From 647c60b9c9867e6c7e6133a4f01cb0dc750bb476 Mon Sep 17 00:00:00 2001 From: Andrew Morton <akpm@osdl.org> Date: Sun, 9 May 2004 23:59:47 -0700 Subject: [PATCH] [PATCH] reiserfs: selinux support From: Chris Mason <mason@suse.com> From: jeffm@suse.com reiserfs support for selinux --- fs/Kconfig | 12 ++++++ fs/reiserfs/Makefile | 4 ++ fs/reiserfs/xattr.c | 3 ++ fs/reiserfs/xattr_security.c | 69 ++++++++++++++++++++++++++++++++++ include/linux/reiserfs_xattr.h | 3 ++ 5 files changed, 91 insertions(+) create mode 100644 fs/reiserfs/xattr_security.c diff --git a/fs/Kconfig b/fs/Kconfig index 1f41463cedf0..bbd098e6d18e 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -266,6 +266,18 @@ config REISERFS_FS_POSIX_ACL If you don't know what Access Control Lists are, say N +config REISERFS_FS_SECURITY + bool "ReiserFS Security Labels" + depends on REISERFS_FS_XATTR + help + Security labels support alternative access control models + implemented by security modules like SELinux. This option + enables an extended attribute handler for file security + labels in the ReiserFS filesystem. + + If you are not using a security module that requires using + extended attributes for file security labels, say N. + config JFS_FS tristate "JFS filesystem support" select NLS diff --git a/fs/reiserfs/Makefile b/fs/reiserfs/Makefile index 57b6b8c48b00..3a59309f3ca9 100644 --- a/fs/reiserfs/Makefile +++ b/fs/reiserfs/Makefile @@ -13,6 +13,10 @@ ifeq ($(CONFIG_REISERFS_FS_XATTR),y) reiserfs-objs += xattr.o xattr_user.o xattr_trusted.o endif +ifeq ($(CONFIG_REISERFS_FS_SECURITY),y) +reiserfs-objs += xattr_security.o +endif + ifeq ($(CONFIG_REISERFS_FS_POSIX_ACL),y) reiserfs-objs += xattr_acl.o endif diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index 93d863507a52..0c4e2d617d91 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -1177,6 +1177,9 @@ reiserfs_xattr_register_handlers (void) /* Add the handlers */ list_add_tail (&user_handler.handlers, &xattr_handlers); list_add_tail (&trusted_handler.handlers, &xattr_handlers); +#ifdef CONFIG_REISERFS_FS_SECURITY + list_add_tail (&security_handler.handlers, &xattr_handlers); +#endif #ifdef CONFIG_REISERFS_FS_POSIX_ACL list_add_tail (&posix_acl_access_handler.handlers, &xattr_handlers); list_add_tail (&posix_acl_default_handler.handlers, &xattr_handlers); diff --git a/fs/reiserfs/xattr_security.c b/fs/reiserfs/xattr_security.c new file mode 100644 index 000000000000..eacbdca4359d --- /dev/null +++ b/fs/reiserfs/xattr_security.c @@ -0,0 +1,69 @@ +#include <linux/reiserfs_fs.h> +#include <linux/errno.h> +#include <linux/fs.h> +#include <linux/pagemap.h> +#include <linux/xattr.h> +#include <linux/reiserfs_xattr.h> +#include <asm/uaccess.h> + +#define XATTR_SECURITY_PREFIX "security." + +static int +security_get (struct inode *inode, const char *name, void *buffer, size_t size) +{ + if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX)) + return -EINVAL; + + if (is_reiserfs_priv_object(inode)) + return -EPERM; + + return reiserfs_xattr_get (inode, name, buffer, size); +} + +static int +security_set (struct inode *inode, const char *name, const void *buffer, + size_t size, int flags) +{ + if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX)) + return -EINVAL; + + if (is_reiserfs_priv_object(inode)) + return -EPERM; + + return reiserfs_xattr_set (inode, name, buffer, size, flags); +} + +static int +security_del (struct inode *inode, const char *name) +{ + if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX)) + return -EINVAL; + + if (is_reiserfs_priv_object(inode)) + return -EPERM; + + return 0; +} + +static int +security_list (struct inode *inode, const char *name, int namelen, char *out) +{ + int len = namelen; + + if (is_reiserfs_priv_object(inode)) + return 0; + + if (out) + memcpy (out, name, len); + + return len; +} + + +struct reiserfs_xattr_handler security_handler = { + prefix: XATTR_SECURITY_PREFIX, + get: security_get, + set: security_set, + del: security_del, + list: security_list, +}; diff --git a/include/linux/reiserfs_xattr.h b/include/linux/reiserfs_xattr.h index 64dc1ea564ef..3f4480b8a2cd 100644 --- a/include/linux/reiserfs_xattr.h +++ b/include/linux/reiserfs_xattr.h @@ -51,6 +51,9 @@ int reiserfs_xattr_set (struct inode *, const char *, const void *, extern struct reiserfs_xattr_handler user_handler; extern struct reiserfs_xattr_handler trusted_handler; +#ifdef CONFIG_REISERFS_FS_SECURITY +extern struct reiserfs_xattr_handler security_handler; +#endif int reiserfs_xattr_register_handlers (void) __init; void reiserfs_xattr_unregister_handlers (void); -- 2.30.9