diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2005-09-09 20:01:41 (GMT) |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-09-09 20:57:28 (GMT) |
| commit | ac50960afa31877493add6d941d8402fa879c452 (patch) | |
| tree | ff6569e5f5412b8363a7c2f8ad11232cb29fb27f | |
| parent | 10f47e6a1b8b276323b652053945c87a63a5812d (diff) | |
| download | linux-ac50960afa31877493add6d941d8402fa879c452.tar.xz | |
[PATCH] ext3: Enable atomic inode security labeling
This patch modifies ext3 to call the inode_init_security LSM hook to obtain
the security attribute for a newly created inode and to set the resulting
attribute on the new inode as part of the same transaction. This parallels
the existing processing for setting ACLs on newly created inodes.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
| -rw-r--r-- | fs/ext3/ialloc.c | 5 | ||||
| -rw-r--r-- | fs/ext3/xattr.h | 11 | ||||
| -rw-r--r-- | fs/ext3/xattr_security.c | 22 |
3 files changed, 38 insertions, 0 deletions
diff --git a/fs/ext3/ialloc.c b/fs/ext3/ialloc.c index 6981bd0..9655276 100644 --- a/fs/ext3/ialloc.c +++ b/fs/ext3/ialloc.c @@ -607,6 +607,11 @@ got: DQUOT_DROP(inode); goto fail2; } + err = ext3_init_security(handle,inode, dir); + if (err) { + DQUOT_FREE_INODE(inode); + goto fail2; + } err = ext3_mark_inode_dirty(handle, inode); if (err) { ext3_std_error(sb, err); diff --git a/fs/ext3/xattr.h b/fs/ext3/xattr.h index eb31a69..2ceae38 100644 --- a/fs/ext3/xattr.h +++ b/fs/ext3/xattr.h @@ -133,3 +133,14 @@ exit_ext3_xattr(void) #define ext3_xattr_handlers NULL # endif /* CONFIG_EXT3_FS_XATTR */ + +#ifdef CONFIG_EXT3_FS_SECURITY +extern int ext3_init_security(handle_t *handle, struct inode *inode, + struct inode *dir); +#else +static inline int ext3_init_security(handle_t *handle, struct inode *inode, + struct inode *dir) +{ + return 0; +} +#endif diff --git a/fs/ext3/xattr_security.c b/fs/ext3/xattr_security.c index ddc1c41..b9c40c1 100644 --- a/fs/ext3/xattr_security.c +++ b/fs/ext3/xattr_security.c @@ -9,6 +9,7 @@ #include <linux/smp_lock.h> #include <linux/ext3_jbd.h> #include <linux/ext3_fs.h> +#include <linux/security.h> #include "xattr.h" static size_t @@ -47,6 +48,27 @@ ext3_xattr_security_set(struct inode *inode, const char *name, value, size, flags); } +int +ext3_init_security(handle_t *handle, struct inode *inode, struct inode *dir) +{ + int err; + size_t len; + void *value; + char *name; + + err = security_inode_init_security(inode, dir, &name, &value, &len); + if (err) { + if (err == -EOPNOTSUPP) + return 0; + return err; + } + err = ext3_xattr_set_handle(handle, inode, EXT3_XATTR_INDEX_SECURITY, + name, value, len, 0); + kfree(name); + kfree(value); + return err; +} + struct xattr_handler ext3_xattr_security_handler = { .prefix = XATTR_SECURITY_PREFIX, .list = ext3_xattr_security_list, |