After 'ostree-ext-cli ima-sign' is called on a dummy ostree repository, ostree checkout fails with an error related to fsetxattr:

fsetxattr(9, "", "\3\2\4\302\346%2\1\200\210\34D\326%\232\256\\370v\1776\233\376>(V\331\37\322\210\3\227"..., 393, 0) = -1 ERANGE (Numerical result out of range)
write(2, "error: Copy checkout of 3d0c9365"..., 161error: Copy checkout of 3d0c9365e02a275871097ec349c30e905d787937ca3293aad2014d84411a22cd to file.txt: Setting xattrs: fsetxattr(): Numerical result out of range

For some reason second fsetxattr parameter is an empty string, which looks obviously incorrect.

Testing script (see lines 15-20):
https://gist.github.com/vnd/48c4d57b646af9a6ba29e7453303b8a7

Note: if ostree init is called without --mode=archive then IMA signing fails, but may be that's expected.

Note: CONFIG_EXT4_FS_SECURITY is enabled, and I'm able to set attributes manually via setfattr

ostree version: 2024.5
ostree-ext-cli is compiled from recent ostree-rs-ext by cargo build

P.S. General context is that I'm trying to apply IMA signing to an embedded Linux yocto-based distro, but IMA file attributes are missing from rootfs. The above is done in scope of debugging this issue, as I'm not even able to check if attributes are properly set in the generated ostree repo.