summaryrefslogtreecommitdiffstats
path: root/fs/ext3/xattr_security.c
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2005-09-09 13:01:41 -0700
committerLinus Torvalds <torvalds@g5.osdl.org>2005-09-09 13:57:28 -0700
commitac50960afa31877493add6d941d8402fa879c452 (patch)
treeff6569e5f5412b8363a7c2f8ad11232cb29fb27f /fs/ext3/xattr_security.c
parent10f47e6a1b8b276323b652053945c87a63a5812d (diff)
downloadlinux-stable-ac50960afa31877493add6d941d8402fa879c452.tar.gz
linux-stable-ac50960afa31877493add6d941d8402fa879c452.tar.bz2
linux-stable-ac50960afa31877493add6d941d8402fa879c452.zip
[PATCH] ext3: Enable atomic inode security labeling
This patch modifies ext3 to call the inode_init_security LSM hook to obtain the security attribute for a newly created inode and to set the resulting attribute on the new inode as part of the same transaction. This parallels the existing processing for setting ACLs on newly created inodes. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/ext3/xattr_security.c')
-rw-r--r--fs/ext3/xattr_security.c22
1 files changed, 22 insertions, 0 deletions
diff --git a/fs/ext3/xattr_security.c b/fs/ext3/xattr_security.c
index ddc1c41750e1..b9c40c15647b 100644
--- a/fs/ext3/xattr_security.c
+++ b/fs/ext3/xattr_security.c
@@ -9,6 +9,7 @@
#include <linux/smp_lock.h>
#include <linux/ext3_jbd.h>
#include <linux/ext3_fs.h>
+#include <linux/security.h>
#include "xattr.h"
static size_t
@@ -47,6 +48,27 @@ ext3_xattr_security_set(struct inode *inode, const char *name,
value, size, flags);
}
+int
+ext3_init_security(handle_t *handle, struct inode *inode, struct inode *dir)
+{
+ int err;
+ size_t len;
+ void *value;
+ char *name;
+
+ err = security_inode_init_security(inode, dir, &name, &value, &len);
+ if (err) {
+ if (err == -EOPNOTSUPP)
+ return 0;
+ return err;
+ }
+ err = ext3_xattr_set_handle(handle, inode, EXT3_XATTR_INDEX_SECURITY,
+ name, value, len, 0);
+ kfree(name);
+ kfree(value);
+ return err;
+}
+
struct xattr_handler ext3_xattr_security_handler = {
.prefix = XATTR_SECURITY_PREFIX,
.list = ext3_xattr_security_list,