From 2286372603f506cf719654a9901de0749c544b12 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 11 Nov 2018 17:43:48 +0100
Subject: fusefrontend: make GetXAttr() symlink-safe on Linux

Uses the /proc/self/fd trick, which does not work
on Darwin.
---
 internal/fusefrontend/xattr.go | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

(limited to 'internal/fusefrontend/xattr.go')

diff --git a/internal/fusefrontend/xattr.go b/internal/fusefrontend/xattr.go
index 74b3790..caf1e15 100644
--- a/internal/fusefrontend/xattr.go
+++ b/internal/fusefrontend/xattr.go
@@ -25,24 +25,22 @@ var xattrStorePrefix = "user.gocryptfs."
 
 // GetXAttr - FUSE call. Reads the value of extended attribute "attr".
 //
-// TODO: Make symlink-safe. Blocker: package xattr does not provide fgetxattr(2).
-func (fs *FS) GetXAttr(path string, attr string, context *fuse.Context) ([]byte, fuse.Status) {
-	if fs.isFiltered(path) {
+// This function is symlink-safe on Linux.
+// Darwin does not have fgetxattr(2) nor /proc. How to implement this on Darwin
+// in a symlink-safe way?
+func (fs *FS) GetXAttr(relPath string, attr string, context *fuse.Context) ([]byte, fuse.Status) {
+	if fs.isFiltered(relPath) {
 		return nil, fuse.EPERM
 	}
 	if disallowedXAttrName(attr) {
 		return nil, _EOPNOTSUPP
 	}
 	cAttr := fs.encryptXattrName(attr)
-	cPath, err := fs.getBackingPath(path)
-	if err != nil {
-		return nil, fuse.ToStatus(err)
-	}
-	encryptedData, err := xattr.LGet(cPath, cAttr)
-	if err != nil {
-		return nil, unpackXattrErr(err)
+	cData, status := fs.getXattr(relPath, cAttr, context)
+	if !status.Ok() {
+		return nil, status
 	}
-	data, err := fs.decryptXattrValue(encryptedData)
+	data, err := fs.decryptXattrValue(cData)
 	if err != nil {
 		tlog.Warn.Printf("GetXAttr: %v", err)
 		return nil, fuse.EIO
-- 
cgit v1.2.3