^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) .. SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) Extended Attributes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) -------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) Extended attributes (xattrs) are typically stored in a separate data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) block on the disk and referenced from inodes via ``inode.i_file_acl*``.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) The first use of extended attributes seems to have been for storing file
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) ACLs and other security data (selinux). With the ``user_xattr`` mount
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) option it is possible for users to store extended attributes so long as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) all attribute names begin with “user”; this restriction seems to have
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) disappeared as of Linux 3.0.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) There are two places where extended attributes can be found. The first
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) place is between the end of each inode entry and the beginning of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) next inode entry. For example, if inode.i\_extra\_isize = 28 and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) sb.inode\_size = 256, then there are 256 - (128 + 28) = 100 bytes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) available for in-inode extended attribute storage. The second place
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) where extended attributes can be found is in the block pointed to by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) ``inode.i_file_acl``. As of Linux 3.11, it is not possible for this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) block to contain a pointer to a second extended attribute block (or even
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) the remaining blocks of a cluster). In theory it is possible for each
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) attribute's value to be stored in a separate data block, though as of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) Linux 3.11 the code does not permit this.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) Keys are generally assumed to be ASCIIZ strings, whereas values can be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) strings or binary data.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) Extended attributes, when stored after the inode, have a header
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) ``ext4_xattr_ibody_header`` that is 4 bytes long:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) .. list-table::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) :widths: 8 8 24 40
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) :header-rows: 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) * - Offset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) - Type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) - Name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) - Description
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) * - 0x0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42) - h\_magic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) - Magic number for identification, 0xEA020000. This value is set by the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) Linux driver, though e2fsprogs doesn't seem to check it(?)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) The beginning of an extended attribute block is in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) ``struct ext4_xattr_header``, which is 32 bytes long:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) .. list-table::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) :widths: 8 8 24 40
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) :header-rows: 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) * - Offset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) - Type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) - Name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) - Description
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) * - 0x0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) - h\_magic
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) - Magic number for identification, 0xEA020000.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) * - 0x4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) - h\_refcount
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) - Reference count.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) * - 0x8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) - h\_blocks
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) - Number of disk blocks used.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) * - 0xC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) - h\_hash
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) - Hash value of all attributes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) * - 0x10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) - h\_checksum
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) - Checksum of the extended attribute block.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) * - 0x14
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) - \_\_u32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) - h\_reserved[2]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) - Zero.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) The checksum is calculated against the FS UUID, the 64-bit block number
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) of the extended attribute block, and the entire block (header +
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) entries).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) Following the ``struct ext4_xattr_header`` or
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) ``struct ext4_xattr_ibody_header`` is an array of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) ``struct ext4_xattr_entry``; each of these entries is at least 16 bytes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) long. When stored in an external block, the ``struct ext4_xattr_entry``
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) entries must be stored in sorted order. The sort order is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) ``e_name_index``, then ``e_name_len``, and finally ``e_name``.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) Attributes stored inside an inode do not need be stored in sorted order.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) .. list-table::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) :widths: 8 8 24 40
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) :header-rows: 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) * - Offset
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) - Type
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) - Name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) - Description
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) * - 0x0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) - \_\_u8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) - e\_name\_len
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) - Length of name.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) * - 0x1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) - \_\_u8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) - e\_name\_index
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) - Attribute name index. There is a discussion of this below.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) * - 0x2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) - \_\_le16
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) - e\_value\_offs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) - Location of this attribute's value on the disk block where it is stored.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) Multiple attributes can share the same value. For an inode attribute
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) this value is relative to the start of the first entry; for a block this
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) value is relative to the start of the block (i.e. the header).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) * - 0x4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) - e\_value\_inum
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) - The inode where the value is stored. Zero indicates the value is in the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) same block as this entry. This field is only used if the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) INCOMPAT\_EA\_INODE feature is enabled.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) * - 0x8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) - e\_value\_size
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) - Length of attribute value.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) * - 0xC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) - \_\_le32
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) - e\_hash
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) - Hash value of attribute name and attribute value. The kernel doesn't
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) update the hash for in-inode attributes, so for that case this value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) must be zero, because e2fsck validates any non-zero hash regardless of
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) where the xattr lives.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) * - 0x10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) - char
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) - e\_name[e\_name\_len]
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) - Attribute name. Does not include trailing NULL.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) Attribute values can follow the end of the entry table. There appears to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) be a requirement that they be aligned to 4-byte boundaries. The values
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) are stored starting at the end of the block and grow towards the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) xattr\_header/xattr\_entry table. When the two collide, the overflow is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) put into a separate disk block. If the disk block fills up, the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) filesystem returns -ENOSPC.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) The first four fields of the ``ext4_xattr_entry`` are set to zero to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) mark the end of the key list.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) Attribute Name Indices
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) ~~~~~~~~~~~~~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) Logically speaking, extended attributes are a series of key=value pairs.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) The keys are assumed to be NULL-terminated strings. To reduce the amount
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) of on-disk space that the keys consume, the beginning of the key string
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) is matched against the attribute name index. If a match is found, the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) attribute name index field is set, and matching string is removed from
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) the key name. Here is a map of name index values to key prefixes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) .. list-table::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) :widths: 16 64
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) :header-rows: 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) * - Name Index
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) - Key Prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) * - 0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) - (no prefix)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) * - 1
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) - “user.”
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) * - 2
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) - “system.posix\_acl\_access”
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) * - 3
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) - “system.posix\_acl\_default”
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) * - 4
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) - “trusted.”
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) * - 6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) - “security.”
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) * - 7
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) - “system.” (inline\_data only?)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) * - 8
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) - “system.richacl” (SuSE kernels only?)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) For example, if the attribute key is “user.fubar”, the attribute name
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) index is set to 1 and the “fubar” name is recorded on disk.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) POSIX ACLs
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) ~~~~~~~~~~
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) POSIX ACLs are stored in a reduced version of the Linux kernel (and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) libacl's) internal ACL format. The key difference is that the version
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) number is different (1) and the ``e_id`` field is only stored for named
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) user and group ACLs.
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags