diff options
| author | Ryan O'Hara <rohara@redhat.com> | 2006-10-03 11:57:35 -0400 |
|---|---|---|
| committer | Steven Whitehouse <swhiteho@redhat.com> | 2006-10-03 11:57:35 -0400 |
| commit | fcb47e0bd279cab5ba8299c0a1e3364d15413a6b (patch) | |
| tree | c7f01edc5e57fcf4671bc7e6eb58e18c7f377d56 | |
| parent | ddacfaf76dd620af9b73343a975749778321b51c (diff) | |
[GFS2] Initialize SELinux extended attributes at inode creation time.
This patch has gfs2_security_init declared as a static function, which
is correct. As a result, the declaration of this function in inode.h is
removed (and thus inode.h is unchanged). Also removed #include eaops.h,
which is not needed.
Signed-Off-By: Ryan O'Hara <rohara@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
| -rw-r--r-- | fs/gfs2/inode.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 81a921165941..57c43ac47925 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c | |||
| @@ -17,6 +17,7 @@ | |||
| 17 | #include <linux/gfs2_ondisk.h> | 17 | #include <linux/gfs2_ondisk.h> |
| 18 | #include <linux/crc32.h> | 18 | #include <linux/crc32.h> |
| 19 | #include <linux/lm_interface.h> | 19 | #include <linux/lm_interface.h> |
| 20 | #include <linux/security.h> | ||
| 20 | 21 | ||
| 21 | #include "gfs2.h" | 22 | #include "gfs2.h" |
| 22 | #include "incore.h" | 23 | #include "incore.h" |
| @@ -806,6 +807,39 @@ fail: | |||
| 806 | return error; | 807 | return error; |
| 807 | } | 808 | } |
| 808 | 809 | ||
| 810 | static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip) | ||
| 811 | { | ||
| 812 | int err; | ||
| 813 | size_t len; | ||
| 814 | void *value; | ||
| 815 | char *name; | ||
| 816 | struct gfs2_ea_request er; | ||
| 817 | |||
| 818 | err = security_inode_init_security(&ip->i_inode, &dip->i_inode, | ||
| 819 | &name, &value, &len); | ||
| 820 | |||
| 821 | if (err) { | ||
| 822 | if (err == -EOPNOTSUPP) | ||
| 823 | return 0; | ||
| 824 | return err; | ||
| 825 | } | ||
| 826 | |||
| 827 | memset(&er, 0, sizeof(struct gfs2_ea_request)); | ||
| 828 | |||
| 829 | er.er_type = GFS2_EATYPE_SECURITY; | ||
| 830 | er.er_name = name; | ||
| 831 | er.er_data = value; | ||
| 832 | er.er_name_len = strlen(name); | ||
| 833 | er.er_data_len = len; | ||
| 834 | |||
| 835 | err = gfs2_ea_set_i(ip, &er); | ||
| 836 | |||
| 837 | kfree(value); | ||
| 838 | kfree(name); | ||
| 839 | |||
| 840 | return err; | ||
| 841 | } | ||
| 842 | |||
| 809 | /** | 843 | /** |
| 810 | * gfs2_createi - Create a new inode | 844 | * gfs2_createi - Create a new inode |
| 811 | * @ghs: An array of two holders | 845 | * @ghs: An array of two holders |
| @@ -897,6 +931,10 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name, | |||
| 897 | if (error) | 931 | if (error) |
| 898 | goto fail_iput; | 932 | goto fail_iput; |
| 899 | 933 | ||
| 934 | error = gfs2_security_init(dip, GFS2_I(inode)); | ||
| 935 | if (error) | ||
| 936 | goto fail_iput; | ||
| 937 | |||
| 900 | error = link_dinode(dip, name, GFS2_I(inode)); | 938 | error = link_dinode(dip, name, GFS2_I(inode)); |
| 901 | if (error) | 939 | if (error) |
| 902 | goto fail_iput; | 940 | goto fail_iput; |