1 files changed, 22 insertions, 17 deletions

diff --git a/internal/fusefrontend/node_xattr.go b/internal/fusefrontend/node_xattr.go
index 44bc502..1470a2a 100644
--- a/internal/fusefrontend/node_xattr.go
+++ b/internal/fusefrontend/node_xattr.go
@@ -12,9 +12,6 @@ import (
 	"github.com/rfjakob/gocryptfs/v2/internal/tlog"
 )
 
-// -1 as uint32
-const minus1 = ^uint32(0)
-
 // We store encrypted xattrs under this prefix plus the base64-encoded
 // encrypted original name.
 var xattrStorePrefix = "user.gocryptfs."
@@ -35,6 +32,10 @@ func isAcl(attr string) bool {
 // This function is symlink-safe through Fgetxattr.
 func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32, syscall.Errno) {
 	rn := n.rootNode()
+	// If -noxattr is enabled, return ENOATTR for all getxattr calls
+	if rn.args.NoXattr {
+		return 0, noSuchAttributeError
+	}
 	// If we are not mounted with -suid, reading the capability xattr does not
 	// make a lot of sense, so reject the request and gain a massive speedup.
 	// See https://github.com/rfjakob/gocryptfs/issues/515 .
@@ -50,13 +51,13 @@ func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32,
 		var errno syscall.Errno
 		data, errno = n.getXAttr(attr)
 		if errno != 0 {
-			return minus1, errno
+			return 0, errno
 		}
 	} else {
 		// encrypted user xattr
 		cAttr, err := rn.encryptXattrName(attr)
 		if err != nil {
-			return minus1, syscall.EIO
+			return 0, syscall.EIO
 		}
 		cData, errno := n.getXAttr(cAttr)
 		if errno != 0 {
@@ -65,15 +66,11 @@ func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32,
 		data, err = rn.decryptXattrValue(cData)
 		if err != nil {
 			tlog.Warn.Printf("GetXAttr: %v", err)
-			return minus1, syscall.EIO
+			return 0, syscall.EIO
 		}
 	}
-	// Caller passes size zero to find out how large their buffer should be
-	if len(dest) == 0 {
-		return uint32(len(data)), 0
-	}
 	if len(dest) < len(data) {
-		return minus1, syscall.ERANGE
+		return uint32(len(data)), syscall.ERANGE
 	}
 	l := copy(dest, data)
 	return uint32(l), 0
@@ -84,6 +81,10 @@ func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32,
 // This function is symlink-safe through Fsetxattr.
 func (n *Node) Setxattr(ctx context.Context, attr string, data []byte, flags uint32) syscall.Errno {
 	rn := n.rootNode()
+	// If -noxattr is enabled, fail all setxattr calls
+	if rn.args.NoXattr {
+		return syscall.EOPNOTSUPP
+	}
 	flags = uint32(filterXattrSetFlags(int(flags)))
 
 	// ACLs are passed through without encryption
@@ -109,6 +110,10 @@ func (n *Node) Setxattr(ctx context.Context, attr string, data []byte, flags uin
 // This function is symlink-safe through Fremovexattr.
 func (n *Node) Removexattr(ctx context.Context, attr string) syscall.Errno {
 	rn := n.rootNode()
+	// If -noxattr is enabled, fail all removexattr calls
+	if rn.args.NoXattr {
+		return syscall.EOPNOTSUPP
+	}
 
 	// ACLs are passed through without encryption
 	if isAcl(attr) {
@@ -126,11 +131,15 @@ func (n *Node) Removexattr(ctx context.Context, attr string) syscall.Errno {
 //
 // This function is symlink-safe through Flistxattr.
 func (n *Node) Listxattr(ctx context.Context, dest []byte) (uint32, syscall.Errno) {
+	rn := n.rootNode()
+	// If -noxattr is enabled, return zero results for listxattr
+	if rn.args.NoXattr {
+		return 0, 0
+	}
 	cNames, errno := n.listXAttr()
 	if errno != 0 {
 		return 0, errno
 	}
-	rn := n.rootNode()
 	var buf bytes.Buffer
 	for _, curName := range cNames {
 		// ACLs are passed through without encryption
@@ -155,12 +164,8 @@ func (n *Node) Listxattr(ctx context.Context, dest []byte) (uint32, syscall.Errn
 		}
 		buf.WriteString(name + "\000")
 	}
-	// Caller passes size zero to find out how large their buffer should be
-	if len(dest) == 0 {
-		return uint32(buf.Len()), 0
-	}
 	if buf.Len() > len(dest) {
-		return minus1, syscall.ERANGE
+		return uint32(buf.Len()), syscall.ERANGE
 	}
 	return uint32(copy(dest, buf.Bytes())), 0
 }