diff options
author | Nathan Scott <nathans@sgi.com> | 2006-01-10 23:35:44 -0500 |
---|---|---|
committer | Nathan Scott <nathans@sgi.com> | 2006-01-10 23:35:44 -0500 |
commit | 446ada4a03808f128e8f28daa0f103dc69d22d5b (patch) | |
tree | b761443e2b7da0dfb1741413e2347b8cdf0b437f /fs/xfs | |
parent | c2cd2550603d847b709035c4c6b666adf560d7b8 (diff) |
[XFS] Add an XFS callout to security_inode_init_security; SE Linux is not
functional with XFS without this change.
SGI-PV: 946762
SGI-Modid: xfs-linux-melb:xfs-kern:24766a
Signed-off-by: Nathan Scott <nathans@sgi.com>
Diffstat (limited to 'fs/xfs')
-rw-r--r-- | fs/xfs/linux-2.6/xfs_iops.c | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/fs/xfs/linux-2.6/xfs_iops.c b/fs/xfs/linux-2.6/xfs_iops.c index 8fd274fc26d5..6bf770cfb006 100644 --- a/fs/xfs/linux-2.6/xfs_iops.c +++ b/fs/xfs/linux-2.6/xfs_iops.c | |||
@@ -53,6 +53,7 @@ | |||
53 | 53 | ||
54 | #include <linux/xattr.h> | 54 | #include <linux/xattr.h> |
55 | #include <linux/namei.h> | 55 | #include <linux/namei.h> |
56 | #include <linux/security.h> | ||
56 | 57 | ||
57 | #define IS_NOATIME(inode) ((inode->i_sb->s_flags & MS_NOATIME) || \ | 58 | #define IS_NOATIME(inode) ((inode->i_sb->s_flags & MS_NOATIME) || \ |
58 | (S_ISDIR(inode->i_mode) && inode->i_sb->s_flags & MS_NODIRATIME)) | 59 | (S_ISDIR(inode->i_mode) && inode->i_sb->s_flags & MS_NODIRATIME)) |
@@ -203,6 +204,39 @@ validate_fields( | |||
203 | } | 204 | } |
204 | 205 | ||
205 | /* | 206 | /* |
207 | * Hook in SELinux. This is not quite correct yet, what we really need | ||
208 | * here (as we do for default ACLs) is a mechanism by which creation of | ||
209 | * these attrs can be journalled at inode creation time (along with the | ||
210 | * inode, of course, such that log replay can't cause these to be lost). | ||
211 | */ | ||
212 | STATIC int | ||
213 | linvfs_init_security( | ||
214 | struct vnode *vp, | ||
215 | struct inode *dir) | ||
216 | { | ||
217 | struct inode *ip = LINVFS_GET_IP(vp); | ||
218 | size_t length; | ||
219 | void *value; | ||
220 | char *name; | ||
221 | int error; | ||
222 | |||
223 | error = security_inode_init_security(ip, dir, &name, &value, &length); | ||
224 | if (error) { | ||
225 | if (error == -EOPNOTSUPP) | ||
226 | return 0; | ||
227 | return -error; | ||
228 | } | ||
229 | |||
230 | VOP_ATTR_SET(vp, name, value, length, ATTR_SECURE, NULL, error); | ||
231 | if (!error) | ||
232 | VMODIFY(vp); | ||
233 | |||
234 | kfree(name); | ||
235 | kfree(value); | ||
236 | return error; | ||
237 | } | ||
238 | |||
239 | /* | ||
206 | * Determine whether a process has a valid fs_struct (kernel daemons | 240 | * Determine whether a process has a valid fs_struct (kernel daemons |
207 | * like knfsd don't have an fs_struct). | 241 | * like knfsd don't have an fs_struct). |
208 | * | 242 | * |
@@ -267,6 +301,9 @@ linvfs_mknod( | |||
267 | break; | 301 | break; |
268 | } | 302 | } |
269 | 303 | ||
304 | if (!error) | ||
305 | error = linvfs_init_security(vp, dir); | ||
306 | |||
270 | if (default_acl) { | 307 | if (default_acl) { |
271 | if (!error) { | 308 | if (!error) { |
272 | error = _ACL_INHERIT(vp, &va, default_acl); | 309 | error = _ACL_INHERIT(vp, &va, default_acl); |