Commit | Line | Data |
---|---|---|
b2441318 | 1 | // SPDX-License-Identifier: GPL-2.0 |
f466c6fd | 2 | #include "reiserfs.h" |
1da177e4 LT |
3 | #include <linux/errno.h> |
4 | #include <linux/fs.h> | |
5 | #include <linux/pagemap.h> | |
6 | #include <linux/xattr.h> | |
5a0e3ad6 | 7 | #include <linux/slab.h> |
c45ac888 | 8 | #include "xattr.h" |
57fe60df | 9 | #include <linux/security.h> |
17093991 | 10 | #include <linux/uaccess.h> |
1da177e4 | 11 | |
1da177e4 | 12 | static int |
b296821a AV |
13 | security_get(const struct xattr_handler *handler, struct dentry *unused, |
14 | struct inode *inode, const char *name, void *buffer, size_t size) | |
1da177e4 | 15 | { |
b296821a | 16 | if (IS_PRIVATE(inode)) |
bd4c625c | 17 | return -EPERM; |
1da177e4 | 18 | |
b296821a | 19 | return reiserfs_xattr_get(inode, xattr_full_name(handler, name), |
79a628d1 | 20 | buffer, size); |
1da177e4 LT |
21 | } |
22 | ||
23 | static int | |
e65ce2a5 CB |
24 | security_set(const struct xattr_handler *handler, |
25 | struct user_namespace *mnt_userns, struct dentry *unused, | |
59301226 AV |
26 | struct inode *inode, const char *name, const void *buffer, |
27 | size_t size, int flags) | |
1da177e4 | 28 | { |
59301226 | 29 | if (IS_PRIVATE(inode)) |
bd4c625c | 30 | return -EPERM; |
1da177e4 | 31 | |
59301226 | 32 | return reiserfs_xattr_set(inode, |
79a628d1 AV |
33 | xattr_full_name(handler, name), |
34 | buffer, size, flags); | |
1da177e4 LT |
35 | } |
36 | ||
764a5c6b | 37 | static bool security_list(struct dentry *dentry) |
1da177e4 | 38 | { |
764a5c6b | 39 | return !IS_PRIVATE(d_inode(dentry)); |
1da177e4 LT |
40 | } |
41 | ||
57fe60df JM |
42 | /* Initializes the security context for a new inode and returns the number |
43 | * of blocks needed for the transaction. If successful, reiserfs_security | |
44 | * must be released using reiserfs_security_free when the caller is done. */ | |
45 | int reiserfs_security_init(struct inode *dir, struct inode *inode, | |
2a7dba39 | 46 | const struct qstr *qstr, |
57fe60df JM |
47 | struct reiserfs_security_handle *sec) |
48 | { | |
49 | int blocks = 0; | |
b82bb72b JM |
50 | int error; |
51 | ||
52 | sec->name = NULL; | |
53 | ||
54 | /* Don't add selinux attributes on xattrs - they'll never get used */ | |
55 | if (IS_PRIVATE(dir)) | |
56 | return 0; | |
57 | ||
9d8f13ba MZ |
58 | error = security_old_inode_init_security(inode, dir, qstr, &sec->name, |
59 | &sec->value, &sec->length); | |
57fe60df JM |
60 | if (error) { |
61 | if (error == -EOPNOTSUPP) | |
62 | error = 0; | |
63 | ||
64 | sec->name = NULL; | |
65 | sec->value = NULL; | |
66 | sec->length = 0; | |
67 | return error; | |
68 | } | |
69 | ||
6cb4aff0 | 70 | if (sec->length && reiserfs_xattrs_initialized(inode->i_sb)) { |
57fe60df JM |
71 | blocks = reiserfs_xattr_jcreate_nblocks(inode) + |
72 | reiserfs_xattr_nblocks(inode, sec->length); | |
73 | /* We don't want to count the directories twice if we have | |
74 | * a default ACL. */ | |
75 | REISERFS_I(inode)->i_flags |= i_has_xattr_dir; | |
76 | } | |
77 | return blocks; | |
78 | } | |
79 | ||
80 | int reiserfs_security_write(struct reiserfs_transaction_handle *th, | |
81 | struct inode *inode, | |
82 | struct reiserfs_security_handle *sec) | |
83 | { | |
84 | int error; | |
85 | if (strlen(sec->name) < sizeof(XATTR_SECURITY_PREFIX)) | |
86 | return -EINVAL; | |
87 | ||
88 | error = reiserfs_xattr_set_handle(th, inode, sec->name, sec->value, | |
89 | sec->length, XATTR_CREATE); | |
90 | if (error == -ENODATA || error == -EOPNOTSUPP) | |
91 | error = 0; | |
92 | ||
93 | return error; | |
94 | } | |
95 | ||
96 | void reiserfs_security_free(struct reiserfs_security_handle *sec) | |
97 | { | |
98 | kfree(sec->name); | |
99 | kfree(sec->value); | |
100 | sec->name = NULL; | |
101 | sec->value = NULL; | |
102 | } | |
103 | ||
94d09a98 | 104 | const struct xattr_handler reiserfs_xattr_security_handler = { |
1da177e4 LT |
105 | .prefix = XATTR_SECURITY_PREFIX, |
106 | .get = security_get, | |
107 | .set = security_set, | |
1da177e4 LT |
108 | .list = security_list, |
109 | }; |