mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 13:55:32 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/ocfs2
History
Roberto Sassu de3004c874 ocfs2: Switch to security_inode_init_security() 
In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security().

Extend the existing ocfs2_initxattrs() to take the
ocfs2_security_xattr_info structure from fs_info, and populate the
name/value/len triple with the first xattr provided by LSMs.

As fs_info was not used before, ocfs2_initxattrs() can now handle the case
of replicating the behavior of security_old_inode_init_security(), i.e.
just obtaining the xattr, in addition to setting all xattrs provided by
LSMs.

Supporting multiple xattrs is not currently supported where
security_old_inode_init_security() was called (mknod, symlink), as it
requires non-trivial changes that can be done at a later time. Like for
reiserfs, even if EVM is invoked, it will not provide an xattr (if it is
not the first to set it, its xattr will be discarded; if it is the first,
it does not have xattrs to calculate the HMAC on).

Finally, since security_inode_init_security(), unlike
security_old_inode_init_security(), returns zero instead of -EOPNOTSUPP if
no xattrs were provided by LSMs or if inodes are private, additionally
check in ocfs2_init_security_get() if the xattr name is set.

If not, act as if security_old_inode_init_security() returned -EOPNOTSUPP,
and set si->enable to zero to notify to the functions following
ocfs2_init_security_get() that no xattrs are available.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Joseph Qi <joseph.qi@linux.alibaba.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
2023-03-23 19:35:33 -04:00
..
cluster net/sock: Introduce trace_sk_data_ready() 2023-01-23 11:26:50 +00:00
dlm ocfs2/dlm: use bitmap API instead of hand-writing it 2022-11-18 13:55:06 -08:00
dlmfs fs: port inode_init_owner() to mnt_idmap 2023-01-19 09:24:28 +01:00
acl.c fs: port acl to mnt_idmap 2023-01-19 09:24:28 +01:00
acl.h fs: port ->set_acl() to pass mnt_idmap 2023-01-19 09:24:27 +01:00
alloc.c ocfs2: Convert ocfs2 to read_folio 2022-05-09 16:21:46 -04:00
alloc.h
aops.c ocfs2: replace ll_rw_block() 2022-09-11 20:26:07 -07:00
aops.h
blockcheck.c
blockcheck.h
buffer_head_io.c fs/buffer: Combine two submit_bh() and ll_rw_block() arguments 2022-07-14 12:14:32 -06:00
buffer_head_io.h
dcache.c
dcache.h
dir.c Change calling conventions for filldir_t 2022-08-17 17:25:04 -04:00
dir.h
dlmglue.c ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown 2022-08-28 14:02:45 -07:00
dlmglue.h
export.c
export.h
extent_map.c
extent_map.h
file.c quota: port to mnt_idmap 2023-01-19 09:24:29 +01:00
file.h fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
filecheck.c
filecheck.h
heartbeat.c ocfs2: fix a typo in a comment 2022-07-29 18:12:36 -07:00
heartbeat.h
inode.c ocfs2: fix mounting crash if journal is not alloced 2022-04-29 14:37:58 -07:00
inode.h
ioctl.c fs: port ->fileattr_set() to pass mnt_idmap 2023-01-19 09:24:27 +01:00
ioctl.h fs: port ->fileattr_set() to pass mnt_idmap 2023-01-19 09:24:27 +01:00
journal.c ocfs2: use filemap_fdatawrite_wbc instead of generic_writepages 2023-01-18 17:12:51 -08:00
journal.h ocfs2: fix memory leak in ocfs2_mount_volume() 2022-11-30 16:13:17 -08:00
Kconfig fs: build the legacy direct I/O code conditionally 2023-01-26 10:30:56 -07:00
localalloc.c fs/ocfs2: fix comments mentioning i_mutex 2022-03-22 15:57:00 -07:00
localalloc.h
locks.c filelock: move file locking definitions to separate header file 2023-01-11 06:52:32 -05:00
locks.h
Makefile
mmap.c
mmap.h
move_extents.c ocfs2: fix non-auto defrag path not working issue 2023-02-27 17:00:15 -08:00
move_extents.h
namei.c ocfs2: Switch to security_inode_init_security() 2023-03-23 19:35:33 -04:00
namei.h
ocfs1_fs_compat.h
ocfs2.h ocfs2: always read both high and low parts of dinode link count 2022-12-11 19:30:19 -08:00
ocfs2_fs.h ocfs2: replace zero-length arrays with DECLARE_FLEX_ARRAY() helper 2022-10-03 14:21:42 -07:00
ocfs2_ioctl.h
ocfs2_lockid.h
ocfs2_lockingver.h
ocfs2_trace.h
quota.h
quota_global.c fs/ocfs2: Fix spelling typo in comment 2022-07-17 17:31:43 -07:00
quota_local.c ocfs2: replace usage of found with dedicated list iterator variable 2022-04-29 14:37:57 -07:00
refcounttree.c fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
refcounttree.h
reservations.c ocfs2: change return type of ocfs2_resmap_init 2022-04-29 14:37:58 -07:00
reservations.h ocfs2: change return type of ocfs2_resmap_init 2022-04-29 14:37:58 -07:00
resize.c
resize.h
slot_map.c Revert "ocfs2: mount shared volume without ha stack" 2022-07-18 15:09:15 -07:00
slot_map.h
stack_o2cb.c ocfs2: use bitmap API in fill_node_map 2022-11-18 13:55:06 -08:00
stack_user.c filelock: move file locking definitions to separate header file 2023-01-11 06:52:32 -05:00
stackglue.c ocfs2: fix memory leak in ocfs2_stack_glue_init() 2022-11-18 13:55:09 -08:00
stackglue.h
suballoc.c
suballoc.h fs/ocfs2/suballoc.h: fix spelling typo in comment 2022-10-03 14:21:42 -07:00
super.c ocfs2: fix memory leak in ocfs2_mount_volume() 2022-11-30 16:13:17 -08:00
super.h
symlink.c ocfs2: Convert ocfs2 to read_folio 2022-05-09 16:21:46 -04:00
symlink.h
sysfile.c
sysfile.h
uptodate.c
uptodate.h
xattr.c ocfs2: Switch to security_inode_init_security() 2023-03-23 19:35:33 -04:00
xattr.h