Commit | Line | Data |
---|---|---|
f466c6fd | 1 | #include "reiserfs.h" |
1da177e4 LT |
2 | #include <linux/errno.h> |
3 | #include <linux/fs.h> | |
4 | #include <linux/pagemap.h> | |
5 | #include <linux/xattr.h> | |
5a0e3ad6 | 6 | #include <linux/slab.h> |
c45ac888 | 7 | #include "xattr.h" |
57fe60df | 8 | #include <linux/security.h> |
17093991 | 9 | #include <linux/uaccess.h> |
1da177e4 | 10 | |
1da177e4 | 11 | static int |
b296821a AV |
12 | security_get(const struct xattr_handler *handler, struct dentry *unused, |
13 | struct inode *inode, const char *name, void *buffer, size_t size) | |
1da177e4 | 14 | { |
b296821a | 15 | if (IS_PRIVATE(inode)) |
bd4c625c | 16 | return -EPERM; |
1da177e4 | 17 | |
b296821a | 18 | return reiserfs_xattr_get(inode, xattr_full_name(handler, name), |
79a628d1 | 19 | buffer, size); |
1da177e4 LT |
20 | } |
21 | ||
22 | static int | |
d9a82a04 AG |
23 | security_set(const struct xattr_handler *handler, struct dentry *dentry, |
24 | const char *name, const void *buffer, size_t size, int flags) | |
1da177e4 | 25 | { |
2b0143b5 | 26 | if (IS_PRIVATE(d_inode(dentry))) |
bd4c625c | 27 | return -EPERM; |
1da177e4 | 28 | |
79a628d1 AV |
29 | return reiserfs_xattr_set(d_inode(dentry), |
30 | xattr_full_name(handler, name), | |
31 | buffer, size, flags); | |
1da177e4 LT |
32 | } |
33 | ||
764a5c6b | 34 | static bool security_list(struct dentry *dentry) |
1da177e4 | 35 | { |
764a5c6b | 36 | return !IS_PRIVATE(d_inode(dentry)); |
1da177e4 LT |
37 | } |
38 | ||
57fe60df JM |
39 | /* Initializes the security context for a new inode and returns the number |
40 | * of blocks needed for the transaction. If successful, reiserfs_security | |
41 | * must be released using reiserfs_security_free when the caller is done. */ | |
42 | int reiserfs_security_init(struct inode *dir, struct inode *inode, | |
2a7dba39 | 43 | const struct qstr *qstr, |
57fe60df JM |
44 | struct reiserfs_security_handle *sec) |
45 | { | |
46 | int blocks = 0; | |
b82bb72b JM |
47 | int error; |
48 | ||
49 | sec->name = NULL; | |
50 | ||
51 | /* Don't add selinux attributes on xattrs - they'll never get used */ | |
52 | if (IS_PRIVATE(dir)) | |
53 | return 0; | |
54 | ||
9d8f13ba MZ |
55 | error = security_old_inode_init_security(inode, dir, qstr, &sec->name, |
56 | &sec->value, &sec->length); | |
57fe60df JM |
57 | if (error) { |
58 | if (error == -EOPNOTSUPP) | |
59 | error = 0; | |
60 | ||
61 | sec->name = NULL; | |
62 | sec->value = NULL; | |
63 | sec->length = 0; | |
64 | return error; | |
65 | } | |
66 | ||
6cb4aff0 | 67 | if (sec->length && reiserfs_xattrs_initialized(inode->i_sb)) { |
57fe60df JM |
68 | blocks = reiserfs_xattr_jcreate_nblocks(inode) + |
69 | reiserfs_xattr_nblocks(inode, sec->length); | |
70 | /* We don't want to count the directories twice if we have | |
71 | * a default ACL. */ | |
72 | REISERFS_I(inode)->i_flags |= i_has_xattr_dir; | |
73 | } | |
74 | return blocks; | |
75 | } | |
76 | ||
77 | int reiserfs_security_write(struct reiserfs_transaction_handle *th, | |
78 | struct inode *inode, | |
79 | struct reiserfs_security_handle *sec) | |
80 | { | |
81 | int error; | |
82 | if (strlen(sec->name) < sizeof(XATTR_SECURITY_PREFIX)) | |
83 | return -EINVAL; | |
84 | ||
85 | error = reiserfs_xattr_set_handle(th, inode, sec->name, sec->value, | |
86 | sec->length, XATTR_CREATE); | |
87 | if (error == -ENODATA || error == -EOPNOTSUPP) | |
88 | error = 0; | |
89 | ||
90 | return error; | |
91 | } | |
92 | ||
93 | void reiserfs_security_free(struct reiserfs_security_handle *sec) | |
94 | { | |
95 | kfree(sec->name); | |
96 | kfree(sec->value); | |
97 | sec->name = NULL; | |
98 | sec->value = NULL; | |
99 | } | |
100 | ||
94d09a98 | 101 | const struct xattr_handler reiserfs_xattr_security_handler = { |
1da177e4 LT |
102 | .prefix = XATTR_SECURITY_PREFIX, |
103 | .get = security_get, | |
104 | .set = security_set, | |
1da177e4 LT |
105 | .list = security_list, |
106 | }; |