Re: [PATCH -mm 2/3] [LSM] Stacking support for inode_init_security

From: serue@private
Date: Mon Aug 22 2005 - 01:19:14 PDT

Previous message: umesh chandak: "application using LSM network hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This patch, against the 2.6.13-rc6-mm1 stacker, defines the
inode_init_security() hook.

thanks,
-serge

Signed-off-by: Serge Hallyn <serue@private>
--
 stacker.c |   35 +++++++++++++++++++++++++++++++++++
 1 files changed, 35 insertions(+)

Index: linux-2.6.13-rc6-mm1/security/stacker.c
===================================================================
--- linux-2.6.13-rc6-mm1.orig/security/stacker.c	2005-08-19 17:00:39.000000000 -0500
+++ linux-2.6.13-rc6-mm1/security/stacker.c	2005-08-19 17:01:54.000000000 -0500
@@ -443,6 +443,40 @@ static void stacker_inode_free_security 
 		security_disown_value(h);
 }
 
+static int stacker_inode_init_security(struct inode *inode, struct inode *dir,
+				       struct list_head *head)
+{
+	int ret, succ_ret = -EOPNOTSUPP;
+	struct xattr_data *p, *n;
+	struct module_entry *m;
+
+	rcu_read_lock();
+	stack_for_each_entry(m, &stacked_modules, lsm_list) {
+		if (!m->module_operations.inode_init_security)
+			continue;
+		rcu_read_unlock();
+		ret = m->module_operations.inode_init_security(inode,dir,head);
+		rcu_read_lock();
+		if (ret && ret != -EOPNOTSUPP)
+			goto out_free_data;
+		if (ret == 0)
+			succ_ret = 0;
+	}
+	rcu_read_unlock();
+	return succ_ret;
+
+out_free_data:
+	if (!head)
+		return ret;
+	list_for_each_entry_safe(p, n, head, list) {
+		list_del(&p->list);
+		kfree(p->value);
+		kfree(p->name);
+		kfree(p);
+	}
+	return ret;
+}
+
 static int stacker_inode_create (struct inode *inode, struct dentry *dentry,
 			       int mask)
 {
@@ -1315,6 +1349,7 @@ static struct security_operations stacke
 
 	.inode_alloc_security		= stacker_inode_alloc_security,
 	.inode_free_security		= stacker_inode_free_security,
+	.inode_init_security		= stacker_inode_init_security,
 	.inode_create			= stacker_inode_create,
 	.inode_link			= stacker_inode_link,
 	.inode_unlink			= stacker_inode_unlink,

Previous message: umesh chandak: "application using LSM network hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Aug 22 2005 - 06:06:07 PDT