linux/fs/ext2/xattr_security.c

/*
 * linux/fs/ext2/xattr_security.c
 * Handler for storing security labels as extended attributes.
 */

#include <linux/module.h>
#include <linux/string.h>
#include <linux/fs.h>
#include <linux/ext2_fs.h>
#include <linux/security.h>
#include "xattr.h"

static size_t
ext2_xattr_security_list(struct inode *inode, char *list, size_t list_size,
			 const char *name, size_t name_len)
{
	const int prefix_len = XATTR_SECURITY_PREFIX_LEN;
	const size_t total_len = prefix_len + name_len + 1;

	if (list && total_len <= list_size) {
		memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);
		memcpy(list+prefix_len, name, name_len);
		list[prefix_len + name_len] = '\0';
	}
	return total_len;
}

static int
ext2_xattr_security_get(struct inode *inode, const char *name,
		       void *buffer, size_t size)
{
	if (strcmp(name, "") == 0)
		return -EINVAL;
	return ext2_xattr_get(inode, EXT2_XATTR_INDEX_SECURITY, name,
			      buffer, size);
}

static int
ext2_xattr_security_set(struct inode *inode, const char *name,
		       const void *value, size_t size, int flags)
{
	if (strcmp(name, "") == 0)
		return -EINVAL;
	return ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY, name,
			      value, size, flags);
}

int
ext2_init_security(struct inode *inode, struct inode *dir)
{
	int err;
	size_t len;
	void *value;
	char *name;

	err = security_inode_init_security(inode, dir, &name, &value, &len);
	if (err) {
		if (err == -EOPNOTSUPP)
			return 0;
		return err;
	}
	err = ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY,
			     name, value, len, 0);
	kfree(name);
	kfree(value);
	return err;
}

struct xattr_handler ext2_xattr_security_handler = {
	.prefix	= XATTR_SECURITY_PREFIX,
	.list	= ext2_xattr_security_list,
	.get	= ext2_xattr_security_get,
	.set	= ext2_xattr_security_set,
};
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`/*`
			`* linux/fs/ext2/xattr_security.c`
			`* Handler for storing security labels as extended attributes.`
			`*/`

			`#include <linux/module.h>`
			`#include <linux/string.h>`
			`#include <linux/fs.h>`
			`#include <linux/ext2_fs.h>`
[PATCH] ext2: Enable atomic inode security labeling This patch modifies ext2 to call the inode_init_security LSM hook to obtain the security attribute for a newly created inode and to set the resulting attribute on the new inode. This parallels the existing processing for setting ACLs on newly created inodes. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> 2005-09-10 00:01:39 +04:00			`#include <linux/security.h>`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`#include "xattr.h"`

			`static size_t`
			`ext2_xattr_security_list(struct inode inode, char list, size_t list_size,`
			`const char *name, size_t name_len)`
			`{`
ext2: remove double definitions of xattr macros remove the definitions of macros: XATTR_TRUSTED_PREFIX XATTR_USER_PREFIX since they are defined in linux/xattr.h Signed-off-by: Shen Feng <shen@cn.fujitsu.com> Signed-off-by: Mingming Cao <cmm@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2008-07-25 12:46:15 +04:00			`const int prefix_len = XATTR_SECURITY_PREFIX_LEN;`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`const size_t total_len = prefix_len + name_len + 1;`

			`if (list && total_len <= list_size) {`
			`memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);`
			`memcpy(list+prefix_len, name, name_len);`
			`list[prefix_len + name_len] = '\0';`
			`}`
			`return total_len;`
			`}`

			`static int`
			`ext2_xattr_security_get(struct inode inode, const char name,`
			`void *buffer, size_t size)`
			`{`
			`if (strcmp(name, "") == 0)`
			`return -EINVAL;`
			`return ext2_xattr_get(inode, EXT2_XATTR_INDEX_SECURITY, name,`
			`buffer, size);`
			`}`

			`static int`
			`ext2_xattr_security_set(struct inode inode, const char name,`
			`const void *value, size_t size, int flags)`
			`{`
			`if (strcmp(name, "") == 0)`
			`return -EINVAL;`
			`return ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY, name,`
			`value, size, flags);`
			`}`

[PATCH] ext2: Enable atomic inode security labeling This patch modifies ext2 to call the inode_init_security LSM hook to obtain the security attribute for a newly created inode and to set the resulting attribute on the new inode. This parallels the existing processing for setting ACLs on newly created inodes. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> 2005-09-10 00:01:39 +04:00			`int`
			`ext2_init_security(struct inode inode, struct inode dir)`
			`{`
			`int err;`
			`size_t len;`
			`void *value;`
			`char *name;`

			`err = security_inode_init_security(inode, dir, &name, &value, &len);`
			`if (err) {`
			`if (err == -EOPNOTSUPP)`
			`return 0;`
			`return err;`
			`}`
			`err = ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY,`
			`name, value, len, 0);`
			`kfree(name);`
			`kfree(value);`
			`return err;`
			`}`

Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`struct xattr_handler ext2_xattr_security_handler = {`
			`.prefix = XATTR_SECURITY_PREFIX,`
			`.list = ext2_xattr_security_list,`
			`.get = ext2_xattr_security_get,`
			`.set = ext2_xattr_security_set,`
			`};`