Add the LSM and SELinux infrastructure for invalidating inode-i_security and
for re-initializing it from inode_has_perm when necessary. In inode_has_perm,
we don't have access to a dentry, so file systems must implement iop-igetxattr
in order to be able to invalidate security labels.
All remaining file systems that use the generic xattr_handler infrastructure
only access dentry-d_inode and do nothing else with the dentry, so pass down
the inode instead of the dentry to the xattr_handler operations.
Signed-off-by: Andreas Gruenbacher agrue...@redhat.com
---
fs/ext2/xattr.c
Invalide security labels of inodes when they go invalid. SELinux will reload
the security.selinux xattr via iop-igetxattr on the next access.
Signed-off-by: Andreas Gruenbacher agrue...@redhat.com
---
fs/gfs2/glops.c | 2 ++
fs/gfs2/inode.c | 16
2 files changed, 14
Add an igetxattr inode operation that behaves as getxattr but operates on
inodes instead of dentries. File systems that support this operation can
implement igetxattr for reading xattrs in contexts where a dentry is not
available, such as within SELinux inode security checks.
Signed-off-by:
We have access to struct xattr_handler inside the list/get/set operations now,
so simplify some of the xattr code.
Signed-off-by: Andreas Gruenbacher agrue...@redhat.com
---
fs/9p/Makefile | 5 +---
fs/9p/acl.c| 51 -
fs/9p/xattr.c |
Of all the file systems that use the generic xattr handler infrastructure, 9p
is the only one that needs dentries inside the xattr file system code. Open
code the xattr handling code in 9p so that we can then convert the generic code
to pass down inodes instead of dentries; this actually takes
Move strcmp_prefix from fs/xattr.c into lib/string.h to make it available
elsewhere; export it to modules.
Signed-off-by: Andreas Gruenbacher agrue...@redhat.com
---
fs/xattr.c | 11 ---
include/linux/string.h | 1 +
lib/string.c | 16
3 files
Ubifs installs a security.* xattr handler in sb-s_xattr but doesn't use the
generic_{get,set,list,remove}xattr inode operations needed for processing this
list of attribute handlers; the handler is never called. Instead, ubifs uses
its own xattr handlers which also process security.* xattrs.
The xattr_handler operations are currently all passed a file system specific
flags value which the operations can use to disambiguate between different
handlers; some file systems use that to distinguish the xattr namespace, for
example. In some oprations, it would be useful to also have access
Hello,
this patch queue adds an LSM hook for file systems to invalidate inode security
labels. To allow selinux to revalidate invalid labels, the generic xattr
handlers are cleaned up a bit and a new igetxattr inode operation is
introduced: the getxattr inode operation requires a dentry which
The generic_{get,set,remove}xattr inode operations use the xattr name prefix to
decide which of the defined xattr handlers to call, then call the appropriate
handler's get or set operation. The name suffix is passed to the get or set
operations, the prefix is still there in the name before the
The list operations can never be called; they are even documented to be unused.
Signed-off-by: Andreas Gruenbacher agrue...@redhat.com
---
fs/hfsplus/xattr.c | 11 ---
fs/hfsplus/xattr_security.c | 11 ---
fs/hfsplus/xattr_trusted.c | 11 ---
12 matches
Mail list logo