diff options
| author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-06-06 15:29:25 -0400 |
|---|---|---|
| committer | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2011-07-18 12:29:38 -0400 |
| commit | 9d8f13ba3f4833219e50767b022b82cd0da930eb (patch) | |
| tree | 3ba2367380d009111ea17696162a62320c88d144 /fs/gfs2 | |
| parent | 0f2a55d5bb2372058275b0b343d90dd5d640d045 (diff) | |
security: new security_inode_init_security API adds function callback
This patch changes the security_inode_init_security API by adding a
filesystem specific callback to write security extended attributes.
This change is in preparation for supporting the initialization of
multiple LSM xattrs and the EVM xattr. Initially the callback function
walks an array of xattrs, writing each xattr separately, but could be
optimized to write multiple xattrs at once.
For existing security_inode_init_security() calls, which have not yet
been converted to use the new callback function, such as those in
reiserfs and ocfs2, this patch defines security_old_inode_init_security().
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'fs/gfs2')
| -rw-r--r-- | fs/gfs2/inode.c | 38 |
1 files changed, 18 insertions, 20 deletions
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 03e0c529063e..1d3a1a651721 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c | |||
| @@ -624,31 +624,29 @@ fail: | |||
| 624 | return error; | 624 | return error; |
| 625 | } | 625 | } |
| 626 | 626 | ||
| 627 | static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip, | 627 | int gfs2_initxattrs(struct inode *inode, const struct xattr *xattr_array, |
| 628 | const struct qstr *qstr) | 628 | void *fs_info) |
| 629 | { | 629 | { |
| 630 | int err; | 630 | const struct xattr *xattr; |
| 631 | size_t len; | 631 | int err = 0; |
| 632 | void *value; | 632 | |
| 633 | char *name; | 633 | for (xattr = xattr_array; xattr->name != NULL; xattr++) { |
| 634 | 634 | err = __gfs2_xattr_set(inode, xattr->name, xattr->value, | |
| 635 | err = security_inode_init_security(&ip->i_inode, &dip->i_inode, qstr, | 635 | xattr->value_len, 0, |
| 636 | &name, &value, &len); | 636 | GFS2_EATYPE_SECURITY); |
| 637 | 637 | if (err < 0) | |
| 638 | if (err) { | 638 | break; |
| 639 | if (err == -EOPNOTSUPP) | ||
| 640 | return 0; | ||
| 641 | return err; | ||
| 642 | } | 639 | } |
| 643 | |||
| 644 | err = __gfs2_xattr_set(&ip->i_inode, name, value, len, 0, | ||
| 645 | GFS2_EATYPE_SECURITY); | ||
| 646 | kfree(value); | ||
| 647 | kfree(name); | ||
| 648 | |||
| 649 | return err; | 640 | return err; |
| 650 | } | 641 | } |
| 651 | 642 | ||
| 643 | static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip, | ||
| 644 | const struct qstr *qstr) | ||
| 645 | { | ||
| 646 | return security_inode_init_security(&ip->i_inode, &dip->i_inode, qstr, | ||
| 647 | &gfs2_initxattrs, NULL); | ||
| 648 | } | ||
| 649 | |||
| 652 | /** | 650 | /** |
| 653 | * gfs2_create_inode - Create a new inode | 651 | * gfs2_create_inode - Create a new inode |
| 654 | * @dir: The parent directory | 652 | * @dir: The parent directory |