diff options
author | Ryan O'Hara <rohara@redhat.com> | 2006-10-03 11:57:35 -0400 |
---|---|---|
committer | Steven Whitehouse <swhiteho@redhat.com> | 2006-10-03 11:57:35 -0400 |
commit | fcb47e0bd279cab5ba8299c0a1e3364d15413a6b (patch) | |
tree | c7f01edc5e57fcf4671bc7e6eb58e18c7f377d56 /fs | |
parent | ddacfaf76dd620af9b73343a975749778321b51c (diff) | |
download | op-kernel-dev-fcb47e0bd279cab5ba8299c0a1e3364d15413a6b.zip op-kernel-dev-fcb47e0bd279cab5ba8299c0a1e3364d15413a6b.tar.gz |
[GFS2] Initialize SELinux extended attributes at inode creation time.
This patch has gfs2_security_init declared as a static function, which
is correct. As a result, the declaration of this function in inode.h is
removed (and thus inode.h is unchanged). Also removed #include eaops.h,
which is not needed.
Signed-Off-By: Ryan O'Hara <rohara@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/gfs2/inode.c | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 81a9211..57c43ac 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -17,6 +17,7 @@ #include <linux/gfs2_ondisk.h> #include <linux/crc32.h> #include <linux/lm_interface.h> +#include <linux/security.h> #include "gfs2.h" #include "incore.h" @@ -806,6 +807,39 @@ fail: return error; } +static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip) +{ + int err; + size_t len; + void *value; + char *name; + struct gfs2_ea_request er; + + err = security_inode_init_security(&ip->i_inode, &dip->i_inode, + &name, &value, &len); + + if (err) { + if (err == -EOPNOTSUPP) + return 0; + return err; + } + + memset(&er, 0, sizeof(struct gfs2_ea_request)); + + er.er_type = GFS2_EATYPE_SECURITY; + er.er_name = name; + er.er_data = value; + er.er_name_len = strlen(name); + er.er_data_len = len; + + err = gfs2_ea_set_i(ip, &er); + + kfree(value); + kfree(name); + + return err; +} + /** * gfs2_createi - Create a new inode * @ghs: An array of two holders @@ -897,6 +931,10 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name, if (error) goto fail_iput; + error = gfs2_security_init(dip, GFS2_I(inode)); + if (error) + goto fail_iput; + error = link_dinode(dip, name, GFS2_I(inode)); if (error) goto fail_iput; |