1 .. SPDX-License-Identifier: GPL-2.0
2
3 Extended Attributes
4 -------------------
5
6 Extended attributes (xattrs) are typically sto
7 block on the disk and referenced from inodes v
8 The first use of extended attributes seems to
9 ACLs and other security data (selinux). With t
10 option it is possible for users to store exten
11 all attribute names begin with “user”; thi
12 disappeared as of Linux 3.0.
13
14 There are two places where extended attributes
15 place is between the end of each inode entry a
16 next inode entry. For example, if inode.i_extr
17 sb.inode_size = 256, then there are 256 - (128
18 available for in-inode extended attribute stor
19 where extended attributes can be found is in t
20 ``inode.i_file_acl``. As of Linux 3.11, it is
21 block to contain a pointer to a second extende
22 the remaining blocks of a cluster). In theory
23 attribute's value to be stored in a separate d
24 Linux 3.11 the code does not permit this.
25
26 Keys are generally assumed to be ASCIIZ string
27 strings or binary data.
28
29 Extended attributes, when stored after the ino
30 ``ext4_xattr_ibody_header`` that is 4 bytes lo
31
32 .. list-table::
33 :widths: 8 8 24 40
34 :header-rows: 1
35
36 * - Offset
37 - Type
38 - Name
39 - Description
40 * - 0x0
41 - __le32
42 - h_magic
43 - Magic number for identification, 0xEA02
44 Linux driver, though e2fsprogs doesn't
45
46 The beginning of an extended attribute block i
47 ``struct ext4_xattr_header``, which is 32 byte
48
49 .. list-table::
50 :widths: 8 8 24 40
51 :header-rows: 1
52
53 * - Offset
54 - Type
55 - Name
56 - Description
57 * - 0x0
58 - __le32
59 - h_magic
60 - Magic number for identification, 0xEA02
61 * - 0x4
62 - __le32
63 - h_refcount
64 - Reference count.
65 * - 0x8
66 - __le32
67 - h_blocks
68 - Number of disk blocks used.
69 * - 0xC
70 - __le32
71 - h_hash
72 - Hash value of all attributes.
73 * - 0x10
74 - __le32
75 - h_checksum
76 - Checksum of the extended attribute bloc
77 * - 0x14
78 - __u32
79 - h_reserved[3]
80 - Zero.
81
82 The checksum is calculated against the FS UUID
83 of the extended attribute block, and the entir
84 entries).
85
86 Following the ``struct ext4_xattr_header`` or
87 ``struct ext4_xattr_ibody_header`` is an array
88 ``struct ext4_xattr_entry``; each of these ent
89 long. When stored in an external block, the ``
90 entries must be stored in sorted order. The so
91 ``e_name_index``, then ``e_name_len``, and fin
92 Attributes stored inside an inode do not need
93
94 .. list-table::
95 :widths: 8 8 24 40
96 :header-rows: 1
97
98 * - Offset
99 - Type
100 - Name
101 - Description
102 * - 0x0
103 - __u8
104 - e_name_len
105 - Length of name.
106 * - 0x1
107 - __u8
108 - e_name_index
109 - Attribute name index. There is a discus
110 * - 0x2
111 - __le16
112 - e_value_offs
113 - Location of this attribute's value on t
114 Multiple attributes can share the same
115 this value is relative to the start of
116 value is relative to the start of the b
117 * - 0x4
118 - __le32
119 - e_value_inum
120 - The inode where the value is stored. Ze
121 same block as this entry. This field is
122 INCOMPAT_EA_INODE feature is enabled.
123 * - 0x8
124 - __le32
125 - e_value_size
126 - Length of attribute value.
127 * - 0xC
128 - __le32
129 - e_hash
130 - Hash value of attribute name and attrib
131 update the hash for in-inode attributes
132 must be zero, because e2fsck validates
133 where the xattr lives.
134 * - 0x10
135 - char
136 - e_name[e_name_len]
137 - Attribute name. Does not include traili
138
139 Attribute values can follow the end of the ent
140 be a requirement that they be aligned to 4-byt
141 are stored starting at the end of the block an
142 xattr_header/xattr_entry table. When the two c
143 put into a separate disk block. If the disk bl
144 filesystem returns -ENOSPC.
145
146 The first four fields of the ``ext4_xattr_entr
147 mark the end of the key list.
148
149 Attribute Name Indices
150 ~~~~~~~~~~~~~~~~~~~~~~
151
152 Logically speaking, extended attributes are a
153 The keys are assumed to be NULL-terminated str
154 of on-disk space that the keys consume, the be
155 is matched against the attribute name index. I
156 attribute name index field is set, and matchin
157 the key name. Here is a map of name index valu
158
159 .. list-table::
160 :widths: 16 64
161 :header-rows: 1
162
163 * - Name Index
164 - Key Prefix
165 * - 0
166 - (no prefix)
167 * - 1
168 - “user.”
169 * - 2
170 - “system.posix_acl_access”
171 * - 3
172 - “system.posix_acl_default”
173 * - 4
174 - “trusted.”
175 * - 6
176 - “security.”
177 * - 7
178 - “system.” (inline_data only?)
179 * - 8
180 - “system.richacl” (SuSE kernels only
181
182 For example, if the attribute key is “user.f
183 index is set to 1 and the “fubar” name is
184
185 POSIX ACLs
186 ~~~~~~~~~~
187
188 POSIX ACLs are stored in a reduced version of
189 libacl's) internal ACL format. The key differe
190 number is different (1) and the ``e_id`` field
191 user and group ACLs.
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.