aboutsummaryrefslogtreecommitdiffstats
path: root/fs/xfs
diff options
context:
space:
mode:
authorNathan Scott <nathans@sgi.com>2006-01-10 23:35:44 -0500
committerNathan Scott <nathans@sgi.com>2006-01-10 23:35:44 -0500
commit446ada4a03808f128e8f28daa0f103dc69d22d5b (patch)
treeb761443e2b7da0dfb1741413e2347b8cdf0b437f /fs/xfs
parentc2cd2550603d847b709035c4c6b666adf560d7b8 (diff)
[XFS] Add an XFS callout to security_inode_init_security; SE Linux is not
functional with XFS without this change. SGI-PV: 946762 SGI-Modid: xfs-linux-melb:xfs-kern:24766a Signed-off-by: Nathan Scott <nathans@sgi.com>
Diffstat (limited to 'fs/xfs')
-rw-r--r--fs/xfs/linux-2.6/xfs_iops.c37
1 files changed, 37 insertions, 0 deletions
diff --git a/fs/xfs/linux-2.6/xfs_iops.c b/fs/xfs/linux-2.6/xfs_iops.c
index 8fd274fc26d5..6bf770cfb006 100644
--- a/fs/xfs/linux-2.6/xfs_iops.c
+++ b/fs/xfs/linux-2.6/xfs_iops.c
@@ -53,6 +53,7 @@
53 53
54#include <linux/xattr.h> 54#include <linux/xattr.h>
55#include <linux/namei.h> 55#include <linux/namei.h>
56#include <linux/security.h>
56 57
57#define IS_NOATIME(inode) ((inode->i_sb->s_flags & MS_NOATIME) || \ 58#define IS_NOATIME(inode) ((inode->i_sb->s_flags & MS_NOATIME) || \
58 (S_ISDIR(inode->i_mode) && inode->i_sb->s_flags & MS_NODIRATIME)) 59 (S_ISDIR(inode->i_mode) && inode->i_sb->s_flags & MS_NODIRATIME))
@@ -203,6 +204,39 @@ validate_fields(
203} 204}
204 205
205/* 206/*
207 * Hook in SELinux. This is not quite correct yet, what we really need
208 * here (as we do for default ACLs) is a mechanism by which creation of
209 * these attrs can be journalled at inode creation time (along with the
210 * inode, of course, such that log replay can't cause these to be lost).
211 */
212STATIC int
213linvfs_init_security(
214 struct vnode *vp,
215 struct inode *dir)
216{
217 struct inode *ip = LINVFS_GET_IP(vp);
218 size_t length;
219 void *value;
220 char *name;
221 int error;
222
223 error = security_inode_init_security(ip, dir, &name, &value, &length);
224 if (error) {
225 if (error == -EOPNOTSUPP)
226 return 0;
227 return -error;
228 }
229
230 VOP_ATTR_SET(vp, name, value, length, ATTR_SECURE, NULL, error);
231 if (!error)
232 VMODIFY(vp);
233
234 kfree(name);
235 kfree(value);
236 return error;
237}
238
239/*
206 * Determine whether a process has a valid fs_struct (kernel daemons 240 * Determine whether a process has a valid fs_struct (kernel daemons
207 * like knfsd don't have an fs_struct). 241 * like knfsd don't have an fs_struct).
208 * 242 *
@@ -267,6 +301,9 @@ linvfs_mknod(
267 break; 301 break;
268 } 302 }
269 303
304 if (!error)
305 error = linvfs_init_security(vp, dir);
306
270 if (default_acl) { 307 if (default_acl) {
271 if (!error) { 308 if (!error) {
272 error = _ACL_INHERIT(vp, &va, default_acl); 309 error = _ACL_INHERIT(vp, &va, default_acl);