diff options
author | Ryan O'Hara <rohara@redhat.com> | 2006-10-03 11:57:35 -0400 |
---|---|---|
committer | Steven Whitehouse <swhiteho@redhat.com> | 2006-10-03 11:57:35 -0400 |
commit | fcb47e0bd279cab5ba8299c0a1e3364d15413a6b (patch) | |
tree | c7f01edc5e57fcf4671bc7e6eb58e18c7f377d56 | |
parent | ddacfaf76dd620af9b73343a975749778321b51c (diff) |
[GFS2] Initialize SELinux extended attributes at inode creation time.
This patch has gfs2_security_init declared as a static function, which
is correct. As a result, the declaration of this function in inode.h is
removed (and thus inode.h is unchanged). Also removed #include eaops.h,
which is not needed.
Signed-Off-By: Ryan O'Hara <rohara@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
-rw-r--r-- | fs/gfs2/inode.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 81a921165941..57c43ac47925 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c | |||
@@ -17,6 +17,7 @@ | |||
17 | #include <linux/gfs2_ondisk.h> | 17 | #include <linux/gfs2_ondisk.h> |
18 | #include <linux/crc32.h> | 18 | #include <linux/crc32.h> |
19 | #include <linux/lm_interface.h> | 19 | #include <linux/lm_interface.h> |
20 | #include <linux/security.h> | ||
20 | 21 | ||
21 | #include "gfs2.h" | 22 | #include "gfs2.h" |
22 | #include "incore.h" | 23 | #include "incore.h" |
@@ -806,6 +807,39 @@ fail: | |||
806 | return error; | 807 | return error; |
807 | } | 808 | } |
808 | 809 | ||
810 | static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip) | ||
811 | { | ||
812 | int err; | ||
813 | size_t len; | ||
814 | void *value; | ||
815 | char *name; | ||
816 | struct gfs2_ea_request er; | ||
817 | |||
818 | err = security_inode_init_security(&ip->i_inode, &dip->i_inode, | ||
819 | &name, &value, &len); | ||
820 | |||
821 | if (err) { | ||
822 | if (err == -EOPNOTSUPP) | ||
823 | return 0; | ||
824 | return err; | ||
825 | } | ||
826 | |||
827 | memset(&er, 0, sizeof(struct gfs2_ea_request)); | ||
828 | |||
829 | er.er_type = GFS2_EATYPE_SECURITY; | ||
830 | er.er_name = name; | ||
831 | er.er_data = value; | ||
832 | er.er_name_len = strlen(name); | ||
833 | er.er_data_len = len; | ||
834 | |||
835 | err = gfs2_ea_set_i(ip, &er); | ||
836 | |||
837 | kfree(value); | ||
838 | kfree(name); | ||
839 | |||
840 | return err; | ||
841 | } | ||
842 | |||
809 | /** | 843 | /** |
810 | * gfs2_createi - Create a new inode | 844 | * gfs2_createi - Create a new inode |
811 | * @ghs: An array of two holders | 845 | * @ghs: An array of two holders |
@@ -897,6 +931,10 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name, | |||
897 | if (error) | 931 | if (error) |
898 | goto fail_iput; | 932 | goto fail_iput; |
899 | 933 | ||
934 | error = gfs2_security_init(dip, GFS2_I(inode)); | ||
935 | if (error) | ||
936 | goto fail_iput; | ||
937 | |||
900 | error = link_dinode(dip, name, GFS2_I(inode)); | 938 | error = link_dinode(dip, name, GFS2_I(inode)); |
901 | if (error) | 939 | if (error) |
902 | goto fail_iput; | 940 | goto fail_iput; |