4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see http://www.gnu.org/licenses
23 * Copyright (c) 2014 Bull SAS
24 * Author: Sebastien Buisson sebastien.buisson@bull.net
28 * lustre/llite/xattr_security.c
29 * Handler for storing security labels as extended attributes.
32 #include <linux/types.h>
33 #include <linux/security.h>
34 #include <linux/selinux.h>
35 #include <linux/xattr.h>
36 #include "llite_internal.h"
39 * A helper function for ll_security_inode_init_security()
40 * that takes care of setting xattrs
42 * Get security context of @inode from @xattr_array,
43 * and put it in 'security.xxx' xattr of dentry
47 * \retval -ENOMEM if no memory could be allocated for xattr name
48 * \retval < 0 failure to set xattr
51 ll_initxattrs(struct inode *inode, const struct xattr *xattr_array,
54 struct dentry *dentry = fs_info;
55 const struct xattr *xattr;
58 for (xattr = xattr_array; xattr->name; xattr++) {
61 full_name = kasprintf(GFP_KERNEL, "%s%s",
62 XATTR_SECURITY_PREFIX, xattr->name);
68 err = __vfs_setxattr(dentry, inode, full_name, xattr->value,
69 xattr->value_len, XATTR_CREATE);
78 * Initializes security context
80 * Get security context of @inode in @dir,
81 * and put it in 'security.xxx' xattr of @dentry.
83 * \retval 0 success, or SELinux is disabled
84 * \retval -ENOMEM if no memory could be allocated for xattr name
85 * \retval < 0 failure to get security context or set xattr
88 ll_init_security(struct dentry *dentry, struct inode *inode, struct inode *dir)
90 if (!selinux_is_enabled())
93 return security_inode_init_security(inode, dir, NULL,
94 &ll_initxattrs, dentry);