1 #include "reiserfs.h"
2 #include <linux/errno.h>
3 #include <linux/fs.h>
4 #include <linux/pagemap.h>
5 #include <linux/xattr.h>
6 #include <linux/slab.h>
7 #include "xattr.h"
8 #include <linux/security.h>
9 #include <linux/uaccess.h>
10
11 static int
security_get(const struct xattr_handler * handler,struct dentry * dentry,const char * name,void * buffer,size_t size)12 security_get(const struct xattr_handler *handler, struct dentry *dentry,
13 const char *name, void *buffer, size_t size)
14 {
15 if (IS_PRIVATE(d_inode(dentry)))
16 return -EPERM;
17
18 return reiserfs_xattr_get(d_inode(dentry),
19 xattr_full_name(handler, name),
20 buffer, size);
21 }
22
23 static int
security_set(const struct xattr_handler * handler,struct dentry * dentry,const char * name,const void * buffer,size_t size,int flags)24 security_set(const struct xattr_handler *handler, struct dentry *dentry,
25 const char *name, const void *buffer, size_t size, int flags)
26 {
27 if (IS_PRIVATE(d_inode(dentry)))
28 return -EPERM;
29
30 return reiserfs_xattr_set(d_inode(dentry),
31 xattr_full_name(handler, name),
32 buffer, size, flags);
33 }
34
security_list(const struct xattr_handler * handler,struct dentry * dentry,char * list,size_t list_len,const char * name,size_t namelen)35 static size_t security_list(const struct xattr_handler *handler,
36 struct dentry *dentry, char *list, size_t list_len,
37 const char *name, size_t namelen)
38 {
39 const size_t len = namelen + 1;
40
41 if (IS_PRIVATE(d_inode(dentry)))
42 return 0;
43
44 if (list && len <= list_len) {
45 memcpy(list, name, namelen);
46 list[namelen] = '\0';
47 }
48
49 return len;
50 }
51
52 /* Initializes the security context for a new inode and returns the number
53 * of blocks needed for the transaction. If successful, reiserfs_security
54 * must be released using reiserfs_security_free when the caller is done. */
reiserfs_security_init(struct inode * dir,struct inode * inode,const struct qstr * qstr,struct reiserfs_security_handle * sec)55 int reiserfs_security_init(struct inode *dir, struct inode *inode,
56 const struct qstr *qstr,
57 struct reiserfs_security_handle *sec)
58 {
59 int blocks = 0;
60 int error;
61
62 sec->name = NULL;
63
64 /* Don't add selinux attributes on xattrs - they'll never get used */
65 if (IS_PRIVATE(dir))
66 return 0;
67
68 error = security_old_inode_init_security(inode, dir, qstr, &sec->name,
69 &sec->value, &sec->length);
70 if (error) {
71 if (error == -EOPNOTSUPP)
72 error = 0;
73
74 sec->name = NULL;
75 sec->value = NULL;
76 sec->length = 0;
77 return error;
78 }
79
80 if (sec->length && reiserfs_xattrs_initialized(inode->i_sb)) {
81 blocks = reiserfs_xattr_jcreate_nblocks(inode) +
82 reiserfs_xattr_nblocks(inode, sec->length);
83 /* We don't want to count the directories twice if we have
84 * a default ACL. */
85 REISERFS_I(inode)->i_flags |= i_has_xattr_dir;
86 }
87 return blocks;
88 }
89
reiserfs_security_write(struct reiserfs_transaction_handle * th,struct inode * inode,struct reiserfs_security_handle * sec)90 int reiserfs_security_write(struct reiserfs_transaction_handle *th,
91 struct inode *inode,
92 struct reiserfs_security_handle *sec)
93 {
94 int error;
95 if (strlen(sec->name) < sizeof(XATTR_SECURITY_PREFIX))
96 return -EINVAL;
97
98 error = reiserfs_xattr_set_handle(th, inode, sec->name, sec->value,
99 sec->length, XATTR_CREATE);
100 if (error == -ENODATA || error == -EOPNOTSUPP)
101 error = 0;
102
103 return error;
104 }
105
reiserfs_security_free(struct reiserfs_security_handle * sec)106 void reiserfs_security_free(struct reiserfs_security_handle *sec)
107 {
108 kfree(sec->name);
109 kfree(sec->value);
110 sec->name = NULL;
111 sec->value = NULL;
112 }
113
114 const struct xattr_handler reiserfs_xattr_security_handler = {
115 .prefix = XATTR_SECURITY_PREFIX,
116 .get = security_get,
117 .set = security_set,
118 .list = security_list,
119 };
120