From 0c9e24ea2abb1882d74cf705dd4c692eb1705adb Mon Sep 17 00:00:00 2001
From: Ralph Boehme <slow@samba.org>
Date: Sat, 20 Nov 2021 16:36:42 +0100
Subject: [PATCH 2/6] CVE-2021-44142: smbd: add Netatalk xattr used by
 vfs_fruit to the list of private Samba xattrs

This is an internal xattr that should not be user visible.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14914

Signed-off-by: Ralph Boehme <slow@samba.org>
[slow@samba.org: conflict due to changed includes in source3/smbd/trans2.c]
---
 source3/smbd/trans2.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -176,6 +176,16 @@ void aapl_force_zero_file_id(struct smbd
  Refuse to allow clients to overwrite our private xattrs.
 ****************************************************************************/
 
+/*
+ * Taken from vfs_fruit.c
+ */
+#define NETATALK_META_XATTR "org.netatalk.Metadata"
+#if defined(HAVE_ATTROPEN)
+#define AFPINFO_EA_NETATALK NETATALK_META_XATTR
+#else
+#define AFPINFO_EA_NETATALK "user." NETATALK_META_XATTR
+#endif
+
 bool samba_private_attr_name(const char *unix_ea_name)
 {
 	static const char * const prohibited_ea_names[] = {
@@ -183,6 +193,7 @@ bool samba_private_attr_name(const char
 		SAMBA_XATTR_DOS_ATTRIB,
 		SAMBA_XATTR_MARKER,
 		XATTR_NTACL_NAME,
+		AFPINFO_EA_NETATALK,
 		NULL
 	};