Follow-ups for xattr-util (#36335)

src/basic/xattr-util.c

@@ -90,14 +90,13 @@ static int getxattr_pinned_internal(
 
         assert(!path || !isempty(path));
         assert((fd >= 0) == !path);
-        assert((at_flags & ~(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH)) == 0);
         assert(path || FLAGS_SET(at_flags, AT_EMPTY_PATH));
         assert(name);
         assert(buf || size == 0);
 
         if (path)
-                n = FLAGS_SET(at_flags, AT_SYMLINK_NOFOLLOW) ? lgetxattr(path, name, buf, size)
-                                                             : getxattr(path, name, buf, size);
+                n = FLAGS_SET(at_flags, AT_SYMLINK_FOLLOW) ? getxattr(path, name, buf, size)
+                                                           : lgetxattr(path, name, buf, size);
         else
                 n = by_procfs ? getxattr(FORMAT_PROC_FD_PATH(fd), name, buf, size)
                               : fgetxattr(fd, name, buf, size);
@@ -141,8 +140,6 @@ int getxattr_at_malloc(
         if (r < 0)
                 return r;
 
-        at_flags = at_flags_normalize_nofollow(at_flags);
-
         size_t l = 100;
         for (unsigned n_attempts = 7;;) {
                 _cleanup_free_ char *v = NULL;
@@ -200,13 +197,12 @@ static int listxattr_pinned_internal(
 
         assert(!path || !isempty(path));
         assert((fd >= 0) == !path);
-        assert((at_flags & ~(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH)) == 0);
         assert(path || FLAGS_SET(at_flags, AT_EMPTY_PATH));
         assert(buf || size == 0);
 
         if (path)
-                n = FLAGS_SET(at_flags, AT_SYMLINK_NOFOLLOW) ? llistxattr(path, buf, size)
-                                                             : listxattr(path, buf, size);
+                n = FLAGS_SET(at_flags, AT_SYMLINK_FOLLOW) ? listxattr(path, buf, size)
+                                                           : llistxattr(path, buf, size);
         else
                 n = by_procfs ? listxattr(FORMAT_PROC_FD_PATH(fd), buf, size)
                               : flistxattr(fd, buf, size);
@@ -236,8 +232,6 @@ int listxattr_at_malloc(int fd, const char *path, int at_flags, char **ret) {
         if (r < 0)
                 return r;
 
-        at_flags = at_flags_normalize_nofollow(at_flags);
-
         size_t l = 100;
         for (unsigned n_attempts = 7;;) {
                 _cleanup_free_ char *v = NULL;

src/test/test-xattr-util.c

@@ -7,12 +7,13 @@
 #include <unistd.h>
 
 #include "alloc-util.h"
-#include "capability-util.h"
 #include "fd-util.h"
 #include "fs-util.h"
 #include "macro.h"
+#include "nulstr-util.h"
 #include "rm-rf.h"
 #include "string-util.h"
+#include "strv.h"
 #include "tests.h"
 #include "tmpfile-util.h"
 #include "xattr-util.h"
@@ -89,13 +90,21 @@ static void verify_xattr(int dfd, const char *expected) {
 
 static void xattr_symlink_test_one(int fd, const char *path) {
         _cleanup_free_ char *value = NULL, *list = NULL;
+        _cleanup_strv_free_ char **list_split = NULL;
+        int r;
+
+        ASSERT_ERROR(xsetxattr_full(fd, path, 0, "trusted.bar", "bogus", SIZE_MAX, XATTR_CREATE), EEXIST);
 
         ASSERT_OK(xsetxattr(fd, path, 0, "trusted.test", "schaffen"));
         ASSERT_OK_EQ(getxattr_at_malloc(fd, path, "trusted.test", 0, &value), (int) STRLEN("schaffen"));
         ASSERT_STREQ(value, "schaffen");
 
-        ASSERT_OK_EQ(listxattr_at_malloc(fd, path, 0, &list), (int) sizeof("trusted.test"));
-        ASSERT_STREQ(list, "trusted.test");
+        r = listxattr_at_malloc(fd, path, 0, &list);
+        ASSERT_OK(r);
+        ASSERT_GE(r, (int) sizeof("trusted.test\0trusted.bar"));
+        ASSERT_NOT_NULL(list_split = strv_parse_nulstr(list, r));
+        ASSERT_TRUE(strv_contains(list_split, "trusted.bar"));
+        ASSERT_TRUE(strv_contains(list_split, "trusted.test"));
 
         ASSERT_OK(xremovexattr(fd, path, 0, "trusted.test"));
         ASSERT_ERROR(getxattr_at_malloc(fd, path, "trusted.test", 0, &value), ENODATA);
@@ -150,19 +159,22 @@ TEST(xsetxattr) {
         fd = safe_close(fd);
 
         /* user.* xattrs are not supported on symlinks. Use trusted.* which requires privilege. */
-        if (have_effective_cap(CAP_SYS_ADMIN) > 0) {
-                ASSERT_OK_ERRNO(symlinkat("empty", dfd, "symlink"));
-                ASSERT_OK_ERRNO(fd = openat(dfd, "symlink", O_NOFOLLOW|O_PATH|O_CLOEXEC));
+        ASSERT_OK_ERRNO(symlinkat("empty", dfd, "symlink"));
+        ASSERT_OK_ERRNO(fd = openat(dfd, "symlink", O_NOFOLLOW|O_PATH|O_CLOEXEC));
 
-                ASSERT_ERROR(xsetxattr(dfd, "symlink", AT_SYMLINK_FOLLOW, "trusted.test", "bogus"), ENOENT);
+        ASSERT_ERROR(xsetxattr(dfd, "symlink", AT_SYMLINK_FOLLOW, "trusted.test", "bogus"), ENOENT);
 
-                xattr_symlink_test_one(dfd, "symlink");
-                xattr_symlink_test_one(fd, NULL);
-                xattr_symlink_test_one(fd, "");
+        r = xsetxattr_full(dfd, "symlink", 0, "trusted.bar", "baz", SIZE_MAX, XATTR_CREATE);
+        if (ERRNO_IS_NEG_PRIVILEGE(r))
+                return (void) log_tests_skipped_errno(r, "Unable to set trusted.* xattr");
+        ASSERT_OK(r);
 
-                x = strjoina(t, "/symlink");
-                xattr_symlink_test_one(AT_FDCWD, x);
-        }
+        xattr_symlink_test_one(dfd, "symlink");
+        xattr_symlink_test_one(fd, NULL);
+        xattr_symlink_test_one(fd, "");
+
+        x = strjoina(t, "/symlink");
+        xattr_symlink_test_one(AT_FDCWD, x);
 }
 
 DEFINE_TEST_MAIN(LOG_DEBUG);