From: liaohua <liaohua4@huawei.com>

This patch provides security namespace xattr support for Yaffs2.

Adjust the yaffs2 to use the generic xattr handler
by replace yaffs_setxattr with generic_setxattr in yaffs_file_inode_operations.
And we add yaffs_security_xattr_handler for security namespace xattr support.

We have tested the basic functions, for example, set and get the capabilities of some file like ping.
And a file named security_xattr_ping.sh is provided as a test script.

Thanks in advance for any advice you can provide.

Signed-off-by: liaohua <liaohua4@huawei.com>
---
 Makefile                           |   1 +
 Makefile.kernel                    |   1 +
 linux-tests/security_xattr_ping.sh | 151 +++++++++++++++++++++++++++++
 yaffs_guts.h                       |   4 +
 yaffs_nameval.c                    |  39 ++++----
 yaffs_security.c                   |  87 +++++++++++++++++
 yaffs_vfs_multi.c                  | 119 ++++++++++++++++++-----
 yaffs_xattr.h                      |  40 ++++++++
 8 files changed, 398 insertions(+), 44 deletions(-)
 create mode 100644 linux-tests/security_xattr_ping.sh
 create mode 100644 yaffs_security.c
 create mode 100644 yaffs_xattr.h

diff --git a/Makefile b/Makefile
index 9318d4d..509c306 100644
--- a/Makefile
+++ b/Makefile
@@ -55,6 +55,7 @@ ifneq ($(KERNELRELEASE),)
 	yaffs2multi-objs += yaffs_verify.o
 	yaffs2multi-objs += yaffs_endian.o
 	yaffs2multi-objs += yaffs_summary.o
+	yaffs2multi-objs += yaffs_security.o
 
 else
 	KERNELDIR ?= /lib/modules/$(shell uname -r)/build
diff --git a/Makefile.kernel b/Makefile.kernel
index c052395..e842883 100644
--- a/Makefile.kernel
+++ b/Makefile.kernel
@@ -16,4 +16,5 @@ yaffs-y += yaffs_yaffs2.o
 yaffs-y += yaffs_bitmap.o
 yaffs-y += yaffs_summary.o
 yaffs-y += yaffs_verify.o
+yaffs-y += yaffs_security.o
 
diff --git a/linux-tests/security_xattr_ping.sh b/linux-tests/security_xattr_ping.sh
new file mode 100644
index 0000000..42a9fd1
--- /dev/null
+++ b/linux-tests/security_xattr_ping.sh
@@ -0,0 +1,151 @@
+#!/bin/bash
+
+pre_test() {
+	mount | grep yaffs2
+	if [ $? -ne 0 ]; then
+		echo "ERROR: no yaffs2 filesystem was mounted."
+		return 1
+	fi
+	yaffs_dir=$(mount | grep yaffs2 | awk -F " " '{print $3}')
+	echo $yaffs_dir
+
+	which ping
+	if [ $? -ne 0 ]; then
+		echo "ERROR: no ping exist."
+		return 1
+	fi
+	ping_dir=$(which ping)
+	echo $ping_dir
+}
+
+setcap_net_ping_test() {
+	cd $yaffs_dir
+	if [ $? -ne 0 ]; then
+		echo "Error: yaffs2 dir not fount"
+		return 1
+	fi
+
+	cp $ping_dir ./
+	chmod 755 ping
+	ls -al ping | grep rws
+	if [ $? -eq 0 ]; then
+		chmod -s ping
+	fi
+
+	./ping 127.0.0.1 -c 3
+	if [ $? -ne 0 ]; then
+		echo "ERROR: ping 127.0.0.1 fail"
+		return 1
+	fi
+
+	# Add normal user;
+	useradd -m yaffs_test
+	echo "Yaffs2 xattr test: su yaffs_test and ping again."
+	su yaffs_test -c "cd $yaffs_dir && ./ping 127.0.0.1 -c 3"
+	if [ $? -eq 0 ]; then
+		echo "ERROR: yaffs_test ping 127.0.0.1 success, test fail"
+		return 1
+	fi
+
+	setcap 'cap_net_admin,cap_net_raw+ep' ./ping
+	getcap ./ping | grep "cap_net_admin,cap_net_raw+ep"
+	if [ $? -ne 0 ]; then
+        echo "ERROR: set cap fail. test fail"
+		return 1
+    fi
+
+    attr -l ./ping | grep '"capability" has a 20 byte'
+    if [ $? -ne 0 ]; then
+        echo "ERROR: setfattr cap fail. test fail"
+		return 1
+    fi
+
+	echo "Yaffs2 xattr test: setcap of ping, su yaffs_test and ping again."
+	su yaffs_test -c "cd $yaffs_dir && ./ping 127.0.0.1 -c 3"
+	if [ $? -ne 0 ]; then
+		echo "ERROR: yaffs_test ping 127.0.0.1 fail，add cap fail, test fail"
+		return 1
+	fi
+
+	rm ping
+	echo "Yaffs2 xattr test: setcap_net_ping_test success."
+}
+
+setfattr_net_ping_test() {
+	cd $yaffs_dir
+	if [ $? -ne 0 ]; then
+		echo "Error: yaffs2 dir not fount"
+		return 1
+	fi
+
+	cp $ping_dir ./
+	chmod 755 ping
+	ls -al ping | grep rws
+	if [ $? -eq 0 ]; then
+		chmod -s ping
+	fi
+
+	./ping 127.0.0.1 -c 3
+	if [ $? -ne 0 ]; then
+		echo "ERROR: ping 127.0.0.1 fail"
+		return 1
+	fi
+
+	# set cap_net_admin,cap_net_raw+ep of ping by setfattr, check if getcap gets the attribute correctly.;
+    setfattr -n security.capability -v 0sAQAAAgAwAAAAAAAAAAAAAAAAAAA= ./ping
+    getfattr -n security.capability ./ping | grep "security.capability=0sAQAAAgAwAAAAAAAAAAAAAAAAAAA="
+    if [ $? -ne 0 ]; then
+        echo "ERROR: getfattr fail. test fail"
+		return 1
+    fi
+
+    getcap ./ping | grep "cap_net_admin,cap_net_raw+ep"
+    if [ $? -ne 0 ]; then
+        echo "ERROR: setfattr cap fail. test fail"
+		return 1
+    fi
+
+	rm ping
+	echo "Yaffs2 xattr test: setfattr_net_ping_test success."
+}
+
+getfattr_net_ping_test() {
+	cd $yaffs_dir
+	if [ $? -ne 0 ]; then
+		echo "Error: yaffs2 dir not fount"
+		return 1
+	fi
+
+	cp $ping_dir ./
+	chmod 755 ping
+	ls -al ping | grep rws
+	if [ $? -eq 0 ]; then
+		chmod -s ping
+	fi
+
+	./ping 127.0.0.1 -c 3
+	if [ $? -ne 0 ]; then
+		echo "ERROR: ping 127.0.0.1 fail"
+		return 1
+	fi
+
+	# Set cap_net_admin,cap_net_raw+ep of ping, check if getfattr gets the attribute correctly.
+    setcap 'cap_net_admin,cap_net_raw+ep' ./ping
+    getcap ./ping | grep net_admin
+    if [ $? -ne 0 ]; then
+        echo "ERROR: set cap fail. test fail"
+    fi
+
+    getfattr -n security.capability ./ping | grep "security.capability=0sAQAAAgAwAAAAAAAAAAAAAAAAAAA="
+    if [ $? -ne 0 ]; then
+        echo "ERROR: getfattr fail. test fail"
+    fi
+
+	rm ping
+	echo "Yaffs2 xattr test: security_xattr_ping success."
+}
+
+pre_test || return 1
+setcap_net_ping_test || return 1
+setfattr_net_ping_test || return 1
+getfattr_net_ping_test || return 1
diff --git a/yaffs_guts.h b/yaffs_guts.h
index 124e4c9..e34ca27 100644
--- a/yaffs_guts.h
+++ b/yaffs_guts.h
@@ -15,6 +15,7 @@
 #ifndef __YAFFS_GUTS_H__
 #define __YAFFS_GUTS_H__
 
+#include <linux/xattr.h>
 #include "yportenv.h"
 
 #define YAFFS_OK	1
@@ -956,6 +957,9 @@ int yaffs_set_xattrib(struct yaffs_obj *obj, const YCHAR *name,
 		      const void *value, int size, int flags);
 int yaffs_get_xattrib(struct yaffs_obj *obj, const YCHAR *name, void *value,
 		      int size);
+
+const struct xattr_handler *yaffs_xprefix_to_handler(const char *name);
+
 int yaffs_list_xattrib(struct yaffs_obj *obj, char *buffer, int size);
 int yaffs_remove_xattrib(struct yaffs_obj *obj, const YCHAR *name);
 
diff --git a/yaffs_nameval.c b/yaffs_nameval.c
index b855365..862be08 100644
--- a/yaffs_nameval.c
+++ b/yaffs_nameval.c
@@ -171,7 +171,8 @@ int nval_get(struct yaffs_dev *dev,
 			return size;
 
 		if (size <= bsize) {
-			memcpy(buf, xb + pos, size);
+			if (buf)
+				memcpy(buf, xb + pos, size);
 			return size;
 		}
 	}
@@ -187,38 +188,40 @@ int nval_list(struct yaffs_dev *dev, const char *xb, int xb_size, char *buf, int
 	s32 size;
 	int name_len;
 	int ncopied = 0;
-	int filled = 0;
+	const struct xattr_handler *handler;
+	int onecopy;
 
 	memcpy(&size, xb + pos, sizeof(size));
 	yaffs_do_endian_s32(dev, &size);
 
 	while (size > (int)(sizeof(size)) &&
 		size <= xb_size &&
-		(pos + size) < xb_size &&
-		!filled) {
+		(pos + size) < xb_size) {
 		pos += sizeof(size);
 		size -= sizeof(size);
-		name_len = strnlen((YCHAR *) (xb + pos), size);
-		if (ncopied + name_len + 1 < bsize) {
-			memcpy(buf, xb + pos, name_len * sizeof(YCHAR));
-			buf += name_len;
-			*buf = '\0';
-			buf++;
-			if (sizeof(YCHAR) > 1) {
-				*buf = '\0';
-				buf++;
+		name_len = strnlen(xb + pos, size);
+
+		handler = yaffs_xprefix_to_handler(xb + pos);
+		if (handler) {
+			onecopy = handler->list(handler, NULL,
+						buf, bsize,
+						xb + pos, name_len);
+			/* check if it is a size query */
+			if (buf) {
+				if (onecopy + ncopied > bsize)
+					return -ERANGE;
+				buf += onecopy;
 			}
-			ncopied += (name_len + 1);
-		} else {
-			filled = 1;
+			ncopied += onecopy;
 		}
+
 		pos += size;
 		if (pos < (int)(xb_size - sizeof(size))) {
 			memcpy(&size, xb + pos, sizeof(size));
 			yaffs_do_endian_s32(dev, &size);
-		}
-		else
+		} else {
 			size = 0;
+		}
 	}
 	return ncopied;
 }
diff --git a/yaffs_security.c b/yaffs_security.c
new file mode 100644
index 0000000..8917d4b
--- /dev/null
+++ b/yaffs_security.c
@@ -0,0 +1,87 @@
+/*
+ * YAFFS: Yet Another Flash File System. A NAND-flash specific file system.
+ *
+ * Copyright (c) Huawei Technologies Co., Ltd. 2019-2020.
+ * Description: add security xattr for yaffs2
+ * Author: wanglei <leisure.wang@huawei.com>,chenjie <chenjie6@huawei.com>
+ * Create: 2019-6-12
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include "yaffs_xattr.h"
+#include <linux/errno.h>
+
+static int yaffs_init_xattrs(struct inode *inode,
+			    const struct xattr *xattr_array, void *dentry)
+{
+	const struct xattr *xattr;
+	int err = 0;
+	struct yaffs_obj *obj = yaffs_security_inode_to_obj(inode);
+
+	for (xattr = xattr_array; xattr->name != NULL; xattr++) {
+		err = yaffs_set_xattrib(obj, xattr->name,
+					xattr->value, xattr->value_len, 0);
+		if (err <= 0)
+			break;
+	}
+	return err;
+}
+
+int yaffs_inode_init_security(struct dentry *dentry, struct inode *inode,
+			struct inode *dir, const struct qstr *qstr)
+{
+	return security_inode_init_security(inode, dir, qstr,
+					    &yaffs_init_xattrs, dentry);
+}
+
+
+/* security xattr handler implementions */
+
+static int yaffs_security_get(const struct xattr_handler *handler,
+			struct dentry *dentry,
+			const char *name,
+			void *buffer, size_t size)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return yaffs_getxattr(dentry, name, buffer, size);
+}
+
+static int yaffs_security_set(const struct xattr_handler *handler,
+			struct dentry *dentry, const char *name,
+			const void *buffer, size_t size, int flags)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return yaffs_setxattr(dentry, name, buffer, size, flags);
+}
+
+/*
+ * If the list is not NULL, put xattr name with prefix in list
+ * and return the length, otherwise just return the length
+ */
+static size_t yaffs_security_list(const struct xattr_handler *handler,
+				struct dentry *dentry,
+				char *list, size_t list_len,
+				const char *name, size_t name_len)
+{
+	size_t total_len = XATTR_SECURITY_PREFIX_LEN + name_len + 1;
+
+	if (list && total_len <= list_len) {
+		memcpy(list, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN);
+		memcpy(list + XATTR_SECURITY_PREFIX_LEN, name, name_len);
+		list[total_len - 1] = '\0';
+	}
+	return total_len;
+}
+
+
+const struct xattr_handler yaffs_security_xattr_handler = {
+	.prefix = XATTR_SECURITY_PREFIX,
+	.get = yaffs_security_get,
+	.set = yaffs_security_set,
+	.list = yaffs_security_list,
+};
diff --git a/yaffs_vfs_multi.c b/yaffs_vfs_multi.c
index 3044db7..73afa6d 100644
--- a/yaffs_vfs_multi.c
+++ b/yaffs_vfs_multi.c
@@ -88,6 +88,7 @@
 #include <linux/interrupt.h>
 #include <linux/string.h>
 #include <linux/ctype.h>
+#include "yaffs_xattr.h"
 
 #if (YAFFS_NEW_FOLLOW_LINK == 1)
 #include <linux/namei.h>
@@ -952,12 +953,56 @@ static int yaffs_setattr(struct dentry *dentry, struct iattr *attr)
 }
 
 #ifdef YAFFS_USE_XATTR
+const struct xattr_handler *yaffs2_xattr_handlers[] = {
+	&yaffs_security_xattr_handler,
+	NULL
+};
+
+/*
+ * Check if the name xattr is supported.
+ * Currently, Only security xattr are supported on yaffs Now!
+ * Because of the restriction of yaffs2 xattr storage structure
+ *       xattr_entry bytes = sizeof(size) + name + value
+ * we consider the xattr name with out dot(.) is security xattr
+*/
+const struct xattr_handler *yaffs_xprefix_to_handler(const char *name)
+{
+	char *dot = strchr(name, '.');
+
+	if (!dot)
+		return &yaffs_security_xattr_handler;
+
+	return NULL;
+}
+
+struct yaffs_obj *yaffs_security_inode_to_obj(struct inode *inode)
+{
+	return yaffs_inode_to_obj(inode);
+}
+
+int yaffs_init_security(struct dentry *dentry, struct inode *inode,
+			struct inode *dir,
+			struct yaffs_obj *obj, struct yaffs_dev *dev)
+{
+	int err = 0;
+
+	yaffs_gross_lock(dev);
+	err = yaffs_inode_init_security(dentry, inode, dir, &dentry->d_name);
+	if (err) {
+		yaffs_del_obj(obj);
+		err = -ENOMEM;
+	}
+	yaffs_gross_unlock(dev);
+
+	return err;
+}
+
 #if (YAFFS_NEW_XATTR > 0)
-static int yaffs_setxattr(struct dentry *dentry, struct inode *inode,
+int yaffs_setxattr(struct dentry *dentry, struct inode *inode,
 		const char *name, const void *value, size_t size, int flags)
 {
 #else
-static int yaffs_setxattr(struct dentry *dentry, const char *name,
+int yaffs_setxattr(struct dentry *dentry, const char *name,
 		   const void *value, size_t size, int flags)
 {
 	struct inode *inode = dentry->d_inode;
@@ -986,11 +1031,11 @@ static int yaffs_setxattr(struct dentry *dentry, const char *name,
 }
 
 #if (YAFFS_NEW_XATTR > 0)
-static ssize_t yaffs_getxattr(struct dentry * dentry, struct inode *inode,
-	const char *name, void *buff, size_t size)
+ssize_t yaffs_getxattr(struct dentry *dentry, struct inode *inode,
+			const char *name, void *buff, size_t size)
 {
 #else
-static ssize_t yaffs_getxattr(struct dentry * dentry, const char *name,
+ssize_t yaffs_getxattr(struct dentry *dentry, const char *name,
 			void *buff, size_t size)
 {
 	struct inode *inode = dentry->d_inode;
@@ -1042,40 +1087,38 @@ static int yaffs_removexattr(struct dentry *dentry, const char *name)
 
 	return error;
 }
-#endif
 
-static ssize_t yaffs_listxattr(struct dentry * dentry, char *buff, size_t size)
+static ssize_t yaffs_listxattr(struct dentry *dentry, char *buff, size_t size)
 {
 	struct inode *inode = dentry->d_inode;
-	int error = 0;
+	int error;
 	struct yaffs_dev *dev;
 	struct yaffs_obj *obj = yaffs_inode_to_obj(inode);
 
 	yaffs_trace(YAFFS_TRACE_OS,
 		"yaffs_listxattr of object %d", obj->obj_id);
 
-	if (error == 0) {
-		dev = obj->my_dev;
-		yaffs_gross_lock(dev);
-		error = yaffs_list_xattrib(obj, buff, size);
-		yaffs_gross_unlock(dev);
+	dev = obj->my_dev;
+	yaffs_gross_lock(dev);
+	error = yaffs_list_xattrib(obj, buff, size);
+	yaffs_gross_unlock(dev);
 
-	}
 	yaffs_trace(YAFFS_TRACE_OS,
 		"yaffs_listxattr done returning %d", error);
 
 	return error;
 }
 
+#endif /* YAFFS_USE_XATTR */
 
 static const struct inode_operations yaffs_file_inode_operations = {
 	.setattr = yaffs_setattr,
 #ifdef YAFFS_USE_XATTR
-	.setxattr = yaffs_setxattr,
-	.getxattr = yaffs_getxattr,
-	.removexattr = yaffs_removexattr,
-#endif
+	.setxattr = generic_setxattr,
+	.getxattr = generic_getxattr,
+	.removexattr = generic_removexattr,
 	.listxattr = yaffs_listxattr,
+#endif
 };
 
 
@@ -1200,11 +1243,11 @@ static const struct inode_operations yaffs_symlink_inode_operations = {
 #endif
 	.setattr = yaffs_setattr,
 #ifdef YAFFS_USE_XATTR
-	.setxattr = yaffs_setxattr,
-	.getxattr = yaffs_getxattr,
-	.removexattr = yaffs_removexattr,
-#endif
+	.setxattr = generic_setxattr,
+	.getxattr = generic_getxattr,
+	.removexattr = generic_removexattr,
 	.listxattr = yaffs_listxattr,
+#endif
 };
 
 #ifdef YAFFS_USE_OWN_IGET
@@ -1407,6 +1450,15 @@ static int yaffs_mknod(struct inode *dir, struct dentry *dentry, int mode,
 
 	if (obj) {
 		inode = yaffs_get_inode(dir->i_sb, mode, rdev, obj);
+
+#ifdef YAFFS_USE_XATTR
+		yaffs_trace(YAFFS_TRACE_OS, "yaffs_mknod: init security");
+		if (yaffs_init_security(dentry, inode, dir, obj, dev) < 0) {
+			yaffs_trace(YAFFS_TRACE_OS,
+				"yaffs_mknod: init inode security failed");
+			return -ENOMEM;
+		}
+#endif
 		d_instantiate(dentry, inode);
 		update_dir_time(dir);
 		yaffs_trace(YAFFS_TRACE_OS,
@@ -1570,6 +1622,15 @@ static int yaffs_symlink(struct inode *dir, struct dentry *dentry,
 		struct inode *inode;
 
 		inode = yaffs_get_inode(dir->i_sb, obj->yst_mode, 0, obj);
+
+#ifdef YAFFS_USE_XATTR
+		yaffs_trace(YAFFS_TRACE_OS, "yaffs_symlink: init security");
+		if (yaffs_init_security(dentry, inode, dir, obj, dev) < 0) {
+			yaffs_trace(YAFFS_TRACE_OS,
+				"yaffs_symlink: init inode security failed");
+			return -ENOMEM;
+		}
+#endif
 		d_instantiate(dentry, inode);
 		update_dir_time(dir);
 		yaffs_trace(YAFFS_TRACE_OS, "symlink created OK");
@@ -1684,11 +1745,11 @@ static const struct inode_operations yaffs_dir_inode_operations = {
 	.mknod = yaffs_mknod,
 	.rename = yaffs_rename,
 	.setattr = yaffs_setattr,
-	.listxattr = yaffs_listxattr,
 #ifdef YAFFS_USE_XATTR
-	.setxattr = yaffs_setxattr,
-	.getxattr = yaffs_getxattr,
-	.removexattr = yaffs_removexattr,
+	.setxattr = generic_setxattr,
+	.getxattr = generic_getxattr,
+	.removexattr = generic_removexattr,
+	.listxattr = yaffs_listxattr,
 #endif
 };
 
@@ -3025,6 +3086,12 @@ static struct super_block *yaffs_internal_read_super(int yaffs_version,
 
 	dev->read_only = read_only;
 
+#ifdef YAFFS_USE_XATTR
+	yaffs_trace(YAFFS_TRACE_ALWAYS,
+		"yaffs_read_super: set s_xattr handlers for security xattr.");
+	sb->s_xattr = yaffs2_xattr_handlers;
+#endif
+
 #if (LINUX_VERSION_CODE > KERNEL_VERSION(2, 5, 0))
 	sb->s_fs_info = dev;
 #else
diff --git a/yaffs_xattr.h b/yaffs_xattr.h
new file mode 100644
index 0000000..40dde54
--- /dev/null
+++ b/yaffs_xattr.h
@@ -0,0 +1,40 @@
+/*
+ * YAFFS: Yet Another Flash File System. A NAND-flash specific file system.
+ *
+ * Copyright (c) Huawei Technologies Co., Ltd. 2019-2020.
+ * Description: head of namespace xattr
+ * Author: wanglei <leisure.wang@huawei.com>,chenjie <chenjie6@huawei.com>
+ * Create: 2019-6-12
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * Note: Only YAFFS headers are LGPL, YAFFS C code is covered by GPL.
+ */
+
+#ifndef __YAFFS_XATTR_H__
+#define __YAFFS_XATTR_H__
+
+#include <linux/fs.h>
+#include <linux/xattr.h>
+#include <linux/mtd/mtd.h>
+#include <linux/security.h>
+#include "yaffs_guts.h"
+
+
+struct yaffs_obj *yaffs_security_inode_to_obj(struct inode *inode);
+
+ssize_t yaffs_getxattr(struct dentry *dentry, const char *name,
+			void *buff, size_t size);
+
+int yaffs_setxattr(struct dentry *dentry, const char *name,
+		const void *value, size_t size, int flags);
+
+int yaffs_inode_init_security(struct dentry *dentry, struct inode *inode,
+			struct inode *dir, const struct qstr *qstr);
+
+extern const struct xattr_handler yaffs_security_xattr_handler;
+
+#endif /* __YAFFS_XATTR_H__ */
+
-- 
2.26.2.windows.1