1
linux/fs
Stephen Smalley f549d6c18c [PATCH] Generic VFS fallback for security xattrs
This patch modifies the VFS setxattr, getxattr, and listxattr code to fall
back to the security module for security xattrs if the filesystem does not
support xattrs natively.  This allows security modules to export the incore
inode security label information to userspace even if the filesystem does
not provide xattr storage, and eliminates the need to individually patch
various pseudo filesystem types to provide such access.  The patch removes
the existing xattr code from devpts and tmpfs as it is then no longer
needed.

The patch restructures the code flow slightly to reduce duplication between
the normal path and the fallback path, but this should only have one
user-visible side effect - a program may get -EACCES rather than
-EOPNOTSUPP if policy denied access but the filesystem didn't support the
operation anyway.  Note that the post_setxattr hook call is not needed in
the fallback case, as the inode_setsecurity hook call handles the incore
inode security state update directly.  In contrast, we do call fsnotify in
both cases.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-09-05 00:05:52 -07:00
..
adfs [ARM] fs/adfs/adfs.h: "extern inline" doesn't make sense 2005-08-20 17:20:28 +01:00
affs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
afs [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
autofs Fix nasty ncpfs symlink handling bug. 2005-08-19 18:02:56 -07:00
autofs4 [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
befs befs: fix up missed follow_link declaration change 2005-08-20 13:20:01 -07:00
bfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cifs [PATCH] Fix oops in fs/locks.c on close of file with pending locks 2005-08-26 16:05:35 -07:00
coda [PATCH] class: convert the remaining class_simple users in the kernel to usee the new class api 2005-06-20 15:15:11 -07:00
cramfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
debugfs [PATCH] remove duplicate get_dentry functions in various places 2005-06-23 09:45:20 -07:00
devfs [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
devpts [PATCH] Generic VFS fallback for security xattrs 2005-09-05 00:05:52 -07:00
efs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exportfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ext2 Fix nasty ncpfs symlink handling bug. 2005-08-19 18:02:56 -07:00
ext3 Fix nasty ncpfs symlink handling bug. 2005-08-19 18:02:56 -07:00
fat [PATCH] fatfs sectioning fix 2005-06-30 22:29:48 -07:00
freevxfs [PATCH] freevxfs: fix breakage introduced by symlink fixes 2005-08-20 14:30:50 -07:00
hfs [PATCH] hfs: don't reference missing page 2005-08-01 21:38:00 -07:00
hfsplus [PATCH] hfs: don't reference missing page 2005-08-01 21:38:00 -07:00
hostfs [PATCH] uml: implement hostfs syncing 2005-07-28 21:46:05 -07:00
hpfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
hppfs [PATCH] hppfs: fix symlink error path 2005-08-26 11:39:19 -07:00
hugetlbfs [PATCH] Avoiding mmap fragmentation 2005-06-21 18:46:16 -07:00
isofs Check input buffer size in zisofs 2005-08-06 09:42:06 -07:00
jbd [PATCH] Cleanup patch for process freezing 2005-06-25 17:10:13 -07:00
jffs [PATCH] Fix missing refrigerator invocation in jffs2 2005-07-27 16:25:49 -07:00
jffs2 [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
jfs Merge refs/heads/for-linus from master.kernel.org:/pub/scm/linux/kernel/git/shaggy/jfs-2.6.git 2005-08-30 07:47:42 -07:00
lockd [PATCH] NFS: procfs/sysctl interfaces for lockd do not work on x86_64 2005-07-13 11:25:24 -07:00
minix Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
msdos Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ncpfs [PATCH] fs/ncpfs/: remove unused #ifdef USE_OLD_SLOW_DIRECTORY_LISTING code 2005-06-25 16:25:04 -07:00
nfs [PATCH] NFSv4: unbalanced BKL in nfs_atomic_lookup() 2005-08-19 18:44:56 -07:00
nfs_common [PATCH] NFS: Ensure ACL xdr code doesn't overflow. 2005-08-16 08:52:11 -07:00
nfsd [PATCH] nfsd to unlock kernel before exiting 2005-08-17 12:53:05 -07:00
nls [PATCH] make some things static 2005-05-05 16:36:47 -07:00
ntfs NTFS: Complete the previous fix for the unset device when mapping buffers 2005-08-16 19:42:56 +01:00
openpromfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
partitions [PATCH] small partitions/msdos cleanups 2005-06-25 16:24:59 -07:00
proc [PATCH] add /proc/pid/smaps 2005-09-05 00:05:49 -07:00
qnx4 [PATCH] fs/qnx4/*: fix sparse warnings 2005-06-24 14:14:24 -07:00
ramfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
reiserfs [PATCH] reiserfs+acl+quota deadlock fix 2005-08-18 12:53:57 -07:00
romfs Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
smbfs [TCP]: Move the tcp sock states to net/tcp_states.h 2005-08-29 15:41:54 -07:00
sysfs [PATCH] Fix oops in sysfs_hash_and_remove_file() 2005-08-26 19:37:13 -07:00
sysv [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
udf [PATCH] udf_find_entry() cleanup 2005-06-30 08:45:11 -07:00
ufs [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
umsdos Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
vfat Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
xfs [PATCH] Fix up symlink function pointers 2005-08-19 18:08:21 -07:00
aio.c [PATCH] aio-retry-fix: fix aio retry work queueing 2005-06-28 21:20:32 -07:00
attr.c [PATCH] inotify 2005-07-12 20:38:38 -07:00
bad_inode.c [PATCH] make some things static 2005-05-05 16:36:47 -07:00
binfmt_aout.c [PATCH] Avoiding mmap fragmentation 2005-06-21 18:46:16 -07:00
binfmt_elf_fdpic.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
binfmt_elf.c [PATCH] Avoiding mmap fragmentation 2005-06-21 18:46:16 -07:00
binfmt_em86.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
binfmt_flat.c [PATCH] uclinux: use MAP_PRIVATE when mmaping code regions in flat binary loader 2005-09-02 00:57:31 -07:00
binfmt_misc.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
binfmt_script.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
binfmt_som.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
bio.c [PATCH] __bio_clone() dead comment 2005-08-07 10:00:38 -07:00
block_dev.c [PATCH] block: add unlocked_ioctl support for block devices 2005-06-23 09:45:32 -07:00
buffer.c [PATCH] page_uptodate locking scalability 2005-07-07 18:23:45 -07:00
char_dev.c [PATCH] cdev: cdev_put oops 2005-07-12 16:01:02 -07:00
compat_ioctl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
compat.c [PATCH] inotify 2005-07-12 20:38:38 -07:00
dcache.c [PATCH] fsnotify_name/inoderemove 2005-08-08 11:53:47 -07:00
dcookies.c [PATCH] dcookies.c: use proper refcounting functions 2005-07-07 18:23:52 -07:00
direct-io.c [PATCH] pass iocb to dio_iodone_t 2005-06-24 00:05:19 -07:00
dnotify.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
dquot.c [PATCH] list_for_each_entry: fs-dquot.c 2005-06-25 16:25:11 -07:00
eventpoll.c [PATCH] Remove eventpoll macro obfuscation 2005-06-23 09:45:30 -07:00
exec.c [PATCH] reset real_timer target on exec leader change 2005-07-12 16:01:01 -07:00
fcntl.c [PATCH] stale POSIX lock handling 2005-07-27 16:26:06 -07:00
fifo.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
file_table.c [PATCH] inotify 2005-07-12 20:38:38 -07:00
file.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
filesystems.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
fs-writeback.c [PATCH] O(1) sb list traversing on syncs 2005-06-23 09:45:27 -07:00
inode.c [PATCH] Fix soft lockup due to NTFS: VFS part and explanation 2005-07-13 11:25:24 -07:00
inotify.c [PATCH] Document idr_get_new_above() semantics, update inotify 2005-08-26 11:32:57 -07:00
ioctl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
ioprio.c Don't allow normal users to set idle IO priority 2005-08-20 18:51:29 -07:00
Kconfig [PATCH] Generic VFS fallback for security xattrs 2005-09-05 00:05:52 -07:00
Kconfig.binfmt Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
libfs.c [PATCH] fix fsync(dir) return value for ram-based filesystems 2005-06-25 16:24:38 -07:00
locks.c [PATCH] stale POSIX lock handling 2005-07-27 16:26:06 -07:00
Makefile [PATCH] inotify 2005-07-12 20:38:38 -07:00
mbcache.c [PATCH] mbcache: Remove unused mb_cache_shrink parameter 2005-07-27 16:26:07 -07:00
mpage.c [PATCH] mpage_end_io_write() I/O error handling fix 2005-06-04 17:12:59 -07:00
namei.c Fix nasty ncpfs symlink handling bug. 2005-08-19 18:02:56 -07:00
namespace.c [PATCH] namespace.c: fix bind mount from foreign namespace 2005-08-07 10:00:38 -07:00
nfsctl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
open.c [PATCH] inotify 2005-07-12 20:38:38 -07:00
pipe.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
posix_acl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
quota_v1.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
quota_v2.c [PATCH] quota: possible bug in quota format v2 support 2005-04-16 15:25:47 -07:00
quota.c [PATCH] O(1) sb list traversing on syncs 2005-06-23 09:45:27 -07:00
read_write.c [PATCH] inotify 2005-07-12 20:38:38 -07:00
readdir.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
select.c [PATCH] make some things static 2005-05-05 16:36:47 -07:00
seq_file.c [PATCH] DocBook: fix some descriptions 2005-05-01 08:59:26 -07:00
stat.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
super.c [PATCH] set mnt_namespace in the correct place 2005-07-07 18:23:52 -07:00
xattr_acl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
xattr.c [PATCH] Generic VFS fallback for security xattrs 2005-09-05 00:05:52 -07:00