diff -ruNp linux-2.4.23/fs/Config.in linux-2.4.23.xattr/fs/Config.in
--- linux-2.4.23/fs/Config.in	2003-12-09 14:49:10.490147240 -0500
+++ linux-2.4.23.xattr/fs/Config.in	2003-12-09 14:49:41.921368968 -0500
@@ -15,6 +15,7 @@ dep_mbool '  Enable reiserfs debug mode'
 dep_mbool '  Stats in /proc/fs/reiserfs' CONFIG_REISERFS_PROC_INFO $CONFIG_REISERFS_FS
 dep_mbool '  ReiserFS extended attributes' CONFIG_REISERFS_FS_XATTR $CONFIG_REISERFS_FS
 dep_mbool '  ReiserFS extended user attributes' CONFIG_REISERFS_FS_XATTR_USER $CONFIG_REISERFS_FS_XATTR
+dep_mbool '  ReiserFS trusted extended attributes' CONFIG_REISERFS_FS_XATTR_TRUSTED $CONFIG_REISERFS_FS_XATTR
 dep_mbool '  ReiserFS POSIX Access Control Lists' CONFIG_REISERFS_FS_POSIX_ACL $CONFIG_REISERFS_FS_XATTR $CONFIG_FS_POSIX_ACL
 
 dep_tristate 'ADFS file system support (EXPERIMENTAL)' CONFIG_ADFS_FS $CONFIG_EXPERIMENTAL
diff -ruNp linux-2.4.23/fs/reiserfs/Makefile linux-2.4.23.xattr/fs/reiserfs/Makefile
--- linux-2.4.23/fs/reiserfs/Makefile	2003-12-09 14:49:10.490147240 -0500
+++ linux-2.4.23.xattr/fs/reiserfs/Makefile	2003-12-09 14:49:41.921368968 -0500
@@ -13,6 +13,7 @@ lbalance.o ibalance.o stree.o hashes.o b
 
 obj-$(CONFIG_REISERFS_FS_XATTR) += xattr.o
 obj-$(CONFIG_REISERFS_FS_XATTR_USER) += xattr_user.o
+obj-$(CONFIG_REISERFS_FS_XATTR_TRUSTED) += xattr_trusted.o
 obj-$(CONFIG_REISERFS_FS_POSIX_ACL) += xattr_acl.o
 
 obj-m   := $(O_TARGET)
diff -ruNp linux-2.4.23/fs/reiserfs/super.c linux-2.4.23.xattr/fs/reiserfs/super.c
--- linux-2.4.23/fs/reiserfs/super.c	2003-12-09 14:49:10.495146480 -0500
+++ linux-2.4.23.xattr/fs/reiserfs/super.c	2003-12-09 14:49:41.923368664 -0500
@@ -1433,12 +1433,17 @@ static int __init init_reiserfs_fs (void
 	ret = reiserfs_xattr_user_init ();
 	if (ret) goto failed_xattr_user_init;
 
+	ret = reiserfs_xattr_trusted_init();
+	if (ret) goto failed_xattr_trusted_init;
+
 	ret = reiserfs_xattr_posix_acl_init();
 	if (ret) goto failed_xattr_posix_acl_init;
 
 	return register_filesystem(&reiserfs_fs_type);
 
 failed_xattr_posix_acl_init:
+	reiserfs_xattr_trusted_exit();
+failed_xattr_trusted_init:
 	reiserfs_xattr_user_exit();
 failed_xattr_user_init:
 	reiserfs_proc_unregister_global( "version" );
@@ -1454,6 +1459,7 @@ EXPORT_NO_SYMBOLS;
 static void __exit exit_reiserfs_fs(void)
 {
 	reiserfs_xattr_posix_acl_exit ();
+	reiserfs_xattr_trusted_exit ();
 	reiserfs_xattr_user_exit ();
 	reiserfs_proc_unregister_global( "version" );
 	reiserfs_proc_info_global_done();
diff -ruNp linux-2.4.23/fs/reiserfs/xattr_trusted.c linux-2.4.23.xattr/fs/reiserfs/xattr_trusted.c
--- linux-2.4.23/fs/reiserfs/xattr_trusted.c	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.4.23.xattr/fs/reiserfs/xattr_trusted.c	2003-12-09 14:49:41.923368664 -0500
@@ -0,0 +1,97 @@
+#include <linux/reiserfs_fs.h>
+#include <linux/errno.h>
+#include <linux/fs.h>
+#include <linux/pagemap.h>
+#include <linux/xattr.h>
+#include <linux/reiserfs_xattr.h>
+#include <asm/uaccess.h>
+
+#ifdef CONFIG_REISERFS_FS_POSIX_ACL
+# include <linux/reiserfs_acl.h>
+#endif
+
+#define XATTR_TRUSTED_PREFIX "trusted."
+
+static int
+trusted_get (struct inode *inode, const char *name, void *buffer, size_t size)
+{
+    if (strlen(name) < sizeof(XATTR_TRUSTED_PREFIX))
+        return -EINVAL;
+
+    if (!reiserfs_xattrs_trusted (inode->i_sb))
+        return -EOPNOTSUPP;
+
+    if (!(capable(CAP_SYS_ADMIN) || is_reiserfs_priv_object(inode)))
+        return -EPERM;
+
+    return reiserfs_xattr_get (inode, name, buffer, size);
+}
+
+static int
+trusted_set (struct inode *inode, const char *name, const void *buffer,
+          size_t size, int flags)
+{
+    if (strlen(name) < sizeof(XATTR_TRUSTED_PREFIX))
+        return -EINVAL;
+
+    if (!reiserfs_xattrs_trusted (inode->i_sb))
+        return -EOPNOTSUPP;
+
+    if (!(capable(CAP_SYS_ADMIN) || is_reiserfs_priv_object(inode)))
+        return -EPERM;
+
+    return reiserfs_xattr_set (inode, name, buffer, size, flags);
+}
+
+static int
+trusted_del (struct inode *inode, const char *name)
+{
+    if (strlen(name) < sizeof(XATTR_TRUSTED_PREFIX))
+        return -EINVAL;
+
+    if (!reiserfs_xattrs_trusted (inode->i_sb))
+        return -EOPNOTSUPP;
+
+    if (!(capable(CAP_SYS_ADMIN) || is_reiserfs_priv_object(inode)))
+        return -EPERM;
+
+    return 0;
+}
+
+static int
+trusted_list (struct inode *inode, const char *name, int namelen, char *out)
+{
+    int len = namelen;
+
+    if (!reiserfs_xattrs_trusted (inode->i_sb))
+        return 0;
+
+    if (!(capable(CAP_SYS_ADMIN) || is_reiserfs_priv_object(inode)))
+        return 0;
+
+    if (out)
+        memcpy (out, name, len);
+
+    return len;
+}
+
+
+struct reiserfs_xattr_handler trusted_handler = {
+    prefix: XATTR_TRUSTED_PREFIX,
+    get: trusted_get,
+    set: trusted_set,
+    del: trusted_del,
+    list: trusted_list,
+};
+
+int __init
+reiserfs_xattr_trusted_init (void)
+{
+    return reiserfs_xattr_register_handler (&trusted_handler);
+}
+
+int
+reiserfs_xattr_trusted_exit (void)
+{
+    return reiserfs_xattr_unregister_handler (&trusted_handler);
+}
diff -ruNp linux-2.4.23/include/linux/reiserfs_fs_sb.h linux-2.4.23.xattr/include/linux/reiserfs_fs_sb.h
--- linux-2.4.23/include/linux/reiserfs_fs_sb.h	2003-12-09 14:49:10.499145872 -0500
+++ linux-2.4.23.xattr/include/linux/reiserfs_fs_sb.h	2003-12-09 14:49:41.924368512 -0500
@@ -490,10 +490,17 @@ struct reiserfs_sb_info
 #define reiserfs_attrs(s) ((s)->u.reiserfs_sb.s_mount_opt & (1 << REISERFS_ATTRS))
 #define old_format_only(s) ((s)->u.reiserfs_sb.s_properties & (1 << REISERFS_3_5))
 #define convert_reiserfs(s) ((s)->u.reiserfs_sb.s_mount_opt & (1 << REISERFS_CONVERT))
-#define reiserfs_xattrs(s) ((s)->u.reiserfs_sb.s_mount_opt & (1 << REISERFS_XATTRS))
 #define reiserfs_xattrs_user(s) ((s)->u.reiserfs_sb.s_mount_opt & (1 << REISERFS_XATTRS_USER))
 #define reiserfs_xattrs_optional(s) (reiserfs_xattrs_user(s) || reiserfs_posixacl(s))
 #define reiserfs_posixacl(s) ((s)->u.reiserfs_sb.s_mount_opt & (1 << REISERFS_POSIXACL))
+#ifndef CONFIG_REISERFS_FS_XATTR_TRUSTED
+#define reiserfs_xattrs(s) ((s)->u.reiserfs_sb.s_mount_opt & (1 << REISERFS_XATTRS))
+# define reiserfs_xattrs_trusted(s) (0)
+#else
+/* If trusted xattrs are compiled in, they're "always on." */
+# define reiserfs_xattrs(s) (1)
+# define reiserfs_xattrs_trusted(s) (1)
+#endif
 
 
 void reiserfs_file_buffer (struct buffer_head * bh, int list);
diff -ruNp linux-2.4.23/include/linux/reiserfs_xattr.h linux-2.4.23.xattr/include/linux/reiserfs_xattr.h
--- linux-2.4.23/include/linux/reiserfs_xattr.h	2003-12-09 14:49:10.499145872 -0500
+++ linux-2.4.23.xattr/include/linux/reiserfs_xattr.h	2003-12-09 14:49:41.924368512 -0500
@@ -112,4 +112,21 @@ reiserfs_xattr_user_exit (void)
     return 0;
 }
 #endif
+#ifdef CONFIG_REISERFS_FS_XATTR_TRUSTED
+extern int reiserfs_xattr_trusted_init (void) __init;
+extern int reiserfs_xattr_trusted_exit (void);
+#else
+static inline int
+reiserfs_xattr_trusted_init (void)
+{
+    return 0;
+}
+
+static inline int
+reiserfs_xattr_trusted_exit (void)
+{
+    return 0;
+}
+#endif
+
 #endif  /* __KERNEL__ */