diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 12:15:43 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-16 12:15:43 -0400 |
| commit | 0f6e0e8448a16d8d22119ce91d8dd24b44865b51 (patch) | |
| tree | 7c295c02db035fc6a0b867465911a2bc9dc6b1ef /fs/ocfs2 | |
| parent | 0d2ecee2bdb2a19d04bc5cefac0f86e790f1aad4 (diff) | |
| parent | a002951c97ff8da49938c982a4c236bf2fafdc9f (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (33 commits)
AppArmor: kill unused macros in lsm.c
AppArmor: cleanup generated files correctly
KEYS: Add an iovec version of KEYCTL_INSTANTIATE
KEYS: Add a new keyctl op to reject a key with a specified error code
KEYS: Add a key type op to permit the key description to be vetted
KEYS: Add an RCU payload dereference macro
AppArmor: Cleanup make file to remove cruft and make it easier to read
SELinux: implement the new sb_remount LSM hook
LSM: Pass -o remount options to the LSM
SELinux: Compute SID for the newly created socket
SELinux: Socket retains creator role and MLS attribute
SELinux: Auto-generate security_is_socket_class
TOMOYO: Fix memory leak upon file open.
Revert "selinux: simplify ioctl checking"
selinux: drop unused packet flow permissions
selinux: Fix packet forwarding checks on postrouting
selinux: Fix wrong checks for selinux_policycap_netpeer
selinux: Fix check for xfrm selinux context algorithm
ima: remove unnecessary call to ima_must_measure
IMA: remove IMA imbalance checking
...
Diffstat (limited to 'fs/ocfs2')
| -rw-r--r-- | fs/ocfs2/namei.c | 4 | ||||
| -rw-r--r-- | fs/ocfs2/refcounttree.c | 3 | ||||
| -rw-r--r-- | fs/ocfs2/xattr.c | 10 | ||||
| -rw-r--r-- | fs/ocfs2/xattr.h | 4 |
4 files changed, 13 insertions, 8 deletions
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c index 849fb4a2e814..d6c25d76b537 100644 --- a/fs/ocfs2/namei.c +++ b/fs/ocfs2/namei.c | |||
| @@ -293,7 +293,7 @@ static int ocfs2_mknod(struct inode *dir, | |||
| 293 | } | 293 | } |
| 294 | 294 | ||
| 295 | /* get security xattr */ | 295 | /* get security xattr */ |
| 296 | status = ocfs2_init_security_get(inode, dir, &si); | 296 | status = ocfs2_init_security_get(inode, dir, &dentry->d_name, &si); |
| 297 | if (status) { | 297 | if (status) { |
| 298 | if (status == -EOPNOTSUPP) | 298 | if (status == -EOPNOTSUPP) |
| 299 | si.enable = 0; | 299 | si.enable = 0; |
| @@ -1665,7 +1665,7 @@ static int ocfs2_symlink(struct inode *dir, | |||
| 1665 | } | 1665 | } |
| 1666 | 1666 | ||
| 1667 | /* get security xattr */ | 1667 | /* get security xattr */ |
| 1668 | status = ocfs2_init_security_get(inode, dir, &si); | 1668 | status = ocfs2_init_security_get(inode, dir, &dentry->d_name, &si); |
| 1669 | if (status) { | 1669 | if (status) { |
| 1670 | if (status == -EOPNOTSUPP) | 1670 | if (status == -EOPNOTSUPP) |
| 1671 | si.enable = 0; | 1671 | si.enable = 0; |
diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c index 29623da133cc..c384d634872a 100644 --- a/fs/ocfs2/refcounttree.c +++ b/fs/ocfs2/refcounttree.c | |||
| @@ -4328,7 +4328,8 @@ static int ocfs2_reflink(struct dentry *old_dentry, struct inode *dir, | |||
| 4328 | 4328 | ||
| 4329 | /* If the security isn't preserved, we need to re-initialize them. */ | 4329 | /* If the security isn't preserved, we need to re-initialize them. */ |
| 4330 | if (!preserve) { | 4330 | if (!preserve) { |
| 4331 | error = ocfs2_init_security_and_acl(dir, new_orphan_inode); | 4331 | error = ocfs2_init_security_and_acl(dir, new_orphan_inode, |
| 4332 | &new_dentry->d_name); | ||
| 4332 | if (error) | 4333 | if (error) |
| 4333 | mlog_errno(error); | 4334 | mlog_errno(error); |
| 4334 | } | 4335 | } |
diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index 67cd43914641..6bb602486c6b 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c | |||
| @@ -7185,7 +7185,8 @@ out: | |||
| 7185 | * must not hold any lock expect i_mutex. | 7185 | * must not hold any lock expect i_mutex. |
| 7186 | */ | 7186 | */ |
| 7187 | int ocfs2_init_security_and_acl(struct inode *dir, | 7187 | int ocfs2_init_security_and_acl(struct inode *dir, |
| 7188 | struct inode *inode) | 7188 | struct inode *inode, |
| 7189 | const struct qstr *qstr) | ||
| 7189 | { | 7190 | { |
| 7190 | int ret = 0; | 7191 | int ret = 0; |
| 7191 | struct buffer_head *dir_bh = NULL; | 7192 | struct buffer_head *dir_bh = NULL; |
| @@ -7193,7 +7194,7 @@ int ocfs2_init_security_and_acl(struct inode *dir, | |||
| 7193 | .enable = 1, | 7194 | .enable = 1, |
| 7194 | }; | 7195 | }; |
| 7195 | 7196 | ||
| 7196 | ret = ocfs2_init_security_get(inode, dir, &si); | 7197 | ret = ocfs2_init_security_get(inode, dir, qstr, &si); |
| 7197 | if (!ret) { | 7198 | if (!ret) { |
| 7198 | ret = ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY, | 7199 | ret = ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY, |
| 7199 | si.name, si.value, si.value_len, | 7200 | si.name, si.value, si.value_len, |
| @@ -7261,13 +7262,14 @@ static int ocfs2_xattr_security_set(struct dentry *dentry, const char *name, | |||
| 7261 | 7262 | ||
| 7262 | int ocfs2_init_security_get(struct inode *inode, | 7263 | int ocfs2_init_security_get(struct inode *inode, |
| 7263 | struct inode *dir, | 7264 | struct inode *dir, |
| 7265 | const struct qstr *qstr, | ||
| 7264 | struct ocfs2_security_xattr_info *si) | 7266 | struct ocfs2_security_xattr_info *si) |
| 7265 | { | 7267 | { |
| 7266 | /* check whether ocfs2 support feature xattr */ | 7268 | /* check whether ocfs2 support feature xattr */ |
| 7267 | if (!ocfs2_supports_xattr(OCFS2_SB(dir->i_sb))) | 7269 | if (!ocfs2_supports_xattr(OCFS2_SB(dir->i_sb))) |
| 7268 | return -EOPNOTSUPP; | 7270 | return -EOPNOTSUPP; |
| 7269 | return security_inode_init_security(inode, dir, &si->name, &si->value, | 7271 | return security_inode_init_security(inode, dir, qstr, &si->name, |
| 7270 | &si->value_len); | 7272 | &si->value, &si->value_len); |
| 7271 | } | 7273 | } |
| 7272 | 7274 | ||
| 7273 | int ocfs2_init_security_set(handle_t *handle, | 7275 | int ocfs2_init_security_set(handle_t *handle, |
diff --git a/fs/ocfs2/xattr.h b/fs/ocfs2/xattr.h index aa64bb37a65b..d63cfb72316b 100644 --- a/fs/ocfs2/xattr.h +++ b/fs/ocfs2/xattr.h | |||
| @@ -57,6 +57,7 @@ int ocfs2_has_inline_xattr_value_outside(struct inode *inode, | |||
| 57 | struct ocfs2_dinode *di); | 57 | struct ocfs2_dinode *di); |
| 58 | int ocfs2_xattr_remove(struct inode *, struct buffer_head *); | 58 | int ocfs2_xattr_remove(struct inode *, struct buffer_head *); |
| 59 | int ocfs2_init_security_get(struct inode *, struct inode *, | 59 | int ocfs2_init_security_get(struct inode *, struct inode *, |
| 60 | const struct qstr *, | ||
| 60 | struct ocfs2_security_xattr_info *); | 61 | struct ocfs2_security_xattr_info *); |
| 61 | int ocfs2_init_security_set(handle_t *, struct inode *, | 62 | int ocfs2_init_security_set(handle_t *, struct inode *, |
| 62 | struct buffer_head *, | 63 | struct buffer_head *, |
| @@ -94,5 +95,6 @@ int ocfs2_reflink_xattrs(struct inode *old_inode, | |||
| 94 | struct buffer_head *new_bh, | 95 | struct buffer_head *new_bh, |
| 95 | bool preserve_security); | 96 | bool preserve_security); |
| 96 | int ocfs2_init_security_and_acl(struct inode *dir, | 97 | int ocfs2_init_security_and_acl(struct inode *dir, |
| 97 | struct inode *inode); | 98 | struct inode *inode, |
| 99 | const struct qstr *qstr); | ||
| 98 | #endif /* OCFS2_XATTR_H */ | 100 | #endif /* OCFS2_XATTR_H */ |