Merge patch series "xattr: rework simple xattrs and support user.* xattrs on sockets"

Christian Brauner <brauner@kernel.org> says: This reworks the simple_xattr infrastructure and adds support for user.* extended attributes on sockets. The simple_xattr subsystem currently uses an rbtree protected by a reader-writer spinlock. This series replaces the rbtree with an rhashtable giving O(1) average-case lookup with RCU-based lockless reads. This sped up concurrent access patterns on tmpfs quite a bit and it's an overall easy enough conversion to do and gets rid or rwlock_t. The conversion is done incrementally: a new rhashtable path is added alongside the existing rbtree, consumers are migrated one at a time (shmem, kernfs, pidfs), and then the rbtree code is removed. All three consumers switch from embedded structs to pointer-based lazy allocation so the rhashtable overhead is only paid for inodes that actually use xattrs. With this infrastructure in place the series adds support for user.* xattrs on sockets. Path-based AF_UNIX sockets inherit xattr support from the underlying filesystem (e.g. tmpfs) but sockets in sockfs - that is everything created via socket() including abstract namespace AF_UNIX sockets - had no xattr support at all. The xattr_permission() checks are reworked to allow user.* xattrs on S_IFSOCK inodes. Sockfs sockets get per-inode limits of 128 xattrs and 128KB total value size matching the limits already in use for kernfs. The practical motivation comes from several directions. systemd and GNOME are expanding their use of Varlink as an IPC mechanism. For D-Bus there are tools like dbus-monitor that can observe IPC traffic across the system but this only works because D-Bus has a central broker. For Varlink there is no broker and there is currently no way to identify which sockets speak Varlink. With user.* xattrs on sockets a service can label its socket with the IPC protocol it speaks (e.g., user.varlink=1) and an eBPF program can then selectively capture traffic on those sockets. Enumerating bound sockets via netlink combined with these xattr labels gives a way to discover all Varlink IPC entrypoints for debugging and introspection. Similarly, systemd-journald wants to use xattrs on the /dev/log socket for protocol negotiation to indicate whether RFC 5424 structured syslog is supported or whether only the legacy RFC 3164 format should be used. In containers these labels are particularly useful as high-privilege or more complicated solutions for socket identification aren't available. The series comes with comprehensive selftests covering path-based AF_UNIX sockets, sockfs socket operations, per-inode limit enforcement, and xattr operations across multiple address families (AF_INET, AF_INET6, AF_NETLINK, AF_PACKET). * patches from https://patch.msgid.link/20260216-work-xattr-socket-v1-0-c2efa4f74cb7@kernel.org: selftests/xattr: test xattrs on various socket families selftests/xattr: sockfs socket xattr tests selftests/xattr: path-based AF_UNIX socket xattr tests xattr: support extended attributes on sockets xattr,net: support limited amount of extended attributes on sockfs sockets xattr: move user limits for xattrs to generic infra xattr: switch xattr_permission() to switch statement xattr: add xattr_permission_error() xattr: remove rbtree-based simple_xattr infrastructure pidfs: adapt to rhashtable-based simple_xattrs kernfs: adapt to rhashtable-based simple_xattrs with lazy allocation shmem: adapt to rhashtable-based simple_xattrs with lazy allocation xattr: add rhashtable-based simple_xattr infrastructure xattr: add rcu_head and rhash_head to struct simple_xattr Link: https://patch.msgid.link/20260216-work-xattr-socket-v1-0-c2efa4f74cb7@kernel.org Signed-off-by: Christian Brauner <brauner@kernel.org>
author: Christian Brauner <brauner@kernel.org> 2026-02-23 15:06:04 +0300
committer: Christian Brauner <brauner@kernel.org> 2026-03-02 13:06:43 +0300
commit: 98779186aa0b3367489a87c6d8bc0911f577444e (patch)
tree: 337031c82c583f1e4b6d29ee72bf9fea921eb0a9 /tools/testing
parent: 6de23f81a5e08be8fbf5e8d7e9febc72a5b5f27f (diff)
parent: 0f1f4e4e1503e605f2189bfa10290d7b8920187c (diff)
download: linux-98779186aa0b3367489a87c6d8bc0911f577444e.tar.xz
5 files changed, 1019 insertions, 0 deletions
diff --git a/tools/testing/selftests/filesystems/xattr/.gitignore b/tools/testing/selftests/filesystems/xattr/.gitignore
new file mode 100644
index 000000000000..092d14094c0f
--- /dev/null
+++ b/tools/testing/selftests/filesystems/xattr/.gitignore
@@ -0,0 +1,3 @@
+xattr_socket_test
+xattr_sockfs_test
+xattr_socket_types_test
diff --git a/tools/testing/selftests/filesystems/xattr/Makefile b/tools/testing/selftests/filesystems/xattr/Makefile
new file mode 100644
index 000000000000..95364ffb10e9
--- /dev/null
+++ b/tools/testing/selftests/filesystems/xattr/Makefile
@@ -0,0 +1,6 @@
+# SPDX-License-Identifier: GPL-2.0
+
+CFLAGS += $(KHDR_INCLUDES)
+TEST_GEN_PROGS := xattr_socket_test xattr_sockfs_test xattr_socket_types_test
+
+include ../../lib.mk
diff --git a/tools/testing/selftests/filesystems/xattr/xattr_socket_test.c b/tools/testing/selftests/filesystems/xattr/xattr_socket_test.c
new file mode 100644
index 000000000000..fac0a4c6bc05
--- /dev/null
+++ b/tools/testing/selftests/filesystems/xattr/xattr_socket_test.c
@@ -0,0 +1,470 @@
+// SPDX-License-Identifier: GPL-2.0
+// Copyright (c) 2026 Christian Brauner <brauner@kernel.org>
+/*
+ * Test extended attributes on path-based Unix domain sockets.
+ *
+ * Path-based Unix domain sockets are bound to a filesystem path and their
+ * inodes live on the underlying filesystem (e.g. tmpfs). These tests verify
+ * that user.* and trusted.* xattr operations work correctly on them using
+ * path-based syscalls (setxattr, getxattr, etc.).
+ *
+ * Covers SOCK_STREAM, SOCK_DGRAM, and SOCK_SEQPACKET socket types.
+ */
+
+#define _GNU_SOURCE
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/un.h>
+#include <sys/xattr.h>
+#include <unistd.h>
+
+#include "../../kselftest_harness.h"
+
+#define TEST_XATTR_NAME		"user.testattr"
+#define TEST_XATTR_VALUE	"testvalue"
+#define TEST_XATTR_VALUE2	"newvalue"
+
+/*
+ * Fixture for path-based Unix domain socket tests.
+ * Creates a SOCK_STREAM socket bound to a path in /tmp (typically tmpfs).
+ */
+FIXTURE(xattr_socket)
+{
+	char socket_path[PATH_MAX];
+	int sockfd;
+};
+
+FIXTURE_VARIANT(xattr_socket)
+{
+	int sock_type;
+	const char *name;
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket, stream) {
+	.sock_type = SOCK_STREAM,
+	.name = "stream",
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket, dgram) {
+	.sock_type = SOCK_DGRAM,
+	.name = "dgram",
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket, seqpacket) {
+	.sock_type = SOCK_SEQPACKET,
+	.name = "seqpacket",
+};
+
+FIXTURE_SETUP(xattr_socket)
+{
+	struct sockaddr_un addr;
+	int ret;
+
+	self->sockfd = -1;
+
+	snprintf(self->socket_path, sizeof(self->socket_path),
+		 "/tmp/xattr_socket_test_%s.%d", variant->name, getpid());
+	unlink(self->socket_path);
+
+	self->sockfd = socket(AF_UNIX, variant->sock_type, 0);
+	ASSERT_GE(self->sockfd, 0) {
+		TH_LOG("Failed to create socket: %s", strerror(errno));
+	}
+
+	memset(&addr, 0, sizeof(addr));
+	addr.sun_family = AF_UNIX;
+	strncpy(addr.sun_path, self->socket_path, sizeof(addr.sun_path) - 1);
+
+	ret = bind(self->sockfd, (struct sockaddr *)&addr, sizeof(addr));
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("Failed to bind socket to %s: %s",
+		       self->socket_path, strerror(errno));
+	}
+}
+
+FIXTURE_TEARDOWN(xattr_socket)
+{
+	if (self->sockfd >= 0)
+		close(self->sockfd);
+	unlink(self->socket_path);
+}
+
+TEST_F(xattr_socket, set_user_xattr)
+{
+	int ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr failed: %s (errno=%d)", strerror(errno), errno);
+	}
+}
+
+TEST_F(xattr_socket, get_user_xattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr failed: %s", strerror(errno));
+	}
+
+	memset(buf, 0, sizeof(buf));
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE)) {
+		TH_LOG("getxattr returned %zd, expected %zu: %s",
+		       ret, strlen(TEST_XATTR_VALUE), strerror(errno));
+	}
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+}
+
+TEST_F(xattr_socket, list_user_xattr)
+{
+	char list[1024];
+	ssize_t ret;
+	bool found = false;
+	char *ptr;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr failed: %s", strerror(errno));
+	}
+
+	memset(list, 0, sizeof(list));
+	ret = listxattr(self->socket_path, list, sizeof(list));
+	ASSERT_GT(ret, 0) {
+		TH_LOG("listxattr failed: %s", strerror(errno));
+	}
+
+	for (ptr = list; ptr < list + ret; ptr += strlen(ptr) + 1) {
+		if (strcmp(ptr, TEST_XATTR_NAME) == 0) {
+			found = true;
+			break;
+		}
+	}
+	ASSERT_TRUE(found) {
+		TH_LOG("xattr %s not found in list", TEST_XATTR_NAME);
+	}
+}
+
+TEST_F(xattr_socket, remove_user_xattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr failed: %s", strerror(errno));
+	}
+
+	ret = removexattr(self->socket_path, TEST_XATTR_NAME);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("removexattr failed: %s", strerror(errno));
+	}
+
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA) {
+		TH_LOG("Expected ENODATA, got %s", strerror(errno));
+	}
+}
+
+/*
+ * Test that xattrs persist across socket close and reopen.
+ * The xattr is on the filesystem inode, not the socket fd.
+ */
+TEST_F(xattr_socket, xattr_persistence)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr failed: %s", strerror(errno));
+	}
+
+	close(self->sockfd);
+	self->sockfd = -1;
+
+	memset(buf, 0, sizeof(buf));
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE)) {
+		TH_LOG("getxattr after close failed: %s", strerror(errno));
+	}
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+}
+
+TEST_F(xattr_socket, update_user_xattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE2, strlen(TEST_XATTR_VALUE2), 0);
+	ASSERT_EQ(ret, 0);
+
+	memset(buf, 0, sizeof(buf));
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE2));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE2);
+}
+
+TEST_F(xattr_socket, xattr_create_flag)
+{
+	int ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE2, strlen(TEST_XATTR_VALUE2), XATTR_CREATE);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, EEXIST);
+}
+
+TEST_F(xattr_socket, xattr_replace_flag)
+{
+	int ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), XATTR_REPLACE);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+TEST_F(xattr_socket, multiple_xattrs)
+{
+	char buf[256];
+	ssize_t ret;
+	int i;
+	char name[64], value[64];
+	const int num_xattrs = 5;
+
+	for (i = 0; i < num_xattrs; i++) {
+		snprintf(name, sizeof(name), "user.test%d", i);
+		snprintf(value, sizeof(value), "value%d", i);
+		ret = setxattr(self->socket_path, name, value, strlen(value), 0);
+		ASSERT_EQ(ret, 0) {
+			TH_LOG("setxattr %s failed: %s", name, strerror(errno));
+		}
+	}
+
+	for (i = 0; i < num_xattrs; i++) {
+		snprintf(name, sizeof(name), "user.test%d", i);
+		snprintf(value, sizeof(value), "value%d", i);
+		memset(buf, 0, sizeof(buf));
+		ret = getxattr(self->socket_path, name, buf, sizeof(buf));
+		ASSERT_EQ(ret, (ssize_t)strlen(value));
+		ASSERT_STREQ(buf, value);
+	}
+}
+
+TEST_F(xattr_socket, xattr_empty_value)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME, "", 0, 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, 0);
+}
+
+TEST_F(xattr_socket, xattr_get_size)
+{
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, NULL, 0);
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE));
+}
+
+TEST_F(xattr_socket, xattr_buffer_too_small)
+{
+	char buf[2];
+	ssize_t ret;
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ERANGE);
+}
+
+TEST_F(xattr_socket, xattr_nonexistent)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = getxattr(self->socket_path, "user.nonexistent", buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+TEST_F(xattr_socket, remove_nonexistent_xattr)
+{
+	int ret;
+
+	ret = removexattr(self->socket_path, "user.nonexistent");
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+TEST_F(xattr_socket, large_xattr_value)
+{
+	char large_value[4096];
+	char read_buf[4096];
+	ssize_t ret;
+
+	memset(large_value, 'A', sizeof(large_value));
+
+	ret = setxattr(self->socket_path, TEST_XATTR_NAME,
+		       large_value, sizeof(large_value), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr with large value failed: %s", strerror(errno));
+	}
+
+	memset(read_buf, 0, sizeof(read_buf));
+	ret = getxattr(self->socket_path, TEST_XATTR_NAME,
+		       read_buf, sizeof(read_buf));
+	ASSERT_EQ(ret, (ssize_t)sizeof(large_value));
+	ASSERT_EQ(memcmp(large_value, read_buf, sizeof(large_value)), 0);
+}
+
+/*
+ * Test lsetxattr/lgetxattr (don't follow symlinks).
+ * Socket files aren't symlinks, so this should work the same.
+ */
+TEST_F(xattr_socket, lsetxattr_lgetxattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = lsetxattr(self->socket_path, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("lsetxattr failed: %s", strerror(errno));
+	}
+
+	memset(buf, 0, sizeof(buf));
+	ret = lgetxattr(self->socket_path, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+}
+
+/*
+ * Fixture for trusted.* xattr tests.
+ * These require CAP_SYS_ADMIN.
+ */
+FIXTURE(xattr_socket_trusted)
+{
+	char socket_path[PATH_MAX];
+	int sockfd;
+};
+
+FIXTURE_VARIANT(xattr_socket_trusted)
+{
+	int sock_type;
+	const char *name;
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_trusted, stream) {
+	.sock_type = SOCK_STREAM,
+	.name = "stream",
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_trusted, dgram) {
+	.sock_type = SOCK_DGRAM,
+	.name = "dgram",
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_trusted, seqpacket) {
+	.sock_type = SOCK_SEQPACKET,
+	.name = "seqpacket",
+};
+
+FIXTURE_SETUP(xattr_socket_trusted)
+{
+	struct sockaddr_un addr;
+	int ret;
+
+	self->sockfd = -1;
+
+	snprintf(self->socket_path, sizeof(self->socket_path),
+		 "/tmp/xattr_socket_trusted_%s.%d", variant->name, getpid());
+	unlink(self->socket_path);
+
+	self->sockfd = socket(AF_UNIX, variant->sock_type, 0);
+	ASSERT_GE(self->sockfd, 0);
+
+	memset(&addr, 0, sizeof(addr));
+	addr.sun_family = AF_UNIX;
+	strncpy(addr.sun_path, self->socket_path, sizeof(addr.sun_path) - 1);
+
+	ret = bind(self->sockfd, (struct sockaddr *)&addr, sizeof(addr));
+	ASSERT_EQ(ret, 0);
+}
+
+FIXTURE_TEARDOWN(xattr_socket_trusted)
+{
+	if (self->sockfd >= 0)
+		close(self->sockfd);
+	unlink(self->socket_path);
+}
+
+TEST_F(xattr_socket_trusted, set_trusted_xattr)
+{
+	char buf[256];
+	ssize_t len;
+	int ret;
+
+	ret = setxattr(self->socket_path, "trusted.testattr",
+		       TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	if (ret == -1 && errno == EPERM)
+		SKIP(return, "Need CAP_SYS_ADMIN for trusted.* xattrs");
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("setxattr trusted.testattr failed: %s", strerror(errno));
+	}
+
+	memset(buf, 0, sizeof(buf));
+	len = getxattr(self->socket_path, "trusted.testattr",
+		       buf, sizeof(buf));
+	ASSERT_EQ(len, (ssize_t)strlen(TEST_XATTR_VALUE));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+}
+
+TEST_F(xattr_socket_trusted, get_trusted_xattr_unprivileged)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = getxattr(self->socket_path, "trusted.testattr", buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_TRUE(errno == ENODATA || errno == EPERM) {
+		TH_LOG("Expected ENODATA or EPERM, got %s", strerror(errno));
+	}
+}
+
+TEST_HARNESS_MAIN
diff --git a/tools/testing/selftests/filesystems/xattr/xattr_socket_types_test.c b/tools/testing/selftests/filesystems/xattr/xattr_socket_types_test.c
new file mode 100644
index 000000000000..bfabe91b2ed1
--- /dev/null
+++ b/tools/testing/selftests/filesystems/xattr/xattr_socket_types_test.c
@@ -0,0 +1,177 @@
+// SPDX-License-Identifier: GPL-2.0
+// Copyright (c) 2026 Christian Brauner <brauner@kernel.org>
+/*
+ * Test user.* xattrs on various socket families.
+ *
+ * All socket types use sockfs for their inodes, so user.* xattrs should
+ * work on any socket regardless of address family. This tests AF_INET,
+ * AF_INET6, AF_NETLINK, AF_PACKET, and abstract namespace AF_UNIX sockets.
+ */
+
+#define _GNU_SOURCE
+#include <errno.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/un.h>
+#include <sys/xattr.h>
+#include <linux/netlink.h>
+#include <unistd.h>
+
+#include "../../kselftest_harness.h"
+
+#define TEST_XATTR_NAME		"user.testattr"
+#define TEST_XATTR_VALUE	"testvalue"
+
+FIXTURE(xattr_socket_types)
+{
+	int sockfd;
+};
+
+FIXTURE_VARIANT(xattr_socket_types)
+{
+	int family;
+	int type;
+	int protocol;
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_types, inet) {
+	.family = AF_INET,
+	.type = SOCK_STREAM,
+	.protocol = 0,
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_types, inet6) {
+	.family = AF_INET6,
+	.type = SOCK_STREAM,
+	.protocol = 0,
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_types, netlink) {
+	.family = AF_NETLINK,
+	.type = SOCK_RAW,
+	.protocol = NETLINK_USERSOCK,
+};
+
+FIXTURE_VARIANT_ADD(xattr_socket_types, packet) {
+	.family = AF_PACKET,
+	.type = SOCK_DGRAM,
+	.protocol = 0,
+};
+
+FIXTURE_SETUP(xattr_socket_types)
+{
+	self->sockfd = socket(variant->family, variant->type,
+			      variant->protocol);
+	if (self->sockfd < 0 &&
+	    (errno == EAFNOSUPPORT || errno == EPERM || errno == EACCES))
+		SKIP(return, "socket(%d, %d, %d) not available: %s",
+		     variant->family, variant->type, variant->protocol,
+		     strerror(errno));
+	ASSERT_GE(self->sockfd, 0) {
+		TH_LOG("Failed to create socket(%d, %d, %d): %s",
+		       variant->family, variant->type, variant->protocol,
+		       strerror(errno));
+	}
+}
+
+FIXTURE_TEARDOWN(xattr_socket_types)
+{
+	if (self->sockfd >= 0)
+		close(self->sockfd);
+}
+
+TEST_F(xattr_socket_types, set_get_list_remove)
+{
+	char buf[256], list[4096], *ptr;
+	ssize_t ret;
+	bool found;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("fsetxattr failed: %s", strerror(errno));
+	}
+
+	memset(buf, 0, sizeof(buf));
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+
+	memset(list, 0, sizeof(list));
+	ret = flistxattr(self->sockfd, list, sizeof(list));
+	ASSERT_GT(ret, 0);
+	found = false;
+	for (ptr = list; ptr < list + ret; ptr += strlen(ptr) + 1) {
+		if (strcmp(ptr, TEST_XATTR_NAME) == 0)
+			found = true;
+	}
+	ASSERT_TRUE(found);
+
+	ret = fremovexattr(self->sockfd, TEST_XATTR_NAME);
+	ASSERT_EQ(ret, 0);
+
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+/*
+ * Test abstract namespace AF_UNIX socket.
+ * Abstract sockets don't have a filesystem path; their inodes live in
+ * sockfs so user.* xattrs should work via fsetxattr/fgetxattr.
+ */
+FIXTURE(xattr_abstract)
+{
+	int sockfd;
+};
+
+FIXTURE_SETUP(xattr_abstract)
+{
+	struct sockaddr_un addr;
+	char name[64];
+	int ret, len;
+
+	self->sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
+	ASSERT_GE(self->sockfd, 0);
+
+	len = snprintf(name, sizeof(name), "xattr_test_abstract_%d", getpid());
+
+	memset(&addr, 0, sizeof(addr));
+	addr.sun_family = AF_UNIX;
+	addr.sun_path[0] = '\0';
+	memcpy(&addr.sun_path[1], name, len);
+
+	ret = bind(self->sockfd, (struct sockaddr *)&addr,
+		   offsetof(struct sockaddr_un, sun_path) + 1 + len);
+	ASSERT_EQ(ret, 0);
+}
+
+FIXTURE_TEARDOWN(xattr_abstract)
+{
+	if (self->sockfd >= 0)
+		close(self->sockfd);
+}
+
+TEST_F(xattr_abstract, set_get)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("fsetxattr on abstract socket failed: %s",
+		       strerror(errno));
+	}
+
+	memset(buf, 0, sizeof(buf));
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+}
+
+TEST_HARNESS_MAIN
diff --git a/tools/testing/selftests/filesystems/xattr/xattr_sockfs_test.c b/tools/testing/selftests/filesystems/xattr/xattr_sockfs_test.c
new file mode 100644
index 000000000000..b4824b01a86d
--- /dev/null
+++ b/tools/testing/selftests/filesystems/xattr/xattr_sockfs_test.c
@@ -0,0 +1,363 @@
+// SPDX-License-Identifier: GPL-2.0
+// Copyright (c) 2026 Christian Brauner <brauner@kernel.org>
+/*
+ * Test extended attributes on sockfs sockets.
+ *
+ * Sockets created via socket() have their inodes in sockfs, which supports
+ * user.* xattrs with per-inode limits: up to 128 xattrs and 128KB total
+ * value size. These tests verify xattr operations via fsetxattr/fgetxattr/
+ * flistxattr/fremovexattr on the socket fd, as well as limit enforcement.
+ */
+
+#define _GNU_SOURCE
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/xattr.h>
+#include <unistd.h>
+
+#include "../../kselftest_harness.h"
+
+#define TEST_XATTR_NAME		"user.testattr"
+#define TEST_XATTR_VALUE	"testvalue"
+#define TEST_XATTR_VALUE2	"newvalue"
+
+/* Per-inode limits for user.* xattrs on sockfs (from include/linux/xattr.h) */
+#define SIMPLE_XATTR_MAX_NR	128
+#define SIMPLE_XATTR_MAX_SIZE	(128 << 10)	/* 128 KB */
+
+#ifndef XATTR_SIZE_MAX
+#define XATTR_SIZE_MAX 65536
+#endif
+
+/*
+ * Fixture for sockfs socket xattr tests.
+ * Creates an AF_UNIX socket (lives in sockfs, not bound to any path).
+ */
+FIXTURE(xattr_sockfs)
+{
+	int sockfd;
+};
+
+FIXTURE_SETUP(xattr_sockfs)
+{
+	self->sockfd = socket(AF_UNIX, SOCK_STREAM, 0);
+	ASSERT_GE(self->sockfd, 0) {
+		TH_LOG("Failed to create socket: %s", strerror(errno));
+	}
+}
+
+FIXTURE_TEARDOWN(xattr_sockfs)
+{
+	if (self->sockfd >= 0)
+		close(self->sockfd);
+}
+
+TEST_F(xattr_sockfs, set_get_user_xattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("fsetxattr failed: %s", strerror(errno));
+	}
+
+	memset(buf, 0, sizeof(buf));
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE)) {
+		TH_LOG("fgetxattr returned %zd: %s", ret, strerror(errno));
+	}
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+}
+
+/*
+ * Test listing xattrs on a sockfs socket.
+ * Should include user.* xattrs and system.sockprotoname.
+ */
+TEST_F(xattr_sockfs, list_user_xattr)
+{
+	char list[4096];
+	ssize_t ret;
+	char *ptr;
+	bool found_user = false;
+	bool found_proto = false;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("fsetxattr failed: %s", strerror(errno));
+	}
+
+	memset(list, 0, sizeof(list));
+	ret = flistxattr(self->sockfd, list, sizeof(list));
+	ASSERT_GT(ret, 0) {
+		TH_LOG("flistxattr failed: %s", strerror(errno));
+	}
+
+	for (ptr = list; ptr < list + ret; ptr += strlen(ptr) + 1) {
+		if (strcmp(ptr, TEST_XATTR_NAME) == 0)
+			found_user = true;
+		if (strcmp(ptr, "system.sockprotoname") == 0)
+			found_proto = true;
+	}
+	ASSERT_TRUE(found_user) {
+		TH_LOG("user xattr not found in list");
+	}
+	ASSERT_TRUE(found_proto) {
+		TH_LOG("system.sockprotoname not found in list");
+	}
+}
+
+TEST_F(xattr_sockfs, remove_user_xattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = fremovexattr(self->sockfd, TEST_XATTR_NAME);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("fremovexattr failed: %s", strerror(errno));
+	}
+
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+TEST_F(xattr_sockfs, update_user_xattr)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE2, strlen(TEST_XATTR_VALUE2), 0);
+	ASSERT_EQ(ret, 0);
+
+	memset(buf, 0, sizeof(buf));
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE2));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE2);
+}
+
+TEST_F(xattr_sockfs, xattr_create_flag)
+{
+	int ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE2, strlen(TEST_XATTR_VALUE2),
+			XATTR_CREATE);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, EEXIST);
+}
+
+TEST_F(xattr_sockfs, xattr_replace_flag)
+{
+	int ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE),
+			XATTR_REPLACE);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+TEST_F(xattr_sockfs, get_nonexistent)
+{
+	char buf[256];
+	ssize_t ret;
+
+	ret = fgetxattr(self->sockfd, "user.nonexistent", buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+}
+
+TEST_F(xattr_sockfs, empty_value)
+{
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME, "", 0, 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, NULL, 0);
+	ASSERT_EQ(ret, 0);
+}
+
+TEST_F(xattr_sockfs, get_size)
+{
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, NULL, 0);
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE));
+}
+
+TEST_F(xattr_sockfs, buffer_too_small)
+{
+	char buf[2];
+	ssize_t ret;
+
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ERANGE);
+}
+
+/*
+ * Test maximum number of user.* xattrs per socket.
+ * The kernel enforces SIMPLE_XATTR_MAX_NR (128), so the 129th should
+ * fail with ENOSPC.
+ */
+TEST_F(xattr_sockfs, max_nr_xattrs)
+{
+	char name[32];
+	int i, ret;
+
+	for (i = 0; i < SIMPLE_XATTR_MAX_NR; i++) {
+		snprintf(name, sizeof(name), "user.test%03d", i);
+		ret = fsetxattr(self->sockfd, name, "v", 1, 0);
+		ASSERT_EQ(ret, 0) {
+			TH_LOG("fsetxattr %s failed at i=%d: %s",
+			       name, i, strerror(errno));
+		}
+	}
+
+	ret = fsetxattr(self->sockfd, "user.overflow", "v", 1, 0);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENOSPC) {
+		TH_LOG("Expected ENOSPC for xattr %d, got %s",
+		       SIMPLE_XATTR_MAX_NR + 1, strerror(errno));
+	}
+}
+
+/*
+ * Test maximum total value size for user.* xattrs.
+ * The kernel enforces SIMPLE_XATTR_MAX_SIZE (128KB). Individual xattr
+ * values are limited to XATTR_SIZE_MAX (64KB) by the VFS, so we need
+ * at least two xattrs to hit the total limit.
+ */
+TEST_F(xattr_sockfs, max_xattr_size)
+{
+	char *value;
+	int ret;
+
+	value = malloc(XATTR_SIZE_MAX);
+	ASSERT_NE(value, NULL);
+	memset(value, 'A', XATTR_SIZE_MAX);
+
+	/* First 64KB xattr - total = 64KB */
+	ret = fsetxattr(self->sockfd, "user.big1", value, XATTR_SIZE_MAX, 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("first large xattr failed: %s", strerror(errno));
+	}
+
+	/* Second 64KB xattr - total = 128KB (exactly at limit) */
+	ret = fsetxattr(self->sockfd, "user.big2", value, XATTR_SIZE_MAX, 0);
+	free(value);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("second large xattr failed: %s", strerror(errno));
+	}
+
+	/* Third xattr with 1 byte - total > 128KB, should fail */
+	ret = fsetxattr(self->sockfd, "user.big3", "v", 1, 0);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENOSPC) {
+		TH_LOG("Expected ENOSPC when exceeding size limit, got %s",
+		       strerror(errno));
+	}
+}
+
+/*
+ * Test that removing an xattr frees limit space, allowing re-addition.
+ */
+TEST_F(xattr_sockfs, limit_remove_readd)
+{
+	char name[32];
+	int i, ret;
+
+	/* Fill up to the maximum count */
+	for (i = 0; i < SIMPLE_XATTR_MAX_NR; i++) {
+		snprintf(name, sizeof(name), "user.test%03d", i);
+		ret = fsetxattr(self->sockfd, name, "v", 1, 0);
+		ASSERT_EQ(ret, 0);
+	}
+
+	/* Verify we're at the limit */
+	ret = fsetxattr(self->sockfd, "user.overflow", "v", 1, 0);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENOSPC);
+
+	/* Remove one xattr */
+	ret = fremovexattr(self->sockfd, "user.test000");
+	ASSERT_EQ(ret, 0);
+
+	/* Now we should be able to add one more */
+	ret = fsetxattr(self->sockfd, "user.newattr", "v", 1, 0);
+	ASSERT_EQ(ret, 0) {
+		TH_LOG("re-add after remove failed: %s", strerror(errno));
+	}
+}
+
+/*
+ * Test that two different sockets have independent xattr limits.
+ */
+TEST_F(xattr_sockfs, limits_per_inode)
+{
+	char buf[256];
+	int sock2;
+	ssize_t ret;
+
+	sock2 = socket(AF_UNIX, SOCK_STREAM, 0);
+	ASSERT_GE(sock2, 0);
+
+	/* Set xattr on first socket */
+	ret = fsetxattr(self->sockfd, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE, strlen(TEST_XATTR_VALUE), 0);
+	ASSERT_EQ(ret, 0);
+
+	/* First socket's xattr should not be visible on second socket */
+	ret = fgetxattr(sock2, TEST_XATTR_NAME, NULL, 0);
+	ASSERT_EQ(ret, -1);
+	ASSERT_EQ(errno, ENODATA);
+
+	/* Second socket should independently accept xattrs */
+	ret = fsetxattr(sock2, TEST_XATTR_NAME,
+			TEST_XATTR_VALUE2, strlen(TEST_XATTR_VALUE2), 0);
+	ASSERT_EQ(ret, 0);
+
+	/* Verify each socket has its own value */
+	memset(buf, 0, sizeof(buf));
+	ret = fgetxattr(self->sockfd, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE);
+
+	memset(buf, 0, sizeof(buf));
+	ret = fgetxattr(sock2, TEST_XATTR_NAME, buf, sizeof(buf));
+	ASSERT_EQ(ret, (ssize_t)strlen(TEST_XATTR_VALUE2));
+	ASSERT_STREQ(buf, TEST_XATTR_VALUE2);
+
+	close(sock2);
+}
+
+TEST_HARNESS_MAIN
author	Christian Brauner <brauner@kernel.org>	2026-02-23 15:06:04 +0300
committer	Christian Brauner <brauner@kernel.org>	2026-03-02 13:06:43 +0300
commit	98779186aa0b3367489a87c6d8bc0911f577444e (patch)
tree	337031c82c583f1e4b6d29ee72bf9fea921eb0a9 /tools/testing
parent	6de23f81a5e08be8fbf5e8d7e9febc72a5b5f27f (diff)
parent	0f1f4e4e1503e605f2189bfa10290d7b8920187c (diff)
download	linux-98779186aa0b3367489a87c6d8bc0911f577444e.tar.xz