From fcb47e0bd279cab5ba8299c0a1e3364d15413a6b Mon Sep 17 00:00:00 2001 From: Ryan O'Hara Date: Tue, 3 Oct 2006 11:57:35 -0400 Subject: [PATCH] [GFS2] Initialize SELinux extended attributes at inode creation time. This patch has gfs2_security_init declared as a static function, which is correct. As a result, the declaration of this function in inode.h is removed (and thus inode.h is unchanged). Also removed #include eaops.h, which is not needed. Signed-Off-By: Ryan O'Hara Signed-off-by: Steven Whitehouse --- fs/gfs2/inode.c | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index 81a921165941..57c43ac47925 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -17,6 +17,7 @@ #include #include #include +#include #include "gfs2.h" #include "incore.h" @@ -806,6 +807,39 @@ fail: return error; } +static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip) +{ + int err; + size_t len; + void *value; + char *name; + struct gfs2_ea_request er; + + err = security_inode_init_security(&ip->i_inode, &dip->i_inode, + &name, &value, &len); + + if (err) { + if (err == -EOPNOTSUPP) + return 0; + return err; + } + + memset(&er, 0, sizeof(struct gfs2_ea_request)); + + er.er_type = GFS2_EATYPE_SECURITY; + er.er_name = name; + er.er_data = value; + er.er_name_len = strlen(name); + er.er_data_len = len; + + err = gfs2_ea_set_i(ip, &er); + + kfree(value); + kfree(name); + + return err; +} + /** * gfs2_createi - Create a new inode * @ghs: An array of two holders @@ -897,6 +931,10 @@ struct inode *gfs2_createi(struct gfs2_holder *ghs, const struct qstr *name, if (error) goto fail_iput; + error = gfs2_security_init(dip, GFS2_I(inode)); + if (error) + goto fail_iput; + error = link_dinode(dip, name, GFS2_I(inode)); if (error) goto fail_iput;