3 files changed, 68 insertions, 0 deletions

diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h
index 116a73ce3076..25e9990bccd1 100644
--- a/fs/jfs/jfs_xattr.h
+++ b/fs/jfs/jfs_xattr.h
@@ -61,4 +61,14 @@ extern ssize_t jfs_getxattr(struct dentry *, const char *, void *, size_t);
 extern ssize_t jfs_listxattr(struct dentry *, char *, size_t);
 extern int jfs_removexattr(struct dentry *, const char *);
 
+#ifdef CONFIG_JFS_SECURITY
+extern int jfs_init_security(tid_t, struct inode *, struct inode *);
+#else
+static inline int jfs_init_security(tid_t tid, struct inode *inode,
+                                    struct inode *dir)
+{
+        return 0;
+}
+#endif
+
 #endif  /* H_JFS_XATTR */
diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c
index f23f9c2aa525..1abe7343f920 100644
--- a/fs/jfs/namei.c
+++ b/fs/jfs/namei.c
@@ -111,6 +111,12 @@ static int jfs_create(struct inode *dip, struct dentry *dentry, int mode,
         if (rc)
                 goto out3;
 
+        rc = jfs_init_security(tid, ip, dip);
+        if (rc) {
+                txAbort(tid, 0);
+                goto out3;
+        }
+
         if ((rc = dtSearch(dip, &dname, &ino, &btstack, JFS_CREATE))) {
                 jfs_err("jfs_create: dtSearch returned %d", rc);
                 txAbort(tid, 0);
@@ -239,6 +245,12 @@ static int jfs_mkdir(struct inode *dip, struct dentry *dentry, int mode)
         if (rc)
                 goto out3;
 
+        rc = jfs_init_security(tid, ip, dip);
+        if (rc) {
+                txAbort(tid, 0);
+                goto out3;
+        }
+
         if ((rc = dtSearch(dip, &dname, &ino, &btstack, JFS_CREATE))) {
                 jfs_err("jfs_mkdir: dtSearch returned %d", rc);
                 txAbort(tid, 0);
@@ -906,6 +918,10 @@ static int jfs_symlink(struct inode *dip, struct dentry *dentry,
         down(&JFS_IP(dip)->commit_sem);
         down(&JFS_IP(ip)->commit_sem);
 
+        rc = jfs_init_security(tid, ip, dip);
+        if (rc)
+                goto out3;
+
         tblk = tid_to_tblock(tid);
         tblk->xflag |= COMMIT_CREATE;
         tblk->ino = ip->i_ino;
@@ -1349,6 +1365,12 @@ static int jfs_mknod(struct inode *dir, struct dentry *dentry,
         if (rc)
                 goto out3;
 
+        rc = jfs_init_security(tid, ip, dir);
+        if (rc) {
+                txAbort(tid, 0);
+                goto out3;
+        }
+
         if ((rc = dtSearch(dir, &dname, &ino, &btstack, JFS_CREATE))) {
                 txAbort(tid, 0);
                 goto out3;
diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c
index 35674b2a0e6c..23aa5066b5a4 100644
--- a/fs/jfs/xattr.c
+++ b/fs/jfs/xattr.c
@@ -21,6 +21,7 @@
 #include <linux/xattr.h>
 #include <linux/posix_acl_xattr.h>
 #include <linux/quotaops.h>
+#include <linux/security.h>
 #include "jfs_incore.h"
 #include "jfs_superblock.h"
 #include "jfs_dmap.h"
@@ -1148,3 +1149,38 @@ int jfs_removexattr(struct dentry *dentry, const char *name)
 
         return rc;
 }
+
+#ifdef CONFIG_JFS_SECURITY
+int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir)
+{
+        int rc;
+        size_t len;
+        void *value;
+        char *suffix;
+        char *name;
+
+        rc = security_inode_init_security(inode, dir, &suffix, &value, &len);
+        if (rc) {
+                if (rc == -EOPNOTSUPP)
+                        return 0;
+                return rc;
+        }
+        name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix),
+                       GFP_NOFS);
+        if (!name) {
+                rc = -ENOMEM;
+                goto kmalloc_failed;
+        }
+        strcpy(name, XATTR_SECURITY_PREFIX);
+        strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix);
+
+        rc = __jfs_setxattr(tid, inode, name, value, len, 0);
+
+        kfree(name);
+kmalloc_failed:
+        kfree(suffix);
+        kfree(value);
+
+        return rc;
+}
+#endif