1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
/*
* GPL HEADER START
*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 only,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License version 2 for more details (a copy is included
* in the LICENSE file that accompanied this code).
*
* You should have received a copy of the GNU General Public License
* version 2 along with this program; If not, see http://www.gnu.org/licenses
*
* GPL HEADER END
*/
/*
* Copyright (c) 2014 Bull SAS
* Author: Sebastien Buisson sebastien.buisson@bull.net
*/
/*
* lustre/llite/xattr_security.c
* Handler for storing security labels as extended attributes.
*/
#include <linux/security.h>
#include <linux/xattr.h>
#include "llite_internal.h"
/**
* A helper function for ll_security_inode_init_security()
* that takes care of setting xattrs
*
* Get security context of @inode from @xattr_array,
* and put it in 'security.xxx' xattr of dentry
* stored in @fs_info.
*
* \retval 0 success
* \retval -ENOMEM if no memory could be allocated for xattr name
* \retval < 0 failure to set xattr
*/
static int
ll_initxattrs(struct inode *inode, const struct xattr *xattr_array,
void *fs_info)
{
const struct xattr_handler *handler;
struct dentry *dentry = fs_info;
const struct xattr *xattr;
int err = 0;
handler = get_xattr_type(XATTR_SECURITY_PREFIX);
if (!handler)
return -ENXIO;
for (xattr = xattr_array; xattr->name; xattr++) {
err = handler->set(handler, dentry, inode, xattr->name,
xattr->value, xattr->value_len,
XATTR_CREATE);
if (err < 0)
break;
}
return err;
}
/**
* Initializes security context
*
* Get security context of @inode in @dir,
* and put it in 'security.xxx' xattr of @dentry.
*
* \retval 0 success, or SELinux is disabled
* \retval -ENOMEM if no memory could be allocated for xattr name
* \retval < 0 failure to get security context or set xattr
*/
int
ll_init_security(struct dentry *dentry, struct inode *inode, struct inode *dir)
{
if (!selinux_is_enabled())
return 0;
return security_inode_init_security(inode, dir, NULL,
&ll_initxattrs, dentry);
}
|