[Cluster-devel] cluster/gfs-kernel/src/gfs eaops.c eattr.c eat ...
rohara at sourceware.org
rohara at sourceware.org
Mon Jul 17 21:38:14 UTC 2006
CVSROOT: /cvs/cluster
Module name: cluster
Changes by: rohara at sourceware.org 2006-07-17 21:38:13
Modified files:
gfs-kernel/src/gfs: eaops.c eattr.c eattr.h gfs_ondisk.h
Log message:
Added support for SELinux extended attribute types.
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eaops.c.diff?cvsroot=cluster&r1=1.5&r2=1.6
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eattr.c.diff?cvsroot=cluster&r1=1.9&r2=1.10
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eattr.h.diff?cvsroot=cluster&r1=1.3&r2=1.4
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/gfs_ondisk.h.diff?cvsroot=cluster&r1=1.9&r2=1.10
--- cluster/gfs-kernel/src/gfs/eaops.c 2006/07/10 23:22:34 1.5
+++ cluster/gfs-kernel/src/gfs/eaops.c 2006/07/17 21:38:13 1.6
@@ -47,6 +47,10 @@
type = GFS_EATYPE_USR;
if (truncated_name)
*truncated_name = strchr(name, '.') + 1;
+ } else if (strncmp(name, "security.", 9) == 0) {
+ type = GFS_EATYPE_SECURITY;
+ if (truncated_name)
+ *truncated_name = strchr(name, '.') + 1;
} else {
type = GFS_EATYPE_UNUSED;
if (truncated_name)
@@ -223,6 +227,63 @@
return gfs_ea_remove_i(ip, er);
}
+/**
+ * security_eo_get -
+ * @ip:
+ * @er:
+ *
+ * Returns: errno
+ */
+
+static int
+security_eo_get(struct gfs_inode *ip, struct gfs_ea_request *er)
+{
+ struct inode *inode = ip->i_vnode;
+ int error = permission(inode, MAY_READ, NULL);
+ if (error)
+ return error;
+
+ return gfs_ea_get_i(ip, er);
+}
+
+/**
+ * security_eo_set -
+ * @ip:
+ * @er:
+ *
+ * Returns: errno
+ */
+
+static int
+security_eo_set(struct gfs_inode *ip, struct gfs_ea_request *er)
+{
+ struct inode *inode = ip->i_vnode;
+ int error = permission(inode, MAY_WRITE, NULL);
+ if (error)
+ return error;
+
+ return gfs_ea_set_i(ip, er);
+}
+
+/**
+ * security_eo_remove -
+ * @ip:
+ * @er:
+ *
+ * Returns: errno
+ */
+
+static int
+security_eo_remove(struct gfs_inode *ip, struct gfs_ea_request *er)
+{
+ struct inode *inode = ip->i_vnode;
+ int error = permission(inode, MAY_WRITE, NULL);
+ if (error)
+ return error;
+
+ return gfs_ea_remove_i(ip, er);
+}
+
struct gfs_eattr_operations gfs_user_eaops = {
.eo_get = user_eo_get,
.eo_set = user_eo_set,
@@ -237,10 +298,18 @@
.eo_name = "system",
};
+struct gfs_eattr_operations gfs_security_eaops = {
+ .eo_get = security_eo_get,
+ .eo_set = security_eo_set,
+ .eo_remove = security_eo_remove,
+ .eo_name = "security",
+};
+
struct gfs_eattr_operations *gfs_ea_ops[] = {
NULL,
&gfs_user_eaops,
&gfs_system_eaops,
+ &gfs_security_eaops,
};
--- cluster/gfs-kernel/src/gfs/eattr.c 2006/07/10 23:22:34 1.9
+++ cluster/gfs-kernel/src/gfs/eattr.c 2006/07/17 21:38:13 1.10
@@ -499,7 +499,7 @@
{
struct ea_list *ei = (struct ea_list *)private;
struct gfs_ea_request *er = ei->ei_er;
- unsigned int ea_size = GFS_EA_STRLEN(ea);
+ unsigned int ea_size = gfs_ea_strlen(ea);
if (ea->ea_type == GFS_EATYPE_UNUSED)
return 0;
@@ -512,14 +512,28 @@
if (ei->ei_size + ea_size > er->er_data_len)
return -ERANGE;
- if (ea->ea_type == GFS_EATYPE_USR) {
+ switch (ea->ea_type) {
+ case GFS_EATYPE_USR:
prefix = "user.";
l = 5;
- } else {
+ break;
+ case GFS_EATYPE_SYS:
prefix = "system.";
l = 7;
+ break;
+ case GFS_EATYPE_SECURITY:
+ prefix = "security.";
+ l = 9;
+ break;
+ default:
+ prefix = NULL;
+ l = 0;
+ break;
}
+ if (prefix == NULL || l == 0)
+ return -EIO;
+
memcpy(er->er_data + ei->ei_size,
prefix, l);
memcpy(er->er_data + ei->ei_size + l,
--- cluster/gfs-kernel/src/gfs/eattr.h 2006/07/10 23:22:34 1.3
+++ cluster/gfs-kernel/src/gfs/eattr.h 2006/07/17 21:38:13 1.4
@@ -64,6 +64,21 @@
struct gfs_ea_header *el_prev;
};
+static inline unsigned int
+gfs_ea_strlen(struct gfs_ea_header *ea)
+{
+ switch (ea->ea_type) {
+ case GFS_EATYPE_USR:
+ return (5 + (ea->ea_name_len + 1));
+ case GFS_EATYPE_SYS:
+ return (7 + (ea->ea_name_len + 1));
+ case GFS_EATYPE_SECURITY:
+ return (9 + (ea->ea_name_len + 1));
+ default:
+ return (0);
+ }
+}
+
int gfs_ea_repack(struct gfs_inode *ip);
int gfs_ea_get_i(struct gfs_inode *ip, struct gfs_ea_request *er);
--- cluster/gfs-kernel/src/gfs/gfs_ondisk.h 2006/07/10 23:22:34 1.9
+++ cluster/gfs-kernel/src/gfs/gfs_ondisk.h 2006/07/17 21:38:13 1.10
@@ -601,8 +601,9 @@
#define GFS_EATYPE_UNUSED (0)
#define GFS_EATYPE_USR (1) /* user attribute */
#define GFS_EATYPE_SYS (2) /* system attribute */
+#define GFS_EATYPE_SECURITY (3) /* security attribute */
-#define GFS_EATYPE_LAST (2)
+#define GFS_EATYPE_LAST (3)
#define GFS_EATYPE_VALID(x) ((x) <= GFS_EATYPE_LAST)
#define GFS_EAFLAG_LAST (0x01) /* last ea in block */
More information about the Cluster-devel
mailing list