aboutsummaryrefslogtreecommitdiffstats
path: root/fs/jfs
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2011-06-06 15:29:25 -0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-07-18 12:29:38 -0400
commit9d8f13ba3f4833219e50767b022b82cd0da930eb (patch)
tree3ba2367380d009111ea17696162a62320c88d144 /fs/jfs
parent0f2a55d5bb2372058275b0b343d90dd5d640d045 (diff)
security: new security_inode_init_security API adds function callback
This patch changes the security_inode_init_security API by adding a filesystem specific callback to write security extended attributes. This change is in preparation for supporting the initialization of multiple LSM xattrs and the EVM xattr. Initially the callback function walks an array of xattrs, writing each xattr separately, but could be optimized to write multiple xattrs at once. For existing security_inode_init_security() calls, which have not yet been converted to use the new callback function, such as those in reiserfs and ocfs2, this patch defines security_old_inode_init_security(). Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'fs/jfs')
-rw-r--r--fs/jfs/xattr.c57
1 files changed, 28 insertions, 29 deletions
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index 24838f1eeee5..e982509292f8 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -1091,38 +1091,37 @@ int jfs_removexattr(struct dentry *dentry, const char *name)
1091} 1091}
1092 1092
1093#ifdef CONFIG_JFS_SECURITY 1093#ifdef CONFIG_JFS_SECURITY
1094int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir, 1094int jfs_initxattrs(struct inode *inode, const struct xattr *xattr_array,
1095 const struct qstr *qstr) 1095 void *fs_info)
1096{ 1096{
1097 int rc; 1097 const struct xattr *xattr;
1098 size_t len; 1098 tid_t *tid = fs_info;
1099 void *value;
1100 char *suffix;
1101 char *name; 1099 char *name;
1102 1100 int err = 0;
1103 rc = security_inode_init_security(inode, dir, qstr, &suffix, &value, 1101
1104 &len); 1102 for (xattr = xattr_array; xattr->name != NULL; xattr++) {
1105 if (rc) { 1103 name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
1106 if (rc == -EOPNOTSUPP) 1104 strlen(xattr->name) + 1, GFP_NOFS);
1107 return 0; 1105 if (!name) {
1108 return rc; 1106 err = -ENOMEM;
1109 } 1107 break;
1110 name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix), 1108 }
1111 GFP_NOFS); 1109 strcpy(name, XATTR_SECURITY_PREFIX);
1112 if (!name) { 1110 strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
1113 rc = -ENOMEM; 1111
1114 goto kmalloc_failed; 1112 err = __jfs_setxattr(*tid, inode, name,
1113 xattr->value, xattr->value_len, 0);
1114 kfree(name);
1115 if (err < 0)
1116 break;
1115 } 1117 }
1116 strcpy(name, XATTR_SECURITY_PREFIX); 1118 return err;
1117 strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix); 1119}
1118
1119 rc = __jfs_setxattr(tid, inode, name, value, len, 0);
1120
1121 kfree(name);
1122kmalloc_failed:
1123 kfree(suffix);
1124 kfree(value);
1125 1120
1126 return rc; 1121int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir,
1122 const struct qstr *qstr)
1123{
1124 return security_inode_init_security(inode, dir, qstr,
1125 &jfs_initxattrs, &tid);
1127} 1126}
1128#endif 1127#endif