1 files changed, 7 insertions, 4 deletions

diff --git a/include/linux/security.h b/include/linux/security.h
index dac956ed98f0..607ee209ea3b 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -385,6 +385,9 @@ struct swap_info_struct;
  *      NULL to request the size of the buffer required.  @size indicates
  *      the size of @buffer in bytes.  Note that @name is the remainder
  *      of the attribute name after the security. prefix has been removed.
+ *      @err is the return value from the preceding fs getxattr call,
+ *      and can be used by the security module to determine whether it
+ *      should try and canonicalize the attribute value.
  *      Return number of bytes used/required on success.
  * @inode_setsecurity:
  *      Set the security label associated with @name for @inode from the
@@ -1091,7 +1094,7 @@ struct security_operations {
         int (*inode_getxattr) (struct dentry *dentry, char *name);
         int (*inode_listxattr) (struct dentry *dentry);
         int (*inode_removexattr) (struct dentry *dentry, char *name);
-        int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size);
+        int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size, int err);
         int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags);
         int (*inode_listsecurity)(struct inode *inode, char *buffer, size_t buffer_size);
 
@@ -1580,11 +1583,11 @@ static inline int security_inode_removexattr (struct dentry *dentry, char *name)
         return security_ops->inode_removexattr (dentry, name);
 }
 
-static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
 {
         if (unlikely (IS_PRIVATE (inode)))
                 return 0;
-        return security_ops->inode_getsecurity(inode, name, buffer, size);
+        return security_ops->inode_getsecurity(inode, name, buffer, size, err);
 }
 
 static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags)
@@ -2222,7 +2225,7 @@ static inline int security_inode_removexattr (struct dentry *dentry, char *name)
         return cap_inode_removexattr(dentry, name);
 }
 
-static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size, int err)
 {
         return -EOPNOTSUPP;
 }