Re: [PATCH] Add security.selinux XATTR support for the UBIFS. Alsofix couple of bugs in UBIFS extended attribute length calculation.
From: David Quigley
Date: Mon Apr 09 2012 - 09:42:35 EST
On 04/08/2012 22:37, Casey Schaufler wrote:
+
+size_t
+ubifs_security_listxattr(struct dentry *d, char *list, size_t
list_size,
+ const char *name, size_t name_len, int flags)
+{
+ const int prefix_len = XATTR_SECURITY_PREFIX_LEN;
+ const size_t total_len = prefix_len + name_len + 1;
+ if (list && total_len <= list_size) {
+ memcpy(list, XATTR_SECURITY_PREFIX, prefix_len);
+ memcpy(list+prefix_len, name, name_len);
+ list[prefix_len + name_len] = '\0';
+ }
+ return total_len;
+}
+
+
+int ubifs_security_getxattr(struct dentry *d, const char *name,
+ void *buffer, size_t size, int flags)
+{
+ if (strcmp(name, "") == 0)
+ return -EINVAL;
+ return __ubifs_getxattr(d->d_inode, XATTR_NAME_SELINUX, buffer,
size);
+}
+
+
+int ubifs_security_setxattr(struct dentry *d, const char *name,
+ const void *value, size_t size,
+ int flags, int handler_flags)
+{
+ if (strcmp(name, "") == 0)
+ return -EINVAL;
+ return __ubifs_setxattr(d->d_inode, XATTR_NAME_SELINUX, value,
More constructively, Casey is right in that you shouldn't be putting
the SELinux xattr in there. If __ubifs_setxattr is expecting the full
namespace.name string just pass name down. Otherwise strip off the
security. and send the remaining porting down to __ubiffs_setxattr.
Dave
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/