[PATCH] ext2: Enable atomic inode security labeling

This patch modifies ext2 to call the inode_init_security LSM hook to obtain
the security attribute for a newly created inode and to set the resulting
attribute on the new inode.  This parallels the existing processing for
setting ACLs on newly created inodes.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
Stephen Smalley 2005-09-09 13:01:39 -07:00 committed by Linus Torvalds
parent 5e41ff9e06
commit 10f47e6a1b
3 changed files with 35 additions and 0 deletions

View file

@ -615,6 +615,11 @@ got:
DQUOT_DROP(inode);
goto fail2;
}
err = ext2_init_security(inode,dir);
if (err) {
DQUOT_FREE_INODE(inode);
goto fail2;
}
mark_inode_dirty(inode);
ext2_debug("allocating inode %lu\n", inode->i_ino);
ext2_preread_inode(inode);

View file

@ -116,3 +116,11 @@ exit_ext2_xattr(void)
# endif /* CONFIG_EXT2_FS_XATTR */
#ifdef CONFIG_EXT2_FS_SECURITY
extern int ext2_init_security(struct inode *inode, struct inode *dir);
#else
static inline int ext2_init_security(struct inode *inode, struct inode *dir)
{
return 0;
}
#endif

View file

@ -8,6 +8,7 @@
#include <linux/fs.h>
#include <linux/smp_lock.h>
#include <linux/ext2_fs.h>
#include <linux/security.h>
#include "xattr.h"
static size_t
@ -45,6 +46,27 @@ ext2_xattr_security_set(struct inode *inode, const char *name,
value, size, flags);
}
int
ext2_init_security(struct inode *inode, struct inode *dir)
{
int err;
size_t len;
void *value;
char *name;
err = security_inode_init_security(inode, dir, &name, &value, &len);
if (err) {
if (err == -EOPNOTSUPP)
return 0;
return err;
}
err = ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY,
name, value, len, 0);
kfree(name);
kfree(value);
return err;
}
struct xattr_handler ext2_xattr_security_handler = {
.prefix = XATTR_SECURITY_PREFIX,
.list = ext2_xattr_security_list,