From 4407ca3a4da04c7c43bc6691819ae44f77625f16 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher <jakobunt@gmail.com>
Date: Mon, 2 Apr 2018 18:59:02 +0200
Subject: [PATCH] fusefrontend: xattr: return ENODATA for security.* and
 system.*

"ls -l" queries security.selinux, system.posix_acl_access, system.posix_acl_default
and throws error messages if it gets something else than ENODATA.
---
 internal/fusefrontend/xattr.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/internal/fusefrontend/xattr.go b/internal/fusefrontend/xattr.go
index 03e127f..1d628b7 100644
--- a/internal/fusefrontend/xattr.go
+++ b/internal/fusefrontend/xattr.go
@@ -31,6 +31,11 @@ func (fs *FS) GetXAttr(path string, attr string, context *fuse.Context) ([]byte,
 	if fs.isFiltered(path) {
 		return nil, fuse.EPERM
 	}
+	if !strings.HasPrefix(attr, xattrUserPrefix) {
+		// "ls -l" queries security.selinux, system.posix_acl_access, system.posix_acl_default
+		// and throws error messages if it gets something else than ENODATA.
+		return nil, fuse.ENODATA
+	}
 	cAttr, err := fs.encryptXattrName(attr)
 	if err != nil {
 		return nil, fuse.ToStatus(err)