JFS: Implement jfs_init_security

This atomically initializes the security xattr when an object is created Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>

JFS: Implement jfs_init_security
This atomically initializes the security xattr when an object is created Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
Dave Kleikamp
1 parent 4f4b401bfa
Showing 3 changed files with 68 additions and 0 deletions Side-by-side Diff
fs/jfs/jfs_xattr.h
fs/jfs/namei.c
fs/jfs/xattr.c
@@ -61,5 +61,15 @@
 extern ssize_t jfs_listxattr(struct dentry *, char *, size_t);
 extern int jfs_removexattr(struct dentry *, const char *);
  
+#ifdef CONFIG_JFS_SECURITY
+extern int jfs_init_security(tid_t, struct inode *, struct inode *);
+#else
+static inline int jfs_init_security(tid_t tid, struct inode *inode,
+				    struct inode *dir)
+{
+	return 0;
+}
+#endif
+
 #endif	/* H_JFS_XATTR */
@@ -111,6 +111,12 @@
 	if (rc)
 		goto out3;
  
+	rc = jfs_init_security(tid, ip, dip);
+	if (rc) {
+		txAbort(tid, 0);
+		goto out3;
+	}
+
 	if ((rc = dtSearch(dip, &dname, &ino, &btstack, JFS_CREATE))) {
 		jfs_err("jfs_create: dtSearch returned %d", rc);
 		txAbort(tid, 0);
@@ -239,6 +245,12 @@
 	if (rc)
 		goto out3;
  
+	rc = jfs_init_security(tid, ip, dip);
+	if (rc) {
+		txAbort(tid, 0);
+		goto out3;
+	}
+
 	if ((rc = dtSearch(dip, &dname, &ino, &btstack, JFS_CREATE))) {
 		jfs_err("jfs_mkdir: dtSearch returned %d", rc);
 		txAbort(tid, 0);
@@ -906,6 +918,10 @@
 	down(&JFS_IP(dip)->commit_sem);
 	down(&JFS_IP(ip)->commit_sem);
  
+	rc = jfs_init_security(tid, ip, dip);
+	if (rc)
+		goto out3;
+
 	tblk = tid_to_tblock(tid);
 	tblk->xflag |= COMMIT_CREATE;
 	tblk->ino = ip->i_ino;
@@ -1348,6 +1364,12 @@
 	rc = jfs_init_acl(tid, ip, dir);
 	if (rc)
 		goto out3;
+
+	rc = jfs_init_security(tid, ip, dir);
+	if (rc) {
+		txAbort(tid, 0);
+		goto out3;
+	}
  
 	if ((rc = dtSearch(dir, &dname, &ino, &btstack, JFS_CREATE))) {
 		txAbort(tid, 0);
@@ -21,6 +21,7 @@
 #include <linux/xattr.h>
 #include <linux/posix_acl_xattr.h>
 #include <linux/quotaops.h>
+#include <linux/security.h>
 #include "jfs_incore.h"
 #include "jfs_superblock.h"
 #include "jfs_dmap.h"
@@ -1148,4 +1149,39 @@
  
 	return rc;
 }
+
+#ifdef CONFIG_JFS_SECURITY
+int jfs_init_security(tid_t tid, struct inode *inode, struct inode *dir)
+{
+	int rc;
+	size_t len;
+	void *value;
+	char *suffix;
+	char *name;
+
+	rc = security_inode_init_security(inode, dir, &suffix, &value, &len);
+	if (rc) {
+		if (rc == -EOPNOTSUPP)
+			return 0;
+		return rc;
+	}
+	name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix),
+		       GFP_NOFS);
+	if (!name) {
+		rc = -ENOMEM;
+		goto kmalloc_failed;
+	}
+	strcpy(name, XATTR_SECURITY_PREFIX);
+	strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix);
+
+	rc = __jfs_setxattr(tid, inode, name, value, len, 0);
+
+	kfree(name);
+kmalloc_failed:
+	kfree(suffix);
+	kfree(value);
+
+	return rc;
+}
+#endif
...	...	@@ -61,5 +61,15 @@
61	61	extern ssize_t jfs_listxattr(struct dentry , char , size_t);
62	62	extern int jfs_removexattr(struct dentry , const char );
63	63
	64	+#ifdef CONFIG_JFS_SECURITY
	65	+extern int jfs_init_security(tid_t, struct inode , struct inode );
	66	+#else
	67	+static inline int jfs_init_security(tid_t tid, struct inode *inode,
	68	+ struct inode *dir)
	69	+{
	70	+ return 0;
	71	+}
	72	+#endif
	73	+
64	74	#endif /* H_JFS_XATTR */
...	...	@@ -111,6 +111,12 @@
111	111	if (rc)
112	112	goto out3;
113	113
	114	+ rc = jfs_init_security(tid, ip, dip);
	115	+ if (rc) {
	116	+ txAbort(tid, 0);
	117	+ goto out3;
	118	+ }
	119	+
114	120	if ((rc = dtSearch(dip, &dname, &ino, &btstack, JFS_CREATE))) {
115	121	jfs_err("jfs_create: dtSearch returned %d", rc);
116	122	txAbort(tid, 0);
...	...	@@ -239,6 +245,12 @@
239	245	if (rc)
240	246	goto out3;
241	247
	248	+ rc = jfs_init_security(tid, ip, dip);
	249	+ if (rc) {
	250	+ txAbort(tid, 0);
	251	+ goto out3;
	252	+ }
	253	+
242	254	if ((rc = dtSearch(dip, &dname, &ino, &btstack, JFS_CREATE))) {
243	255	jfs_err("jfs_mkdir: dtSearch returned %d", rc);
244	256	txAbort(tid, 0);
...	...	@@ -906,6 +918,10 @@
906	918	down(&JFS_IP(dip)->commit_sem);
907	919	down(&JFS_IP(ip)->commit_sem);
908	920
	921	+ rc = jfs_init_security(tid, ip, dip);
	922	+ if (rc)
	923	+ goto out3;
	924	+
909	925	tblk = tid_to_tblock(tid);
910	926	tblk->xflag \|= COMMIT_CREATE;
911	927	tblk->ino = ip->i_ino;
...	...	@@ -1348,6 +1364,12 @@
1348	1364	rc = jfs_init_acl(tid, ip, dir);
1349	1365	if (rc)
1350	1366	goto out3;
	1367	+
	1368	+ rc = jfs_init_security(tid, ip, dir);
	1369	+ if (rc) {
	1370	+ txAbort(tid, 0);
	1371	+ goto out3;
	1372	+ }
1351	1373
1352	1374	if ((rc = dtSearch(dir, &dname, &ino, &btstack, JFS_CREATE))) {
1353	1375	txAbort(tid, 0);
...	...	@@ -21,6 +21,7 @@
21	21	#include <linux/xattr.h>
22	22	#include <linux/posix_acl_xattr.h>
23	23	#include <linux/quotaops.h>
	24	+#include <linux/security.h>
24	25	#include "jfs_incore.h"
25	26	#include "jfs_superblock.h"
26	27	#include "jfs_dmap.h"
...	...	@@ -1148,4 +1149,39 @@
1148	1149
1149	1150	return rc;
1150	1151	}
	1152	+
	1153	+#ifdef CONFIG_JFS_SECURITY
	1154	+int jfs_init_security(tid_t tid, struct inode inode, struct inode dir)
	1155	+{
	1156	+ int rc;
	1157	+ size_t len;
	1158	+ void *value;
	1159	+ char *suffix;
	1160	+ char *name;
	1161	+
	1162	+ rc = security_inode_init_security(inode, dir, &suffix, &value, &len);
	1163	+ if (rc) {
	1164	+ if (rc == -EOPNOTSUPP)
	1165	+ return 0;
	1166	+ return rc;
	1167	+ }
	1168	+ name = kmalloc(XATTR_SECURITY_PREFIX_LEN + 1 + strlen(suffix),
	1169	+ GFP_NOFS);
	1170	+ if (!name) {
	1171	+ rc = -ENOMEM;
	1172	+ goto kmalloc_failed;
	1173	+ }
	1174	+ strcpy(name, XATTR_SECURITY_PREFIX);
	1175	+ strcpy(name + XATTR_SECURITY_PREFIX_LEN, suffix);
	1176	+
	1177	+ rc = __jfs_setxattr(tid, inode, name, value, len, 0);
	1178	+
	1179	+ kfree(name);
	1180	+kmalloc_failed:
	1181	+ kfree(suffix);
	1182	+ kfree(value);
	1183	+
	1184	+ return rc;
	1185	+}
	1186	+#endif