO, true); 101 if (IS_ERR(inode)) { 102 err = PTR_ERR(inode); 103 goto out_budg; 104 } 105 106 /* Re-define all operations to be "nothing" */ 107 inode->i_mapping->a_ops = &empty_aops; 108 inode->i_op = &empty_iops; 109 inode->i_fop = &empty_fops; 110 111 inode->i_flags |= S_SYNC | S_NOATIME | S_NOCMTIME; 112 ui = ubifs_inode(inode); 113 ui->xattr = 1; 114 ui->flags |= UBIFS_XATTR_FL; 115 ui->data = kmemdup(value, size, GFP_NOFS); 116 if (!ui->data) { 117 err = -ENOMEM; 118 goto out_free; 119 } 120 inode->i_size = ui->ui_size = size; 121 ui->data_len = size; 122 123 mutex_lock(&host_ui->ui_mutex); 124 inode_set_ctime_current(host); 125 host_ui->xattr_cnt += 1; 126 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); 127 host_ui->xattr_size += CALC_XATTR_BYTES(size); 128 host_ui->xattr_names += fname_len(nm); 129 130 /* 131 * We handle UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT here because we 132 * have to set the UBIFS_CRYPT_FL flag on the host inode. 133 * To avoid multiple updates of the same inode in the same operation, 134 * let's do it here. 135 */ 136 if (strcmp(fname_name(nm), UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0) 137 host_ui->flags |= UBIFS_CRYPT_FL; 138 139 err = ubifs_jnl_update(c, host, nm, inode, 0, 1, 0); 140 if (err) 141 goto out_cancel; 142 ubifs_set_inode_flags(host); 143 mutex_unlock(&host_ui->ui_mutex); 144 145 ubifs_release_budget(c, &req); 146 insert_inode_hash(inode); 147 iput(inode); 148 return 0; 149 150 out_cancel: 151 host_ui->xattr_cnt -= 1; 152 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); 153 host_ui->xattr_size -= CALC_XATTR_BYTES(size); 154 host_ui->xattr_names -= fname_len(nm); 155 host_ui->flags &= ~UBIFS_CRYPT_FL; 156 mutex_unlock(&host_ui->ui_mutex); 157 out_free: 158 make_bad_inode(inode); 159 iput(inode); 160 out_budg: 161 ubifs_release_budget(c, &req); 162 return err; 163 } 164 165 /** 166 * change_xattr - change an extended attribute. 167 * @c: UBIFS file-system description object 168 * @host: host inode 169 * @inode: extended attribute inode 170 * @value: extended attribute value 171 * @size: size of extended attribute value 172 * 173 * This helper function changes the value of extended attribute @inode with new 174 * data from @value. Returns zero in case of success and a negative error code 175 * in case of failure. 176 */ 177 static int change_xattr(struct ubifs_info *c, struct inode *host, 178 struct inode *inode, const void *value, int size) 179 { 180 int err; 181 struct ubifs_inode *host_ui = ubifs_inode(host); 182 struct ubifs_inode *ui = ubifs_inode(inode); 183 void *buf = NULL; 184 int old_size; 185 struct ubifs_budget_req req = { .dirtied_ino = 2, 186 .dirtied_ino_d = ALIGN(size, 8) + ALIGN(host_ui->data_len, 8) }; 187 188 ubifs_assert(c, ui->data_len == inode->i_size); 189 err = ubifs_budget_space(c, &req); 190 if (err) 191 return err; 192 193 buf = kmemdup(value, size, GFP_NOFS); 194 if (!buf) { 195 err = -ENOMEM; 196 goto out_free; 197 } 198 kfree(ui->data); 199 ui->data = buf; 200 inode->i_size = ui->ui_size = size; 201 old_size = ui->data_len; 202 ui->data_len = size; 203 204 mutex_lock(&host_ui->ui_mutex); 205 inode_set_ctime_current(host); 206 host_ui->xattr_size -= CALC_XATTR_BYTES(old_size); 207 host_ui->xattr_size += CALC_XATTR_BYTES(size); 208 209 /* 210 * It is important to write the host inode after the xattr inode 211 * because if the host inode gets synchronized (via 'fsync()'), then 212 * the extended attribute inode gets synchronized, because it goes 213 * before the host inode in the write-buffer. 214 */ 215 err = ubifs_jnl_change_xattr(c, inode, host); 216 if (err) 217 goto out_cancel; 218 mutex_unlock(&host_ui->ui_mutex); 219 220 ubifs_release_budget(c, &req); 221 return 0; 222 223 out_cancel: 224 host_ui->xattr_size -= CALC_XATTR_BYTES(size); 225 host_ui->xattr_size += CALC_XATTR_BYTES(old_size); 226 mutex_unlock(&host_ui->ui_mutex); 227 make_bad_inode(inode); 228 out_free: 229 ubifs_release_budget(c, &req); 230 return err; 231 } 232 233 static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum) 234 { 235 struct inode *inode; 236 237 inode = ubifs_iget(c->vfs_sb, inum); 238 if (IS_ERR(inode)) { 239 ubifs_err(c, "dead extended attribute entry, error %d", 240 (int)PTR_ERR(inode)); 241 return inode; 242 } 243 if (ubifs_inode(inode)->xattr) 244 return inode; 245 ubifs_err(c, "corrupt extended attribute entry"); 246 iput(inode); 247 return ERR_PTR(-EINVAL); 248 } 249 250 int ubifs_xattr_set(struct inode *host, const char *name, const void *value, 251 size_t size, int flags, bool check_lock) 252 { 253 struct inode *inode; 254 struct ubifs_info *c = host->i_sb->s_fs_info; 255 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))}; 256 struct ubifs_dent_node *xent; 257 union ubifs_key key; 258 int err; 259 260 if (check_lock) 261 ubifs_assert(c, inode_is_locked(host)); 262 263 if (size > UBIFS_MAX_INO_DATA) 264 return -ERANGE; 265 266 if (fname_len(&nm) > UBIFS_MAX_NLEN) 267 return -ENAMETOOLONG; 268 269 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS); 270 if (!xent) 271 return -ENOMEM; 272 273 down_write(&ubifs_inode(host)->xattr_sem); 274 /* 275 * The extended attribute entries are stored in LNC, so multiple 276 * look-ups do not involve reading the flash. 277 */ 278 xent_key_init(c, &key, host->i_ino, &nm); 279 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm); 280 if (err) { 281 if (err != -ENOENT) 282 goto out_free; 283 284 if (flags & XATTR_REPLACE) 285 /* We are asked not to create the xattr */ 286 err = -ENODATA; 287 else 288 err = create_xattr(c, host, &nm, value, size); 289 goto out_free; 290 } 291 292 if (flags & XATTR_CREATE) { 293 /* We are asked not to replace the xattr */ 294 err = -EEXIST; 295 goto out_free; 296 } 297 298 inode = iget_xattr(c, le64_to_cpu(xent->inum)); 299 if (IS_ERR(inode)) { 300 err = PTR_ERR(inode); 301 goto out_free; 302 } 303 304 err = change_xattr(c, host, inode, value, size); 305 iput(inode); 306 307 out_free: 308 up_write(&ubifs_inode(host)->xattr_sem); 309 kfree(xent); 310 return err; 311 } 312 313 ssize_t ubifs_xattr_get(struct inode *host, const char *name, void *buf, 314 size_t size) 315 { 316 struct inode *inode; 317 struct ubifs_info *c = host->i_sb->s_fs_info; 318 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))}; 319 struct ubifs_inode *ui; 320 struct ubifs_dent_node *xent; 321 union ubifs_key key; 322 int err; 323 324 if (fname_len(&nm) > UBIFS_MAX_NLEN) 325 return -ENAMETOOLONG; 326 327 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS); 328 if (!xent) 329 return -ENOMEM; 330 331 down_read(&ubifs_inode(host)->xattr_sem); 332 xent_key_init(c, &key, host->i_ino, &nm); 333 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm); 334 if (err) { 335 if (err == -ENOENT) 336 err = -ENODATA; 337 goto out_cleanup; 338 } 339 340 inode = iget_xattr(c, le64_to_cpu(xent->inum)); 341 if (IS_ERR(inode)) { 342 err = PTR_ERR(inode); 343 goto out_cleanup; 344 } 345 346 ui = ubifs_inode(inode); 347 ubifs_assert(c, inode->i_size == ui->data_len); 348 ubifs_assert(c, ubifs_inode(host)->xattr_size > ui->data_len); 349 350 if (buf) { 351 /* If @buf is %NULL we are supposed to return the length */ 352 if (ui->data_len > size) { 353 err = -ERANGE; 354 goto out_iput; 355 } 356 357 memcpy(buf, ui->data, ui->data_len); 358 } 359 err = ui->data_len; 360 361 out_iput: 362 iput(inode); 363 out_cleanup: 364 up_read(&ubifs_inode(host)->xattr_sem); 365 kfree(xent); 366 return err; 367 } 368 369 static bool xattr_visible(const char *name) 370 { 371 /* File encryption related xattrs are for internal use only */ 372 if (strcmp(name, UBIFS_XATTR_NAME_ENCRYPTION_CONTEXT) == 0) 373 return false; 374 375 /* Show trusted namespace only for "power" users */ 376 if (strncmp(name, XATTR_TRUSTED_PREFIX, 377 XATTR_TRUSTED_PREFIX_LEN) == 0 && !capable(CAP_SYS_ADMIN)) 378 return false; 379 380 return true; 381 } 382 383 ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size) 384 { 385 union ubifs_key key; 386 struct inode *host = d_inode(dentry); 387 struct ubifs_info *c = host->i_sb->s_fs_info; 388 struct ubifs_inode *host_ui = ubifs_inode(host); 389 struct ubifs_dent_node *xent, *pxent = NULL; 390 int err, len, written = 0; 391 struct fscrypt_name nm = {0}; 392 393 dbg_gen("ino %lu ('%pd'), buffer size %zd", host->i_ino, 394 dentry, size); 395 396 down_read(&host_ui->xattr_sem); 397 len = host_ui->xattr_names + host_ui->xattr_cnt; 398 if (!buffer) { 399 /* 400 * We should return the minimum buffer size which will fit a 401 * null-terminated list of all the extended attribute names. 402 */ 403 err = len; 404 goto out_err; 405 } 406 407 if (len > size) { 408 err = -ERANGE; 409 goto out_err; 410 } 411 412 lowest_xent_key(c, &key, host->i_ino); 413 while (1) { 414 xent = ubifs_tnc_next_ent(c, &key, &nm); 415 if (IS_ERR(xent)) { 416 err = PTR_ERR(xent); 417 break; 418 } 419 420 fname_name(&nm) = xent->name; 421 fname_len(&nm) = le16_to_cpu(xent->nlen); 422 423 if (xattr_visible(xent->name)) { 424 memcpy(buffer + written, fname_name(&nm), fname_len(&nm) + 1); 425 written += fname_len(&nm) + 1; 426 } 427 428 kfree(pxent); 429 pxent = xent; 430 key_read(c, &xent->key, &key); 431 } 432 kfree(pxent); 433 up_read(&host_ui->xattr_sem); 434 435 if (err != -ENOENT) { 436 ubifs_err(c, "cannot find next direntry, error %d", err); 437 return err; 438 } 439 440 ubifs_assert(c, written <= size); 441 return written; 442 443 out_err: 444 up_read(&host_ui->xattr_sem); 445 return err; 446 } 447 448 static int remove_xattr(struct ubifs_info *c, struct inode *host, 449 struct inode *inode, const struct fscrypt_name *nm) 450 { 451 int err; 452 struct ubifs_inode *host_ui = ubifs_inode(host); 453 struct ubifs_inode *ui = ubifs_inode(inode); 454 struct ubifs_budget_req req = { .dirtied_ino = 2, .mod_dent = 1, 455 .dirtied_ino_d = ALIGN(host_ui->data_len, 8) }; 456 457 ubifs_assert(c, ui->data_len == inode->i_size); 458 459 err = ubifs_budget_space(c, &req); 460 if (err) 461 return err; 462 463 mutex_lock(&host_ui->ui_mutex); 464 inode_set_ctime_current(host); 465 host_ui->xattr_cnt -= 1; 466 host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); 467 host_ui->xattr_size -= CALC_XATTR_BYTES(ui->data_len); 468 host_ui->xattr_names -= fname_len(nm); 469 470 err = ubifs_jnl_delete_xattr(c, host, inode, nm); 471 if (err) 472 goto out_cancel; 473 mutex_unlock(&host_ui->ui_mutex); 474 475 ubifs_release_budget(c, &req); 476 return 0; 477 478 out_cancel: 479 host_ui->xattr_cnt += 1; 480 host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); 481 host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); 482 host_ui->xattr_names += fname_len(nm); 483 mutex_unlock(&host_ui->ui_mutex); 484 ubifs_release_budget(c, &req); 485 make_bad_inode(inode); 486 return err; 487 } 488 489 int ubifs_purge_xattrs(struct inode *host) 490 { 491 union ubifs_key key; 492 struct ubifs_info *c = host->i_sb->s_fs_info; 493 struct ubifs_dent_node *xent, *pxent = NULL; 494 struct inode *xino; 495 struct fscrypt_name nm = {0}; 496 int err; 497 498 if (ubifs_inode(host)->xattr_cnt <= ubifs_xattr_max_cnt(c)) 499 return 0; 500 501 ubifs_warn(c, "inode %lu has too many xattrs, doing a non-atomic deletion", 502 host->i_ino); 503 504 down_write(&ubifs_inode(host)->xattr_sem); 505 lowest_xent_key(c, &key, host->i_ino); 506 while (1) { 507 xent = ubifs_tnc_next_ent(c, &key, &nm); 508 if (IS_ERR(xent)) { 509 err = PTR_ERR(xent); 510 break; 511 } 512 513 fname_name(&nm) = xent->name; 514 fname_len(&nm) = le16_to_cpu(xent->nlen); 515 516 xino = ubifs_iget(c->vfs_sb, le64_to_cpu(xent->inum)); 517 if (IS_ERR(xino)) { 518 err = PTR_ERR(xino); 519 ubifs_err(c, "dead directory entry '%s', error %d", 520 xent->name, err); 521 ubifs_ro_mode(c, err); 522 goto out_err; 523 } 524 525 ubifs_assert(c, ubifs_inode(xino)->xattr); 526 527 clear_nlink(xino); 528 err = remove_xattr(c, host, xino, &nm); 529 iput(xino); 530 if (err) { 531 ubifs_err(c, "cannot remove xattr, error %d", err); 532 goto out_err; 533 } 534 535 kfree(pxent); 536 pxent = xent; 537 key_read(c, &xent->key, &key); 538 } 539 kfree(pxent); 540 up_write(&ubifs_inode(host)->xattr_sem); 541 542 if (err != -ENOENT) { 543 ubifs_err(c, "cannot find next direntry, error %d", err); 544 return err; 545 } 546 547 return 0; 548 549 out_err: 550 kfree(pxent); 551 kfree(xent); 552 up_write(&ubifs_inode(host)->xattr_sem); 553 return err; 554 } 555 556 static int ubifs_xattr_remove(struct inode *host, const char *name) 557 { 558 struct inode *inode; 559 struct ubifs_info *c = host->i_sb->s_fs_info; 560 struct fscrypt_name nm = { .disk_name = FSTR_INIT((char *)name, strlen(name))}; 561 struct ubifs_dent_node *xent; 562 union ubifs_key key; 563 int err; 564 565 ubifs_assert(c, inode_is_locked(host)); 566 567 if (fname_len(&nm) > UBIFS_MAX_NLEN) 568 return -ENAMETOOLONG; 569 570 xent = kmalloc(UBIFS_MAX_XENT_NODE_SZ, GFP_NOFS); 571 if (!xent) 572 return -ENOMEM; 573 574 down_write(&ubifs_inode(host)->xattr_sem); 575 xent_key_init(c, &key, host->i_ino, &nm); 576 err = ubifs_tnc_lookup_nm(c, &key, xent, &nm); 577 if (err) { 578 if (err == -ENOENT) 579 err = -ENODATA; 580 goto out_free; 581 } 582 583 inode = iget_xattr(c, le64_to_cpu(xent->inum)); 584 if (IS_ERR(inode)) { 585 err = PTR_ERR(inode); 586 goto out_free; 587 } 588 589 ubifs_assert(c, inode->i_nlink == 1); 590 clear_nlink(inode); 591 err = remove_xattr(c, host, inode, &nm); 592 if (err) 593 set_nlink(inode, 1); 594 595 /* If @i_nlink is 0, 'iput()' will delete the inode */ 596 iput(inode); 597 598 out_free: 599 up_write(&ubifs_inode(host)->xattr_sem); 600 kfree(xent); 601 return err; 602 } 603 604 #ifdef CONFIG_UBIFS_FS_SECURITY 605 static int init_xattrs(struct inode *inode, const struct xattr *xattr_array, 606 void *fs_info) 607 { 608 const struct xattr *xattr; 609 char *name; 610 int err = 0; 611 612 for (xattr = xattr_array; xattr->name != NULL; xattr++) { 613 name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 614 strlen(xattr->name) + 1, GFP_NOFS); 615 if (!name) { 616 err = -ENOMEM; 617 break; 618 } 619 strcpy(name, XATTR_SECURITY_PREFIX); 620 strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name); 621 /* 622 * creating a new inode without holding the inode rwsem, 623 * no need to check whether inode is locked. 624 */ 625 err = ubifs_xattr_set(inode, name, xattr->value, 626 xattr->value_len, 0, false); 627 kfree(name); 628 if (err < 0) 629 break; 630 } 631 632 return err; 633 } 634 635 int ubifs_init_security(struct inode *dentry, struct inode *inode, 636 const struct qstr *qstr) 637 { 638 int err; 639 640 err = security_inode_init_security(inode, dentry, qstr, 641 &init_xattrs, NULL); 642 if (err) { 643 struct ubifs_info *c = dentry->i_sb->s_fs_info; 644 ubifs_err(c, "cannot initialize security for inode %lu, error %d", 645 inode->i_ino, err); 646 } 647 return err; 648 } 649 #endif 650 651 static int xattr_get(const struct xattr_handler *handler, 652 struct dentry *dentry, struct inode *inode, 653 const char *name, void *buffer, size_t size) 654 { 655 dbg_gen("xattr '%s', ino %lu ('%pd'), buf size %zd", name, 656 inode->i_ino, dentry, size); 657 658 name = xattr_full_name(handler, name); 659 return ubifs_xattr_get(inode, name, buffer, size); 660 } 661 662 static int xattr_set(const struct xattr_handler *handler, 663 struct mnt_idmap *idmap, 664 struct dentry *dentry, struct inode *inode, 665 const char *name, const void *value, 666 size_t size, int flags) 667 { 668 dbg_gen("xattr '%s', host ino %lu ('%pd'), size %zd", 669 name, inode->i_ino, dentry, size); 670 671 name = xattr_full_name(handler, name); 672 673 if (value) 674 return ubifs_xattr_set(inode, name, value, size, flags, true); 675 else 676 return ubifs_xattr_remove(inode, name); 677 } 678 679 static const struct xattr_handler ubifs_user_xattr_handler = { 680 .prefix = XATTR_USER_PREFIX, 681 .get = xattr_get, 682 .set = xattr_set, 683 }; 684 685 static const struct xattr_handler ubifs_trusted_xattr_handler = { 686 .prefix = XATTR_TRUSTED_PREFIX, 687 .get = xattr_get, 688 .set = xattr_set, 689 }; 690 691 #ifdef CONFIG_UBIFS_FS_SECURITY 692 static const struct xattr_handler ubifs_security_xattr_handler = { 693 .prefix = XATTR_SECURITY_PREFIX, 694 .get = xattr_get, 695 .set = xattr_set, 696 }; 697 #endif 698 699 const struct xattr_handler * const ubifs_xattr_handlers[] = { 700 &ubifs_user_xattr_handler, 701 &ubifs_trusted_xattr_handler, 702 #ifdef CONFIG_UBIFS_FS_SECURITY 703 &ubifs_security_xattr_handler, 704 #endif 705 NULL 706 }; 707