1/* 2 * GPL HEADER START 3 * 4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License version 2 only, 8 * as published by the Free Software Foundation. 9 * 10 * This program is distributed in the hope that it will be useful, but 11 * WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 13 * General Public License version 2 for more details (a copy is included 14 * in the LICENSE file that accompanied this code). 15 * 16 * You should have received a copy of the GNU General Public License 17 * version 2 along with this program; If not, see http://www.gnu.org/licenses 18 * 19 * GPL HEADER END 20 */ 21 22/* 23 * Copyright (c) 2014 Bull SAS 24 * Author: Sebastien Buisson sebastien.buisson@bull.net 25 */ 26 27/* 28 * lustre/llite/xattr_security.c 29 * Handler for storing security labels as extended attributes. 30 */ 31#include <linux/security.h> 32#include <linux/xattr.h> 33#include "llite_internal.h" 34 35/** 36 * A helper function for ll_security_inode_init_security() 37 * that takes care of setting xattrs 38 * 39 * Get security context of @inode from @xattr_array, 40 * and put it in 'security.xxx' xattr of dentry 41 * stored in @fs_info. 42 * 43 * \retval 0 success 44 * \retval -ENOMEM if no memory could be allocated for xattr name 45 * \retval < 0 failure to set xattr 46 */ 47static int 48ll_initxattrs(struct inode *inode, const struct xattr *xattr_array, 49 void *fs_info) 50{ 51 const struct xattr_handler *handler; 52 struct dentry *dentry = fs_info; 53 const struct xattr *xattr; 54 int err = 0; 55 56 handler = get_xattr_type(XATTR_SECURITY_PREFIX); 57 if (!handler) 58 return -ENXIO; 59 60 for (xattr = xattr_array; xattr->name; xattr++) { 61 err = handler->set(handler, dentry, inode, xattr->name, 62 xattr->value, xattr->value_len, 63 XATTR_CREATE); 64 if (err < 0) 65 break; 66 } 67 return err; 68} 69 70/** 71 * Initializes security context 72 * 73 * Get security context of @inode in @dir, 74 * and put it in 'security.xxx' xattr of @dentry. 75 * 76 * \retval 0 success, or SELinux is disabled 77 * \retval -ENOMEM if no memory could be allocated for xattr name 78 * \retval < 0 failure to get security context or set xattr 79 */ 80int 81ll_init_security(struct dentry *dentry, struct inode *inode, struct inode *dir) 82{ 83 if (!selinux_is_enabled()) 84 return 0; 85 86 return security_inode_init_security(inode, dir, NULL, 87 &ll_initxattrs, dentry); 88} 89