Sophie: kernel-2.6.18-238.el5 src

kernel-2.6.18-238.el5.src.rpm

From: Steven Whitehouse <swhiteho@redhat.com>
Subject: [RHEL5] Initialization of security/acls in gfs2
Date: Fri, 15 Dec 2006 10:26:09 +0000
Bugzilla: 206126
Message-Id: <1166178369.3752.1176.camel@quoit.chygwyn.com>
Changelog: gfs2: Initialization of security/acls


Hi,

For some reason this bug (bz 206126) appears to have got into the POST
state apparently without a patch actually being posted, so here it is.
The patch has been upstream for a while and was tested by Ryan at the
time it went upstream. This patch is taken directly from Linus' git
tree.

Steve.


X-Git-Tag: v2.6.19-rc1
X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=fcb47e0bd279cab5ba8299c0a1e3364d15413a6b

[GFS2] Initialize SELinux extended attributes at inode creation time.

This patch has gfs2_security_init declared as a static function, which
is correct. As a result, the declaration of this function in inode.h is
removed (and thus inode.h is unchanged). Also removed #include eaops.h,
which is not needed.

Signed-Off-By: Ryan O'Hara <rohara@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
---

--- a/fs/gfs2/inode.c
+++ b/fs/gfs2/inode.c
@@ -17,6 +17,7 @@
 #include <linux/gfs2_ondisk.h>
 #include <linux/crc32.h>
 #include <linux/lm_interface.h>
+#include <linux/security.h>
 
 #include "gfs2.h"
 #include "incore.h"
@@ -806,6 +807,39 @@ fail:
 	return error;
 }
 
+static int gfs2_security_init(struct gfs2_inode *dip, struct gfs2_inode *ip)
+{
+	int err;
+	size_t len;
+	void *value;
+	char *name;
+	struct gfs2_ea_request er;
+
+	err = security_inode_init_security(&ip->i_inode, &dip->i_inode,
+					   &name, &value, &len);
+
+	if (err) {
+		if (err == -EOPNOTSUPP)
+			return 0;
+		return err;
+	}
+
+	memset(&er, 0, sizeof(struct gfs2_ea_request));
+
+	er.er_type = GFS2_EATYPE_SECURITY;
+	er.er_name = name;
+	er.er_data = value;
+	er.er_name_len = strlen(name);
+	er.er_data_len = len;
+
+	err = gfs2_ea_set_i(ip, &er);
+
+	kfree(value);
+	kfree(name);
+
+	return err;
+}
+
 /**
  * gfs2_createi - Create a new inode
  * @ghs: An array of two holders
@@ -897,6 +931,10 @@ struct inode *gfs2_createi(struct gfs2_h
 	if (error)
 		goto fail_iput;
 
+	error = gfs2_security_init(dip, GFS2_I(inode));
+	if (error)
+		goto fail_iput;
+
 	error = link_dinode(dip, name, GFS2_I(inode));
 	if (error)
 		goto fail_iput;