[Cluster-devel] cluster/gfs-kernel/src/gfs eaops.c eaops.h eat ...
rohara at sourceware.org
rohara at sourceware.org
Mon Nov 20 20:06:15 UTC 2006
CVSROOT: /cvs/cluster
Module name: cluster
Branch: STABLE
Changes by: rohara at sourceware.org 2006-11-20 20:06:14
Modified files:
gfs-kernel/src/gfs: eaops.c eaops.h eattr.c eattr.h gfs_ondisk.h
Log message:
Add SELinux xattr support.
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eaops.c.diff?cvsroot=cluster&only_with_tag=STABLE&r1=1.1.6.1.2.3&r2=1.1.6.1.2.4
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eaops.h.diff?cvsroot=cluster&only_with_tag=STABLE&r1=1.1&r2=1.1.8.1
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eattr.c.diff?cvsroot=cluster&only_with_tag=STABLE&r1=1.5.6.1.2.1&r2=1.5.6.1.2.2
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/eattr.h.diff?cvsroot=cluster&only_with_tag=STABLE&r1=1.2&r2=1.2.8.1
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/gfs-kernel/src/gfs/gfs_ondisk.h.diff?cvsroot=cluster&only_with_tag=STABLE&r1=1.7&r2=1.7.8.1
--- cluster/gfs-kernel/src/gfs/eaops.c 2006/03/13 22:26:24 1.1.6.1.2.3
+++ cluster/gfs-kernel/src/gfs/eaops.c 2006/11/20 20:06:14 1.1.6.1.2.4
@@ -47,6 +47,10 @@
type = GFS_EATYPE_USR;
if (truncated_name)
*truncated_name = strchr(name, '.') + 1;
+ } else if (strncmp(name, "security.", 9) == 0) {
+ type = GFS_EATYPE_SECURITY;
+ if (truncated_name)
+ *truncated_name = strchr(name, '.') + 1;
} else {
type = GFS_EATYPE_UNUSED;
if (truncated_name)
@@ -223,6 +227,63 @@
return gfs_ea_remove_i(ip, er);
}
+/**
+ * security_eo_get -
+ * @ip:
+ * @er:
+ *
+ * Returns: errno
+ */
+
+static int
+security_eo_get(struct gfs_inode *ip, struct gfs_ea_request *er)
+{
+ struct inode *inode = ip->i_vnode;
+ int error = permission(inode, MAY_READ, NULL);
+ if (error)
+ return error;
+
+ return gfs_ea_get_i(ip, er);
+}
+
+/**
+ * security_eo_set -
+ * @ip:
+ * @er:
+ *
+ * Returns: errno
+ */
+
+static int
+security_eo_set(struct gfs_inode *ip, struct gfs_ea_request *er)
+{
+ struct inode *inode = ip->i_vnode;
+ int error = permission(inode, MAY_WRITE, NULL);
+ if (error)
+ return error;
+
+ return gfs_ea_set_i(ip, er);
+}
+
+/**
+ * security_eo_remove -
+ * @ip:
+ * @er:
+ *
+ * Returns: errno
+ */
+
+static int
+security_eo_remove(struct gfs_inode *ip, struct gfs_ea_request *er)
+{
+ struct inode *inode = ip->i_vnode;
+ int error = permission(inode, MAY_WRITE, NULL);
+ if (error)
+ return error;
+
+ return gfs_ea_remove_i(ip, er);
+}
+
struct gfs_eattr_operations gfs_user_eaops = {
.eo_get = user_eo_get,
.eo_set = user_eo_set,
@@ -237,10 +298,17 @@
.eo_name = "system",
};
+struct gfs_eattr_operations gfs_security_eaops = {
+ .eo_get = security_eo_get,
+ .eo_set = security_eo_set,
+ .eo_remove = security_eo_remove,
+ .eo_name = "security",
+};
+
struct gfs_eattr_operations *gfs_ea_ops[] = {
NULL,
&gfs_user_eaops,
&gfs_system_eaops,
+ &gfs_security_eaops,
};
-
--- cluster/gfs-kernel/src/gfs/eaops.h 2004/10/05 19:44:58 1.1
+++ cluster/gfs-kernel/src/gfs/eaops.h 2006/11/20 20:06:14 1.1.8.1
@@ -27,6 +27,7 @@
extern struct gfs_eattr_operations gfs_user_eaops;
extern struct gfs_eattr_operations gfs_system_eaops;
+extern struct gfs_eattr_operations gfs_security_eaops;
extern struct gfs_eattr_operations *gfs_ea_ops[];
--- cluster/gfs-kernel/src/gfs/eattr.c 2005/08/31 04:30:43 1.5.6.1.2.1
+++ cluster/gfs-kernel/src/gfs/eattr.c 2006/11/20 20:06:14 1.5.6.1.2.2
@@ -499,7 +499,7 @@
{
struct ea_list *ei = (struct ea_list *)private;
struct gfs_ea_request *er = ei->ei_er;
- unsigned int ea_size = GFS_EA_STRLEN(ea);
+ unsigned int ea_size = gfs_ea_strlen(ea);
if (ea->ea_type == GFS_EATYPE_UNUSED)
return 0;
@@ -512,14 +512,28 @@
if (ei->ei_size + ea_size > er->er_data_len)
return -ERANGE;
- if (ea->ea_type == GFS_EATYPE_USR) {
+ switch (ea->ea_type) {
+ case GFS_EATYPE_USR:
prefix = "user.";
l = 5;
- } else {
+ break;
+ case GFS_EATYPE_SYS:
prefix = "system.";
l = 7;
+ break;
+ case GFS_EATYPE_SECURITY:
+ prefix = "security.";
+ l = 9;
+ break;
+ default:
+ prefix = NULL;
+ l = 0;
+ break;
}
+ if (prefix == NULL || l == 0)
+ return -EIO;
+
memcpy(er->er_data + ei->ei_size,
prefix, l);
memcpy(er->er_data + ei->ei_size + l,
--- cluster/gfs-kernel/src/gfs/eattr.h 2004/10/05 19:44:58 1.2
+++ cluster/gfs-kernel/src/gfs/eattr.h 2006/11/20 20:06:14 1.2.8.1
@@ -23,9 +23,6 @@
((GFS_EA_IS_STUFFED(ea)) ? \
GFS_EA_DATA_LEN(ea) : \
(sizeof(uint64_t) * (ea)->ea_num_ptrs)))
-#define GFS_EA_STRLEN(ea) \
-((((ea)->ea_type == GFS_EATYPE_USR) ? 5 : 7) + \
- (ea)->ea_name_len + 1)
#define GFS_EA_IS_STUFFED(ea) (!(ea)->ea_num_ptrs)
#define GFS_EA_IS_LAST(ea) ((ea)->ea_flags & GFS_EAFLAG_LAST)
@@ -64,6 +61,21 @@
struct gfs_ea_header *el_prev;
};
+static inline unsigned int
+gfs_ea_strlen(struct gfs_ea_header *ea)
+{
+ switch (ea->ea_type) {
+ case GFS_EATYPE_USR:
+ return (5 + (ea->ea_name_len + 1));
+ case GFS_EATYPE_SYS:
+ return (7 + (ea->ea_name_len + 1));
+ case GFS_EATYPE_SECURITY:
+ return (9 + (ea->ea_name_len + 1));
+ default:
+ return (0);
+ }
+}
+
int gfs_ea_repack(struct gfs_inode *ip);
int gfs_ea_get_i(struct gfs_inode *ip, struct gfs_ea_request *er);
--- cluster/gfs-kernel/src/gfs/gfs_ondisk.h 2004/12/03 22:42:06 1.7
+++ cluster/gfs-kernel/src/gfs/gfs_ondisk.h 2006/11/20 20:06:14 1.7.8.1
@@ -599,8 +599,9 @@
#define GFS_EATYPE_UNUSED (0)
#define GFS_EATYPE_USR (1) /* user attribute */
#define GFS_EATYPE_SYS (2) /* system attribute */
+#define GFS_EATYPE_SECURITY (3) /* security attribute */
-#define GFS_EATYPE_LAST (2)
+#define GFS_EATYPE_LAST (3)
#define GFS_EATYPE_VALID(x) ((x) <= GFS_EATYPE_LAST)
#define GFS_EAFLAG_LAST (0x01) /* last ea in block */
More information about the Cluster-devel
mailing list