19 Jul, 2011

1 commit

• 9d8f13ba3   security: new security_inode_init_security API adds function callback ... Browse Code »

  This patch changes the security_inode_init_security API by adding a
  filesystem specific callback to write security extended attributes.
  This change is in preparation for supporting the initialization of
  multiple LSM xattrs and the EVM xattr. Initially the callback function
  walks an array of xattrs, writing each xattr separately, but could be
  optimized to write multiple xattrs at once.

  For existing security_inode_init_security() calls, which have not yet
  been converted to use the new callback function, such as those in
  reiserfs and ocfs2, this patch defines security_old_inode_init_security().

  Signed-off-by: Mimi Zohar

  Mimi Zohar

  2011-07-19 00:29:38 +0800  

02 Feb, 2011

1 commit

• 2a7dba391   fs/vfs/security: pass last path component to LSM on inode creation ... Browse Code »

  SELinux would like to implement a new labeling behavior of newly created
  inodes. We currently label new inodes based on the parent and the creating
  process. This new behavior would also take into account the name of the
  new object when deciding the new label. This is not the (supposed) full path,
  just the last component of the path.

  This is very useful because creating /etc/shadow is different than creating
  /etc/passwd but the kernel hooks are unable to differentiate these
  operations. We currently require that userspace realize it is doing some
  difficult operation like that and than userspace jumps through SELinux hoops
  to get things set up correctly. This patch does not implement new
  behavior, that is obviously contained in a seperate SELinux patch, but it
  does pass the needed name down to the correct LSM hook. If no such name
  exists it is fine to pass NULL.

  Signed-off-by: Eric Paris

  Eric Paris

  2011-02-02 00:12:29 +0800  

22 May, 2010

1 commit

• 365f0cb9d   jffs2: constify xattr_handler ... Browse Code »

  Signed-off-by: Stephen Hemminger
  Signed-off-by: Al Viro

  Stephen Hemminger

  2010-05-22 06:31:20 +0800  

17 Dec, 2009

1 commit

• 431547b3c   sanitize xattr handler prototypes ... Browse Code »

  Add a flags argument to struct xattr_handler and pass it to all xattr
  handler methods. This allows using the same methods for multiple
  handlers, e.g. for the ACL methods which perform exactly the same action
  for the access and default ACLs, just using a different underlying
  attribute. With a little more groundwork it'll also allow sharing the
  methods for the regular user/trusted/secure handlers in extN, ocfs2 and
  jffs2 like it's already done for xfs in this patch.

  Also change the inode argument to the handlers to a dentry to allow
  using the handlers mechnism for filesystems that require it later,
  e.g. cifs.

  [with GFS2 bits updated by Steven Whitehouse ]

  Signed-off-by: Christoph Hellwig
  Reviewed-by: James Morris
  Acked-by: Joel Becker
  Signed-off-by: Al Viro

  Christoph Hellwig

  2009-12-17 01:16:49 +0800  

10 Jul, 2007

1 commit

• ef53cb02f   [JFFS2] Whitespace cleanups. ... Browse Code »

  Convert many spaces to tabs; one or two other minor cosmetic fixes.

  Signed-off-by: David Woodhouse

  David Woodhouse

  2007-07-10 17:01:22 +0800  

25 Apr, 2007

1 commit

• c00c310ea   [JFFS2] Tidy up licensing/copyright boilerplate. ... Browse Code »

  In particular, remove the bit in the LICENCE file about contacting
  Red Hat for alternative arrangements. Their errant IS department broke
  that arrangement a long time ago -- the policy of collecting copyright
  assignments from contributors came to an end when the plug was pulled on
  the servers hosting the project, without notice or reason.

  We do still dual-license it for use with eCos, with the GPL+exception
  licence approved by the FSF as being GPL-compatible. It's just that nobody
  has the right to license it differently.

  Signed-off-by: David Woodhouse

  David Woodhouse

  2007-04-25 21:16:47 +0800  

13 May, 2006

2 commits

• 652ecc20d   [JFFS2][XATTR] Unify each file header part with any jffs2 file. ... Browse Code »

  Unify each file header part with any jffs2 file.

  [7/10] jffs2-xattr-v5.1-07-unify_file_header.patch

  Signed-off-by: KaiGai Kohei

  KaiGai Kohei

  2006-05-13 14:18:27 +0800  
• aa98d7cf5   [JFFS2][XATTR] XATTR support on JFFS2 (version. 5) ... Browse Code »

  This attached patches provide xattr support including POSIX-ACL and
  SELinux support on JFFS2 (version.5).

  There are some significant differences from previous version posted
  at last December.
  The biggest change is addition of EBS(Erase Block Summary) support.
  Currently, both kernel and usermode utility (sumtool) can recognize
  xattr nodes which have JFFS2_NODETYPE_XATTR/_XREF nodetype.

  In addition, some bugs are fixed.
  - A potential race condition was fixed.
  - Unexpected fail when updating a xattr by same name/value pair was fixed.
  - A bug when removing xattr name/value pair was fixed.

  The fundamental structures (such as using two new nodetypes and exclusion
  mechanism by rwsem) are unchanged. But most of implementation were reviewed
  and updated if necessary.
  Espacially, we had to change several internal implementations related to
  load_xattr_datum() to avoid a potential race condition.

  [1/2] xattr_on_jffs2.kernel.version-5.patch
  [2/2] xattr_on_jffs2.utils.version-5.patch

  Signed-off-by: KaiGai Kohei
  Signed-off-by: David Woodhouse

  KaiGai Kohei

  2006-05-13 14:09:47 +0800