mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 23:25:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/ocfs2
History
Roberto Sassu c41324385a ocfs2: Switch to security_inode_init_security() 
commit de3004c874 upstream.

In preparation for removing security_old_inode_init_security(), switch to
security_inode_init_security().

Extend the existing ocfs2_initxattrs() to take the
ocfs2_security_xattr_info structure from fs_info, and populate the
name/value/len triple with the first xattr provided by LSMs.

As fs_info was not used before, ocfs2_initxattrs() can now handle the case
of replicating the behavior of security_old_inode_init_security(), i.e.
just obtaining the xattr, in addition to setting all xattrs provided by
LSMs.

Supporting multiple xattrs is not currently supported where
security_old_inode_init_security() was called (mknod, symlink), as it
requires non-trivial changes that can be done at a later time. Like for
reiserfs, even if EVM is invoked, it will not provide an xattr (if it is
not the first to set it, its xattr will be discarded; if it is the first,
it does not have xattrs to calculate the HMAC on).

Finally, since security_inode_init_security(), unlike
security_old_inode_init_security(), returns zero instead of -EOPNOTSUPP if
no xattrs were provided by LSMs or if inodes are private, additionally
check in ocfs2_init_security_get() if the xattr name is set.

If not, act as if security_old_inode_init_security() returned -EOPNOTSUPP,
and set si->enable to zero to notify to the functions following
ocfs2_init_security_get() that no xattrs are available.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Joseph Qi <joseph.qi@linux.alibaba.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-30 12:57:56 +01:00
..
cluster ocfs2: fix a use after free on error 2021-03-04 11:38:18 +01:00
dlm ocfs2: add missing annotation for dlm_empty_lockres() 2020-06-02 10:59:05 -07:00
dlmfs ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock 2022-06-09 10:21:24 +02:00
acl.c ocfs2: fix remounting needed after setfacl command 2020-08-07 11:33:21 -07:00
acl.h
alloc.c ocfs2: fix data corruption after conversion from inline format 2021-10-27 09:56:51 +02:00
alloc.h
aops.c ocfs2: fix data corruption after failed write 2023-04-05 11:23:42 +02:00
aops.h
blockcheck.c ocfs2: replace HTTP links with HTTPS ones 2020-08-07 11:33:22 -07:00
blockcheck.h
buffer_head_io.c
buffer_head_io.h
dcache.c
dcache.h
dir.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
dir.h
dlmglue.c ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown 2023-04-20 12:10:24 +02:00
dlmglue.h
export.c
export.h
extent_map.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
extent_map.h
file.c attr: use consistent sgid stripping checks 2023-03-22 13:30:08 +01:00
file.h
filecheck.c ocfs2: fix snprintf() checking 2021-07-14 16:56:13 +02:00
filecheck.h
heartbeat.c
heartbeat.h
inode.c
inode.h
ioctl.c
ioctl.h
journal.c ocfs2: fix memory leak in ocfs2_mount_volume() 2023-01-14 10:15:19 +01:00
journal.h ocfs2: fix memory leak in ocfs2_mount_volume() 2023-01-14 10:15:19 +01:00
Kconfig ocfs2: replace HTTP links with HTTPS ones 2020-08-07 11:33:22 -07:00
localalloc.c ocfs2: delete repeated words in comments 2020-10-13 18:38:27 -07:00
localalloc.h
locks.c
locks.h
Makefile
mmap.c ocfs2: fix spelling mistake and grammar 2020-06-10 19:14:18 -07:00
mmap.h
move_extents.c ocfs2: fix non-auto defrag path not working issue 2023-03-11 16:39:57 +01:00
move_extents.h
namei.c ocfs2: Switch to security_inode_init_security() 2023-05-30 12:57:56 +01:00
namei.h
ocfs1_fs_compat.h
ocfs2.h Revert "ocfs2: mount shared volume without ha stack" 2022-08-03 12:00:43 +02:00
ocfs2_fs.h ocfs2: fix value of OCFS2_INVALID_SLOT 2020-06-26 00:27:37 -07:00
ocfs2_ioctl.h
ocfs2_lockid.h
ocfs2_lockingver.h
ocfs2_trace.h
quota.h
quota_global.c
quota_local.c
refcounttree.c treewide: Remove uninitialized_var() usage 2020-07-16 12:35:15 -07:00
refcounttree.h
reservations.c ocfs2: remove unused macros 2020-04-02 09:35:25 -07:00
reservations.h
resize.c
resize.h
slot_map.c Revert "ocfs2: mount shared volume without ha stack" 2022-08-03 12:00:43 +02:00
slot_map.h
stack_o2cb.c
stack_user.c
stackglue.c ocfs2: fix memory leak in ocfs2_stack_glue_init() 2023-01-14 10:15:17 +01:00
stackglue.h
suballoc.c ocfs2: fix a deadlock when commit trans 2022-02-01 17:25:41 +01:00
suballoc.h ocfs2: suballoc.h: delete a duplicated word 2020-08-07 11:33:21 -07:00
super.c ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown 2023-04-20 12:10:24 +02:00
super.h
symlink.c
symlink.h
sysfile.c
sysfile.h
uptodate.c
uptodate.h
xattr.c ocfs2: Switch to security_inode_init_security() 2023-05-30 12:57:56 +01:00
xattr.h