431547b3c4
Add a flags argument to struct xattr_handler and pass it to all xattr handler methods. This allows using the same methods for multiple handlers, e.g. for the ACL methods which perform exactly the same action for the access and default ACLs, just using a different underlying attribute. With a little more groundwork it'll also allow sharing the methods for the regular user/trusted/secure handlers in extN, ocfs2 and jffs2 like it's already done for xfs in this patch. Also change the inode argument to the handlers to a dentry to allow using the handlers mechnism for filesystems that require it later, e.g. cifs. [with GFS2 bits updated by Steven Whitehouse <swhiteho@redhat.com>] Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
77 lines
1.8 KiB
C
77 lines
1.8 KiB
C
/*
|
|
* linux/fs/ext4/xattr_security.c
|
|
* Handler for storing security labels as extended attributes.
|
|
*/
|
|
|
|
#include <linux/module.h>
|
|
#include <linux/string.h>
|
|
#include <linux/fs.h>
|
|
#include <linux/security.h>
|
|
#include "ext4_jbd2.h"
|
|
#include "ext4.h"
|
|
#include "xattr.h"
|
|
|
|
static size_t
|
|
ext4_xattr_security_list(struct dentry *dentry, char *list, size_t list_size,
|
|
const char *name, size_t name_len, int type)
|
|
{
|
|
const size_t prefix_len = sizeof(XATTR_SECURITY_PREFIX)-1;
|
|
const size_t total_len = prefix_len + name_len + 1;
|
|
|
|
|
|
if (list && total_len <= list_size) {
|
|
memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);
|
|
memcpy(list+prefix_len, name, name_len);
|
|
list[prefix_len + name_len] = '\0';
|
|
}
|
|
return total_len;
|
|
}
|
|
|
|
static int
|
|
ext4_xattr_security_get(struct dentry *dentry, const char *name,
|
|
void *buffer, size_t size, int type)
|
|
{
|
|
if (strcmp(name, "") == 0)
|
|
return -EINVAL;
|
|
return ext4_xattr_get(dentry->d_inode, EXT4_XATTR_INDEX_SECURITY,
|
|
name, buffer, size);
|
|
}
|
|
|
|
static int
|
|
ext4_xattr_security_set(struct dentry *dentry, const char *name,
|
|
const void *value, size_t size, int flags, int type)
|
|
{
|
|
if (strcmp(name, "") == 0)
|
|
return -EINVAL;
|
|
return ext4_xattr_set(dentry->d_inode, EXT4_XATTR_INDEX_SECURITY,
|
|
name, value, size, flags);
|
|
}
|
|
|
|
int
|
|
ext4_init_security(handle_t *handle, struct inode *inode, struct inode *dir)
|
|
{
|
|
int err;
|
|
size_t len;
|
|
void *value;
|
|
char *name;
|
|
|
|
err = security_inode_init_security(inode, dir, &name, &value, &len);
|
|
if (err) {
|
|
if (err == -EOPNOTSUPP)
|
|
return 0;
|
|
return err;
|
|
}
|
|
err = ext4_xattr_set_handle(handle, inode, EXT4_XATTR_INDEX_SECURITY,
|
|
name, value, len, 0);
|
|
kfree(name);
|
|
kfree(value);
|
|
return err;
|
|
}
|
|
|
|
struct xattr_handler ext4_xattr_security_handler = {
|
|
.prefix = XATTR_SECURITY_PREFIX,
|
|
.list = ext4_xattr_security_list,
|
|
.get = ext4_xattr_security_get,
|
|
.set = ext4_xattr_security_set,
|
|
};
|