From f2b20f6ee842313a0d681dbbf7f87b70291a6a3b Mon Sep 17 00:00:00 2001 From: Miklos Szeredi Date: Fri, 16 Sep 2016 12:44:20 +0200 Subject: vfs: move permission checking into notify_change() for utimes(NULL) This fixes a bug where the permission was not properly checked in overlayfs. The testcase is ltp/utimensat01. It is also cleaner and safer to do the permission checking in the vfs helper instead of the caller. This patch introduces an additional ia_valid flag ATTR_TOUCH (since touch(1) is the most obvious user of utimes(NULL)) that is passed into notify_change whenever the conditions for this special permission checking mode are met. Reported-by: Aihua Zhang Signed-off-by: Miklos Szeredi Tested-by: Aihua Zhang Cc: # v3.18+ --- include/linux/fs.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/fs.h b/include/linux/fs.h index 901e25d495cc..7c391366fb43 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -224,6 +224,7 @@ typedef int (dio_iodone_t)(struct kiocb *iocb, loff_t offset, #define ATTR_KILL_PRIV (1 << 14) #define ATTR_OPEN (1 << 15) /* Truncating from open(O_TRUNC) */ #define ATTR_TIMES_SET (1 << 16) +#define ATTR_TOUCH (1 << 17) /* * Whiteout is represented by a char device. The following constants define the -- cgit v1.2.3 From 598e3c8f72f5b77c84d2cb26cfd936ffb3cfdbaa Mon Sep 17 00:00:00 2001 From: Miklos Szeredi Date: Fri, 16 Sep 2016 12:44:20 +0200 Subject: vfs: update ovl inode before relatime check On overlayfs relatime_need_update() needs inode times to be correct on overlay inode. But i_mtime and i_ctime are updated by filesystem code on underlying inode only, so they will be out-of-date on the overlay inode. This patch copies the times from the underlying inode if needed. This can't be done if called from RCU lookup (link following) but link m/ctime are not updated by fs, so this is all right. This patch doesn't change functionality for anything but overlayfs. Signed-off-by: Miklos Szeredi --- include/linux/fs.h | 1 - 1 file changed, 1 deletion(-) (limited to 'include/linux') diff --git a/include/linux/fs.h b/include/linux/fs.h index 7c391366fb43..7db097d673a8 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2007,7 +2007,6 @@ enum file_time_flags { S_VERSION = 8, }; -extern bool atime_needs_update(const struct path *, struct inode *); extern void touch_atime(const struct path *); static inline void file_accessed(struct file *file) { -- cgit v1.2.3 From f3fbbb079263bd29ae592478de6808db7e708267 Mon Sep 17 00:00:00 2001 From: Aihua Zhang Date: Thu, 7 Jul 2016 15:37:53 +0800 Subject: fsnotify: support overlayfs When an event occurs direct it to the overlay inode instead of the real underlying inode. This will work even if the file was first on the lower layer and then copied up, while the watch is there. This is because the watch is on the overlay inode, which stays the same through the copy-up. For filesystems other than overlayfs this is a no-op, except for the performance impact of an extra pointer dereferece. Verified to work correctly with the inotify/fanotify tests in LTP. Signed-off-by: Aihua Zhang Signed-off-by: Miklos Szeredi Cc: Jan Kara Cc: Eric Paris --- include/linux/fsnotify.h | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h index eed9e853a06f..b8bcc058e031 100644 --- a/include/linux/fsnotify.h +++ b/include/linux/fsnotify.h @@ -29,7 +29,11 @@ static inline int fsnotify_parent(struct path *path, struct dentry *dentry, __u3 static inline int fsnotify_perm(struct file *file, int mask) { struct path *path = &file->f_path; - struct inode *inode = file_inode(file); + /* + * Do not use file_inode() here or anywhere in this file to get the + * inode. That would break *notity on overlayfs. + */ + struct inode *inode = path->dentry->d_inode; __u32 fsnotify_mask = 0; int ret; @@ -173,7 +177,7 @@ static inline void fsnotify_mkdir(struct inode *inode, struct dentry *dentry) static inline void fsnotify_access(struct file *file) { struct path *path = &file->f_path; - struct inode *inode = file_inode(file); + struct inode *inode = path->dentry->d_inode; __u32 mask = FS_ACCESS; if (S_ISDIR(inode->i_mode)) @@ -191,7 +195,7 @@ static inline void fsnotify_access(struct file *file) static inline void fsnotify_modify(struct file *file) { struct path *path = &file->f_path; - struct inode *inode = file_inode(file); + struct inode *inode = path->dentry->d_inode; __u32 mask = FS_MODIFY; if (S_ISDIR(inode->i_mode)) @@ -209,7 +213,7 @@ static inline void fsnotify_modify(struct file *file) static inline void fsnotify_open(struct file *file) { struct path *path = &file->f_path; - struct inode *inode = file_inode(file); + struct inode *inode = path->dentry->d_inode; __u32 mask = FS_OPEN; if (S_ISDIR(inode->i_mode)) @@ -225,7 +229,7 @@ static inline void fsnotify_open(struct file *file) static inline void fsnotify_close(struct file *file) { struct path *path = &file->f_path; - struct inode *inode = file_inode(file); + struct inode *inode = path->dentry->d_inode; fmode_t mode = file->f_mode; __u32 mask = (mode & FMODE_WRITE) ? FS_CLOSE_WRITE : FS_CLOSE_NOWRITE; -- cgit v1.2.3 From c568d68341be7030f5647def68851e469b21ca11 Mon Sep 17 00:00:00 2001 From: Miklos Szeredi Date: Fri, 16 Sep 2016 12:44:20 +0200 Subject: locks: fix file locking on overlayfs This patch allows flock, posix locks, ofd locks and leases to work correctly on overlayfs. Instead of using the underlying inode for storing lock context use the overlay inode. This allows locks to be persistent across copy-up. This is done by introducing locks_inode() helper and using it instead of file_inode() to get the inode in locking code. For non-overlayfs the two are equivalent, except for an extra pointer dereference in locks_inode(). Since lock operations are in "struct file_operations" we must also make sure not to call underlying filesystem's lock operations. Introcude a super block flag MS_NOREMOTELOCK to this effect. Signed-off-by: Miklos Szeredi Acked-by: Jeff Layton Cc: "J. Bruce Fields" --- include/linux/fs.h | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fs.h b/include/linux/fs.h index 7db097d673a8..8ee0f011547f 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1065,6 +1065,18 @@ struct file_lock_context { extern void send_sigio(struct fown_struct *fown, int fd, int band); +/* + * Return the inode to use for locking + * + * For overlayfs this should be the overlay inode, not the real inode returned + * by file_inode(). For any other fs file_inode(filp) and locks_inode(filp) are + * equal. + */ +static inline struct inode *locks_inode(const struct file *f) +{ + return f->f_path.dentry->d_inode; +} + #ifdef CONFIG_FILE_LOCKING extern int fcntl_getlk(struct file *, unsigned int, struct flock __user *); extern int fcntl_setlk(unsigned int, struct file *, unsigned int, @@ -1252,7 +1264,7 @@ static inline struct dentry *file_dentry(const struct file *file) static inline int locks_lock_file_wait(struct file *filp, struct file_lock *fl) { - return locks_lock_inode_wait(file_inode(filp), fl); + return locks_lock_inode_wait(locks_inode(filp), fl); } struct fasync_struct { @@ -2155,7 +2167,7 @@ static inline int mandatory_lock(struct inode *ino) static inline int locks_verify_locked(struct file *file) { - if (mandatory_lock(file_inode(file))) + if (mandatory_lock(locks_inode(file))) return locks_mandatory_locked(file); return 0; } -- cgit v1.2.3 From 7b1742eb06ead6d02a6cf3c44587088e5392d1aa Mon Sep 17 00:00:00 2001 From: Miklos Szeredi Date: Fri, 16 Sep 2016 12:44:20 +0200 Subject: vfs: make argument of d_real_inode() const d_op->d_real() leaves the dentry alone except if the third argument is non-zero. Unfortunately very difficult to explain to the compiler without a cast. Signed-off-by: Miklos Szeredi Acked-by: Jeff Layton --- include/linux/dcache.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'include/linux') diff --git a/include/linux/dcache.h b/include/linux/dcache.h index 5ff3e9a4fe5f..5beed7b30561 100644 --- a/include/linux/dcache.h +++ b/include/linux/dcache.h @@ -584,9 +584,10 @@ static inline struct dentry *d_real(struct dentry *dentry, * If dentry is on an union/overlay, then return the underlying, real inode. * Otherwise return d_inode(). */ -static inline struct inode *d_real_inode(struct dentry *dentry) +static inline struct inode *d_real_inode(const struct dentry *dentry) { - return d_backing_inode(d_real(dentry, NULL, 0)); + /* This usage of d_real() results in const dentry */ + return d_backing_inode(d_real((struct dentry *) dentry, NULL, 0)); } -- cgit v1.2.3 From 073931017b49d9458aa351605b43a7e34598caef Mon Sep 17 00:00:00 2001 From: Jan Kara Date: Mon, 19 Sep 2016 17:39:09 +0200 Subject: posix_acl: Clear SGID bit when setting file permissions When file permissions are modified via chmod(2) and the user is not in the owning group or capable of CAP_FSETID, the setgid bit is cleared in inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way; this allows to bypass the check in chmod(2). Fix that. References: CVE-2016-7097 Reviewed-by: Christoph Hellwig Reviewed-by: Jeff Layton Signed-off-by: Jan Kara Signed-off-by: Andreas Gruenbacher --- include/linux/posix_acl.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index d5d3d741f028..bf1046d0397b 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -93,6 +93,7 @@ extern int set_posix_acl(struct inode *, int, struct posix_acl *); extern int posix_acl_chmod(struct inode *, umode_t); extern int posix_acl_create(struct inode *, umode_t *, struct posix_acl **, struct posix_acl **); +extern int posix_acl_update_mode(struct inode *, umode_t *, struct posix_acl **); extern int simple_set_acl(struct inode *, struct posix_acl *, int); extern int simple_acl_create(struct inode *, struct inode *); -- cgit v1.2.3 From 31051c85b5e2aaaf6315f74c72a732673632a905 Mon Sep 17 00:00:00 2001 From: Jan Kara Date: Thu, 26 May 2016 16:55:18 +0200 Subject: fs: Give dentry to inode_change_ok() instead of inode inode_change_ok() will be resposible for clearing capabilities and IMA extended attributes and as such will need dentry. Give it as an argument to inode_change_ok() instead of an inode. Also rename inode_change_ok() to setattr_prepare() to better relect that it does also some modifications in addition to checks. Reviewed-by: Christoph Hellwig Signed-off-by: Jan Kara --- include/linux/fs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/linux') diff --git a/include/linux/fs.h b/include/linux/fs.h index 3523bf62f328..943a21cbb469 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -2994,7 +2994,7 @@ extern int buffer_migrate_page(struct address_space *, #define buffer_migrate_page NULL #endif -extern int inode_change_ok(const struct inode *, struct iattr *); +extern int setattr_prepare(struct dentry *, struct iattr *); extern int inode_newsize_ok(const struct inode *, loff_t offset); extern void setattr_copy(struct inode *inode, const struct iattr *attr); -- cgit v1.2.3 From 4bce9f6ee8f84fdf333d0fd7fcf7f0d8c7cce7fa Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 17 Sep 2016 18:02:44 -0400 Subject: get rid of separate multipage fault-in primitives * the only remaining callers of "short" fault-ins are just as happy with generic variants (both in lib/iov_iter.c); switch them to multipage variants, kill the "short" ones * rename the multipage variants to now available plain ones. * get rid of compat macro defining iov_iter_fault_in_multipage_readable by expanding it in its only user. Signed-off-by: Al Viro --- include/linux/pagemap.h | 54 ++----------------------------------------------- include/linux/uio.h | 1 - 2 files changed, 2 insertions(+), 53 deletions(-) (limited to 'include/linux') diff --git a/include/linux/pagemap.h b/include/linux/pagemap.h index 01e84436cddf..cb2e1d06d2e9 100644 --- a/include/linux/pagemap.h +++ b/include/linux/pagemap.h @@ -518,58 +518,9 @@ void page_endio(struct page *page, bool is_write, int err); extern void add_page_wait_queue(struct page *page, wait_queue_t *waiter); /* - * Fault one or two userspace pages into pagetables. - * Return -EINVAL if more than two pages would be needed. - * Return non-zero on a fault. + * Fault everything in given userspace address range in. */ static inline int fault_in_pages_writeable(char __user *uaddr, int size) -{ - int span, ret; - - if (unlikely(size == 0)) - return 0; - - span = offset_in_page(uaddr) + size; - if (span > 2 * PAGE_SIZE) - return -EINVAL; - /* - * Writing zeroes into userspace here is OK, because we know that if - * the zero gets there, we'll be overwriting it. - */ - ret = __put_user(0, uaddr); - if (ret == 0 && span > PAGE_SIZE) - ret = __put_user(0, uaddr + size - 1); - return ret; -} - -static inline int fault_in_pages_readable(const char __user *uaddr, int size) -{ - volatile char c; - int ret; - - if (unlikely(size == 0)) - return 0; - - ret = __get_user(c, uaddr); - if (ret == 0) { - const char __user *end = uaddr + size - 1; - - if (((unsigned long)uaddr & PAGE_MASK) != - ((unsigned long)end & PAGE_MASK)) { - ret = __get_user(c, end); - (void)c; - } - } - return ret; -} - -/* - * Multipage variants of the above prefault helpers, useful if more than - * PAGE_SIZE of data needs to be prefaulted. These are separate from the above - * functions (which only handle up to PAGE_SIZE) to avoid clobbering the - * filemap.c hotpaths. - */ -static inline int fault_in_multipages_writeable(char __user *uaddr, int size) { char __user *end = uaddr + size - 1; @@ -596,8 +547,7 @@ static inline int fault_in_multipages_writeable(char __user *uaddr, int size) return 0; } -static inline int fault_in_multipages_readable(const char __user *uaddr, - int size) +static inline int fault_in_pages_readable(const char __user *uaddr, int size) { volatile char c; const char __user *end = uaddr + size - 1; diff --git a/include/linux/uio.h b/include/linux/uio.h index 75b4aaf31a9d..7709f8d4a9cb 100644 --- a/include/linux/uio.h +++ b/include/linux/uio.h @@ -76,7 +76,6 @@ size_t iov_iter_copy_from_user_atomic(struct page *page, struct iov_iter *i, unsigned long offset, size_t bytes); void iov_iter_advance(struct iov_iter *i, size_t bytes); int iov_iter_fault_in_readable(struct iov_iter *i, size_t bytes); -#define iov_iter_fault_in_multipages_readable iov_iter_fault_in_readable size_t iov_iter_single_seg_count(const struct iov_iter *i); size_t copy_page_to_iter(struct page *page, size_t offset, size_t bytes, struct iov_iter *i); -- cgit v1.2.3 From 9b80a184eaadc117f27faad522008f31d571621b Mon Sep 17 00:00:00 2001 From: Alexey Dobriyan Date: Fri, 2 Sep 2016 00:38:52 +0300 Subject: fs/file: more unsigned file descriptors Propagate unsignedness for grand total of 149 bytes: $ ./scripts/bloat-o-meter ../vmlinux-000 ../obj/vmlinux add/remove: 0/0 grow/shrink: 0/10 up/down: 0/-149 (-149) function old new delta set_close_on_exec 99 98 -1 put_files_struct 201 200 -1 get_close_on_exec 59 58 -1 do_prlimit 498 497 -1 do_execveat_common.isra 1662 1661 -1 __close_fd 178 173 -5 do_dup2 219 204 -15 seq_show 685 660 -25 __alloc_fd 384 357 -27 dup_fd 718 646 -72 It mostly comes from converting "unsigned int" to "long" for bit operations. Signed-off-by: Alexey Dobriyan Signed-off-by: Al Viro --- include/linux/fdtable.h | 6 +++--- include/linux/fs.h | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'include/linux') diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h index 5295535b60c6..aca2a6a1d035 100644 --- a/include/linux/fdtable.h +++ b/include/linux/fdtable.h @@ -30,12 +30,12 @@ struct fdtable { struct rcu_head rcu; }; -static inline bool close_on_exec(int fd, const struct fdtable *fdt) +static inline bool close_on_exec(unsigned int fd, const struct fdtable *fdt) { return test_bit(fd, fdt->close_on_exec); } -static inline bool fd_is_open(int fd, const struct fdtable *fdt) +static inline bool fd_is_open(unsigned int fd, const struct fdtable *fdt) { return test_bit(fd, fdt->open_fds); } @@ -57,7 +57,7 @@ struct files_struct { * written part on a separate cache line in SMP */ spinlock_t file_lock ____cacheline_aligned_in_smp; - int next_fd; + unsigned int next_fd; unsigned long close_on_exec_init[1]; unsigned long open_fds_init[1]; unsigned long full_fds_bits_init[1]; diff --git a/include/linux/fs.h b/include/linux/fs.h index 901e25d495cc..2f6f059d739c 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -63,7 +63,7 @@ extern void __init files_maxfiles_init(void); extern struct files_stat_struct files_stat; extern unsigned long get_max_files(void); -extern int sysctl_nr_open; +extern unsigned int sysctl_nr_open; extern struct inodes_stat_t inodes_stat; extern int leases_enable, lease_break_time; extern int sysctl_protected_symlinks; -- cgit v1.2.3 From 9dcfcda5768eda793e15a1a73da38cfd1fc1a47a Mon Sep 17 00:00:00 2001 From: Arnd Bergmann Date: Wed, 21 Sep 2016 09:45:24 +1000 Subject: compat: remove compat_printk() After 7e8e385aaf6e ("x86/compat: Remove sys32_vm86_warning"), this function has become unused, so we can remove it as well. Link: http://lkml.kernel.org/r/20160617142903.3070388-1-arnd@arndb.de Signed-off-by: Arnd Bergmann Cc: Alexander Viro Cc: "Theodore Ts'o" Cc: Arnaldo Carvalho de Melo Signed-off-by: Andrew Morton --- include/linux/compat.h | 1 - 1 file changed, 1 deletion(-) (limited to 'include/linux') diff --git a/include/linux/compat.h b/include/linux/compat.h index f964ef79e0ad..63609398ef9f 100644 --- a/include/linux/compat.h +++ b/include/linux/compat.h @@ -432,7 +432,6 @@ asmlinkage long compat_sys_settimeofday(struct compat_timeval __user *tv, asmlinkage long compat_sys_adjtimex(struct compat_timex __user *utp); -extern __printf(1, 2) int compat_printk(const char *fmt, ...); extern void sigset_from_compat(sigset_t *set, const compat_sigset_t *compat); extern void sigset_to_compat(compat_sigset_t *compat, const sigset_t *set); -- cgit v1.2.3 From 2211d5ba5c6c4e972ba6dbc912b2897425ea6621 Mon Sep 17 00:00:00 2001 From: Andreas Gruenbacher Date: Tue, 27 Sep 2016 13:03:22 +0200 Subject: posix_acl: xattr representation cleanups Remove the unnecessary typedefs and the zero-length a_entries array in struct posix_acl_xattr_header. Signed-off-by: Andreas Gruenbacher Signed-off-by: Al Viro --- include/linux/posix_acl_xattr.h | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'include/linux') diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h index e5e8ec40278d..d23d36842322 100644 --- a/include/linux/posix_acl_xattr.h +++ b/include/linux/posix_acl_xattr.h @@ -18,34 +18,33 @@ /* An undefined entry e_id value */ #define ACL_UNDEFINED_ID (-1) -typedef struct { +struct posix_acl_xattr_entry { __le16 e_tag; __le16 e_perm; __le32 e_id; -} posix_acl_xattr_entry; +}; -typedef struct { +struct posix_acl_xattr_header { __le32 a_version; - posix_acl_xattr_entry a_entries[0]; -} posix_acl_xattr_header; +}; static inline size_t posix_acl_xattr_size(int count) { - return (sizeof(posix_acl_xattr_header) + - (count * sizeof(posix_acl_xattr_entry))); + return (sizeof(struct posix_acl_xattr_header) + + (count * sizeof(struct posix_acl_xattr_entry))); } static inline int posix_acl_xattr_count(size_t size) { - if (size < sizeof(posix_acl_xattr_header)) + if (size < sizeof(struct posix_acl_xattr_header)) return -1; - size -= sizeof(posix_acl_xattr_header); - if (size % sizeof(posix_acl_xattr_entry)) + size -= sizeof(struct posix_acl_xattr_header); + if (size % sizeof(struct posix_acl_xattr_entry)) return -1; - return size / sizeof(posix_acl_xattr_entry); + return size / sizeof(struct posix_acl_xattr_entry); } #ifdef CONFIG_FS_POSIX_ACL -- cgit v1.2.3 From bc8bcf3b150a29cd8d3f17a1aeb19a804ea683fa Mon Sep 17 00:00:00 2001 From: Andreas Gruenbacher Date: Tue, 27 Sep 2016 13:03:23 +0200 Subject: posix_acl: uapi header split Export the base definitions and the xattr representation of POSIX ACLs to user space. Signed-off-by: Andreas Gruenbacher Signed-off-by: Al Viro --- include/linux/posix_acl.h | 22 +--------------------- include/linux/posix_acl_xattr.h | 18 +----------------- 2 files changed, 2 insertions(+), 38 deletions(-) (limited to 'include/linux') diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index d5d3d741f028..5433eea8e97c 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -11,27 +11,7 @@ #include #include #include - -#define ACL_UNDEFINED_ID (-1) - -/* a_type field in acl_user_posix_entry_t */ -#define ACL_TYPE_ACCESS (0x8000) -#define ACL_TYPE_DEFAULT (0x4000) - -/* e_tag entry in struct posix_acl_entry */ -#define ACL_USER_OBJ (0x01) -#define ACL_USER (0x02) -#define ACL_GROUP_OBJ (0x04) -#define ACL_GROUP (0x08) -#define ACL_MASK (0x10) -#define ACL_OTHER (0x20) - -/* permissions in the e_perm field */ -#define ACL_READ (0x04) -#define ACL_WRITE (0x02) -#define ACL_EXECUTE (0x01) -//#define ACL_ADD (0x08) -//#define ACL_DELETE (0x10) +#include struct posix_acl_entry { short e_tag; diff --git a/include/linux/posix_acl_xattr.h b/include/linux/posix_acl_xattr.h index d23d36842322..8b867e3bf3aa 100644 --- a/include/linux/posix_acl_xattr.h +++ b/include/linux/posix_acl_xattr.h @@ -10,25 +10,9 @@ #define _POSIX_ACL_XATTR_H #include +#include #include -/* Supported ACL a_version fields */ -#define POSIX_ACL_XATTR_VERSION 0x0002 - -/* An undefined entry e_id value */ -#define ACL_UNDEFINED_ID (-1) - -struct posix_acl_xattr_entry { - __le16 e_tag; - __le16 e_perm; - __le32 e_id; -}; - -struct posix_acl_xattr_header { - __le32 a_version; -}; - - static inline size_t posix_acl_xattr_size(int count) { -- cgit v1.2.3