Commit d7f0b70d authored by Subodh Nijsure's avatar Subodh Nijsure Committed by Richard Weinberger

UBIFS: Add security.* XATTR support for the UBIFS

Artem: rename static functions so that they do not use the "ubifs_" prefix - we
       only use this prefix for non-static functions.
Artem: remove few junk white-space changes in file.c
Signed-off-by: default avatarSubodh Nijsure <snijsure@grid-net.com>
Signed-off-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: default avatarBen Shelton <ben.shelton@ni.com>
Acked-by: default avatarBrad Mouring <brad.mouring@ni.com>
Acked-by: default avatarTerry Wilcox <terry.wilcox@ni.com>
Acked-by: default avatarGratian Crisan <gratian.crisan@ni.com>
Signed-off-by: default avatarArtem Bityutskiy <artem.bityutskiy@linux.intel.com>
parent 895d9db2
...@@ -272,6 +272,10 @@ static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode, ...@@ -272,6 +272,10 @@ static int ubifs_create(struct inode *dir, struct dentry *dentry, umode_t mode,
goto out_budg; goto out_budg;
} }
err = ubifs_init_security(dir, inode, &dentry->d_name);
if (err)
goto out_cancel;
mutex_lock(&dir_ui->ui_mutex); mutex_lock(&dir_ui->ui_mutex);
dir->i_size += sz_change; dir->i_size += sz_change;
dir_ui->ui_size = dir->i_size; dir_ui->ui_size = dir->i_size;
...@@ -728,6 +732,10 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) ...@@ -728,6 +732,10 @@ static int ubifs_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode)
goto out_budg; goto out_budg;
} }
err = ubifs_init_security(dir, inode, &dentry->d_name);
if (err)
goto out_cancel;
mutex_lock(&dir_ui->ui_mutex); mutex_lock(&dir_ui->ui_mutex);
insert_inode_hash(inode); insert_inode_hash(inode);
inc_nlink(inode); inc_nlink(inode);
...@@ -808,6 +816,10 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry, ...@@ -808,6 +816,10 @@ static int ubifs_mknod(struct inode *dir, struct dentry *dentry,
ui->data = dev; ui->data = dev;
ui->data_len = devlen; ui->data_len = devlen;
err = ubifs_init_security(dir, inode, &dentry->d_name);
if (err)
goto out_cancel;
mutex_lock(&dir_ui->ui_mutex); mutex_lock(&dir_ui->ui_mutex);
dir->i_size += sz_change; dir->i_size += sz_change;
dir_ui->ui_size = dir->i_size; dir_ui->ui_size = dir->i_size;
...@@ -884,6 +896,10 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry, ...@@ -884,6 +896,10 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry,
ui->data_len = len; ui->data_len = len;
inode->i_size = ubifs_inode(inode)->ui_size = len; inode->i_size = ubifs_inode(inode)->ui_size = len;
err = ubifs_init_security(dir, inode, &dentry->d_name);
if (err)
goto out_cancel;
mutex_lock(&dir_ui->ui_mutex); mutex_lock(&dir_ui->ui_mutex);
dir->i_size += sz_change; dir->i_size += sz_change;
dir_ui->ui_size = dir->i_size; dir_ui->ui_size = dir->i_size;
......
...@@ -2039,6 +2039,7 @@ static int ubifs_fill_super(struct super_block *sb, void *data, int silent) ...@@ -2039,6 +2039,7 @@ static int ubifs_fill_super(struct super_block *sb, void *data, int silent)
if (c->max_inode_sz > MAX_LFS_FILESIZE) if (c->max_inode_sz > MAX_LFS_FILESIZE)
sb->s_maxbytes = c->max_inode_sz = MAX_LFS_FILESIZE; sb->s_maxbytes = c->max_inode_sz = MAX_LFS_FILESIZE;
sb->s_op = &ubifs_super_operations; sb->s_op = &ubifs_super_operations;
sb->s_xattr = ubifs_xattr_handlers;
mutex_lock(&c->umount_mutex); mutex_lock(&c->umount_mutex);
err = mount_ubifs(c); err = mount_ubifs(c);
......
...@@ -36,6 +36,7 @@ ...@@ -36,6 +36,7 @@
#include <linux/mtd/ubi.h> #include <linux/mtd/ubi.h>
#include <linux/pagemap.h> #include <linux/pagemap.h>
#include <linux/backing-dev.h> #include <linux/backing-dev.h>
#include <linux/security.h>
#include "ubifs-media.h" #include "ubifs-media.h"
/* Version of this UBIFS implementation */ /* Version of this UBIFS implementation */
...@@ -1465,6 +1466,7 @@ extern spinlock_t ubifs_infos_lock; ...@@ -1465,6 +1466,7 @@ extern spinlock_t ubifs_infos_lock;
extern atomic_long_t ubifs_clean_zn_cnt; extern atomic_long_t ubifs_clean_zn_cnt;
extern struct kmem_cache *ubifs_inode_slab; extern struct kmem_cache *ubifs_inode_slab;
extern const struct super_operations ubifs_super_operations; extern const struct super_operations ubifs_super_operations;
extern const struct xattr_handler *ubifs_xattr_handlers[];
extern const struct address_space_operations ubifs_file_address_operations; extern const struct address_space_operations ubifs_file_address_operations;
extern const struct file_operations ubifs_file_operations; extern const struct file_operations ubifs_file_operations;
extern const struct inode_operations ubifs_file_inode_operations; extern const struct inode_operations ubifs_file_inode_operations;
...@@ -1754,6 +1756,8 @@ ssize_t ubifs_getxattr(struct dentry *dentry, const char *name, void *buf, ...@@ -1754,6 +1756,8 @@ ssize_t ubifs_getxattr(struct dentry *dentry, const char *name, void *buf,
size_t size); size_t size);
ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size); ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size);
int ubifs_removexattr(struct dentry *dentry, const char *name); int ubifs_removexattr(struct dentry *dentry, const char *name);
int ubifs_init_security(struct inode *dentry, struct inode *inode,
const struct qstr *qstr);
/* super.c */ /* super.c */
struct inode *ubifs_iget(struct super_block *sb, unsigned long inum); struct inode *ubifs_iget(struct super_block *sb, unsigned long inum);
......
...@@ -575,3 +575,81 @@ int ubifs_removexattr(struct dentry *dentry, const char *name) ...@@ -575,3 +575,81 @@ int ubifs_removexattr(struct dentry *dentry, const char *name)
kfree(xent); kfree(xent);
return err; return err;
} }
static size_t security_listxattr(struct dentry *d, char *list, size_t list_size,
const char *name, size_t name_len, int flags)
{
const int prefix_len = XATTR_SECURITY_PREFIX_LEN;
const size_t total_len = prefix_len + name_len + 1;
if (list && total_len <= list_size) {
memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);
memcpy(list + prefix_len, name, name_len);
list[prefix_len + name_len] = '\0';
}
return total_len;
}
static int security_getxattr(struct dentry *d, const char *name, void *buffer,
size_t size, int flags)
{
return ubifs_getxattr(d, name, buffer, size);
}
static int security_setxattr(struct dentry *d, const char *name,
const void *value, size_t size, int flags,
int handler_flags)
{
return ubifs_setxattr(d, name, value, size, flags);
}
static const struct xattr_handler ubifs_xattr_security_handler = {
.prefix = XATTR_SECURITY_PREFIX,
.list = security_listxattr,
.get = security_getxattr,
.set = security_setxattr,
};
const struct xattr_handler *ubifs_xattr_handlers[] = {
&ubifs_xattr_security_handler,
NULL,
};
static int init_xattrs(struct inode *inode, const struct xattr *xattr_array,
void *fs_info)
{
const struct xattr *xattr;
char *name;
int err = 0;
for (xattr = xattr_array; xattr->name != NULL; xattr++) {
name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
strlen(xattr->name) + 1, GFP_NOFS);
if (!name) {
err = -ENOMEM;
break;
}
strcpy(name, XATTR_SECURITY_PREFIX);
strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
err = setxattr(inode, name, xattr->value, xattr->value_len, 0);
kfree(name);
if (err < 0)
break;
}
return err;
}
int ubifs_init_security(struct inode *dentry, struct inode *inode,
const struct qstr *qstr)
{
int err;
mutex_lock(&inode->i_mutex);
err = security_inode_init_security(inode, dentry, qstr,
&init_xattrs, 0);
mutex_unlock(&inode->i_mutex);
return err;
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment