From 647c60b9c9867e6c7e6133a4f01cb0dc750bb476 Mon Sep 17 00:00:00 2001
From: Andrew Morton <akpm@osdl.org>
Date: Sun, 9 May 2004 23:59:47 -0700
Subject: [PATCH] [PATCH] reiserfs: selinux support

From: Chris Mason <mason@suse.com>

From: jeffm@suse.com

reiserfs support for selinux
---
 fs/Kconfig                     | 12 ++++++
 fs/reiserfs/Makefile           |  4 ++
 fs/reiserfs/xattr.c            |  3 ++
 fs/reiserfs/xattr_security.c   | 69 ++++++++++++++++++++++++++++++++++
 include/linux/reiserfs_xattr.h |  3 ++
 5 files changed, 91 insertions(+)
 create mode 100644 fs/reiserfs/xattr_security.c

diff --git a/fs/Kconfig b/fs/Kconfig
index 1f41463cedf0..bbd098e6d18e 100644
--- a/fs/Kconfig
+++ b/fs/Kconfig
@@ -266,6 +266,18 @@ config REISERFS_FS_POSIX_ACL
 
 	  If you don't know what Access Control Lists are, say N
 
+config REISERFS_FS_SECURITY
+	bool "ReiserFS Security Labels"
+	depends on REISERFS_FS_XATTR
+	help
+	  Security labels support alternative access control models
+	  implemented by security modules like SELinux.  This option
+	  enables an extended attribute handler for file security
+	  labels in the ReiserFS filesystem.
+
+	  If you are not using a security module that requires using
+	  extended attributes for file security labels, say N.
+
 config JFS_FS
 	tristate "JFS filesystem support"
 	select NLS
diff --git a/fs/reiserfs/Makefile b/fs/reiserfs/Makefile
index 57b6b8c48b00..3a59309f3ca9 100644
--- a/fs/reiserfs/Makefile
+++ b/fs/reiserfs/Makefile
@@ -13,6 +13,10 @@ ifeq ($(CONFIG_REISERFS_FS_XATTR),y)
 reiserfs-objs += xattr.o xattr_user.o xattr_trusted.o
 endif
 
+ifeq ($(CONFIG_REISERFS_FS_SECURITY),y)
+reiserfs-objs += xattr_security.o
+endif
+
 ifeq ($(CONFIG_REISERFS_FS_POSIX_ACL),y)
 reiserfs-objs += xattr_acl.o
 endif
diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c
index 93d863507a52..0c4e2d617d91 100644
--- a/fs/reiserfs/xattr.c
+++ b/fs/reiserfs/xattr.c
@@ -1177,6 +1177,9 @@ reiserfs_xattr_register_handlers (void)
     /* Add the handlers */
     list_add_tail (&user_handler.handlers, &xattr_handlers);
     list_add_tail (&trusted_handler.handlers, &xattr_handlers);
+#ifdef CONFIG_REISERFS_FS_SECURITY
+    list_add_tail (&security_handler.handlers, &xattr_handlers);
+#endif
 #ifdef CONFIG_REISERFS_FS_POSIX_ACL
     list_add_tail (&posix_acl_access_handler.handlers, &xattr_handlers);
     list_add_tail (&posix_acl_default_handler.handlers, &xattr_handlers);
diff --git a/fs/reiserfs/xattr_security.c b/fs/reiserfs/xattr_security.c
new file mode 100644
index 000000000000..eacbdca4359d
--- /dev/null
+++ b/fs/reiserfs/xattr_security.c
@@ -0,0 +1,69 @@
+#include <linux/reiserfs_fs.h>
+#include <linux/errno.h>
+#include <linux/fs.h>
+#include <linux/pagemap.h>
+#include <linux/xattr.h>
+#include <linux/reiserfs_xattr.h>
+#include <asm/uaccess.h>
+
+#define XATTR_SECURITY_PREFIX "security."
+
+static int
+security_get (struct inode *inode, const char *name, void *buffer, size_t size)
+{
+    if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX))
+        return -EINVAL;
+
+    if (is_reiserfs_priv_object(inode))
+        return -EPERM;
+
+    return reiserfs_xattr_get (inode, name, buffer, size);
+}
+
+static int
+security_set (struct inode *inode, const char *name, const void *buffer,
+          size_t size, int flags)
+{
+    if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX))
+        return -EINVAL;
+
+    if (is_reiserfs_priv_object(inode))
+        return -EPERM;
+
+    return reiserfs_xattr_set (inode, name, buffer, size, flags);
+}
+
+static int
+security_del (struct inode *inode, const char *name)
+{
+    if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX))
+        return -EINVAL;
+
+    if (is_reiserfs_priv_object(inode))
+        return -EPERM;
+
+    return 0;
+}
+
+static int
+security_list (struct inode *inode, const char *name, int namelen, char *out)
+{
+    int len = namelen;
+
+    if (is_reiserfs_priv_object(inode))
+        return 0;
+
+    if (out)
+        memcpy (out, name, len);
+
+    return len;
+}
+
+
+struct reiserfs_xattr_handler security_handler = {
+    prefix: XATTR_SECURITY_PREFIX,
+    get: security_get,
+    set: security_set,
+    del: security_del,
+    list: security_list,
+};
diff --git a/include/linux/reiserfs_xattr.h b/include/linux/reiserfs_xattr.h
index 64dc1ea564ef..3f4480b8a2cd 100644
--- a/include/linux/reiserfs_xattr.h
+++ b/include/linux/reiserfs_xattr.h
@@ -51,6 +51,9 @@ int reiserfs_xattr_set (struct inode *, const char *, const void *,
 
 extern struct reiserfs_xattr_handler user_handler;
 extern struct reiserfs_xattr_handler trusted_handler;
+#ifdef CONFIG_REISERFS_FS_SECURITY
+extern struct reiserfs_xattr_handler security_handler;
+#endif
 
 int reiserfs_xattr_register_handlers (void) __init;
 void reiserfs_xattr_unregister_handlers (void);
-- 
2.30.9