4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see http://www.gnu.org/licenses
23 * Copyright (c) 2014 Bull SAS
25 * Copyright (c) 2015, 2016, Intel Corporation.
26 * Author: Sebastien Buisson sebastien.buisson@bull.net
30 * lustre/llite/xattr_security.c
31 * Handler for storing security labels as extended attributes.
34 #include <linux/types.h>
35 #include <linux/security.h>
36 #ifdef HAVE_LINUX_SELINUX_IS_ENABLED
37 #include <linux/selinux.h>
39 #include <linux/xattr.h>
40 #include "llite_internal.h"
42 #ifndef XATTR_SELINUX_SUFFIX
43 # define XATTR_SELINUX_SUFFIX "selinux"
46 #ifndef XATTR_NAME_SELINUX
47 # define XATTR_NAME_SELINUX XATTR_SECURITY_PREFIX XATTR_SELINUX_SUFFIX
51 * Check for LL_SBI_FILE_SECCTX before calling.
53 int ll_dentry_init_security(struct inode *parent, struct dentry *dentry,
54 int mode, struct qstr *name,
55 const char **secctx_name, void **secctx,
61 * security_dentry_init_security() is strange. Like
62 * security_inode_init_security() it may return a context (provided a
63 * Linux security module is enabled) but unlike
64 * security_inode_init_security() it does not return to us the name of
65 * the extended attribute to store the context under (for example
66 * "security.selinux"). So we only call it when we think we know what
67 * the name of the extended attribute will be. This is OK-ish since
68 * SELinux is the only module that implements
69 * security_dentry_init_security(). Note that the NFS client code just
70 * calls it and assumes that if anything is returned then it must come
74 if (!selinux_is_enabled())
77 /* fetch length of security xattr name */
78 rc = security_inode_listsecurity(parent, NULL, 0);
79 /* xattr name length == 0 means SELinux is disabled */
82 /* we support SELinux only */
83 if (rc != strlen(XATTR_NAME_SELINUX) + 1)
86 rc = security_dentry_init_security(dentry, mode, name,
87 #ifdef HAVE_SECURITY_DENTRY_INIT_WITH_XATTR_NAME_ARG
91 /* Usually, security_dentry_init_security() returns -EOPNOTSUPP when
92 * SELinux is disabled.
93 * But on some kernels (e.g. rhel 8.5) it returns 0 when SELinux is
94 * disabled, and in this case the security context is empty.
96 if (rc == -EOPNOTSUPP || (rc == 0 && *secctx_size == 0))
102 #ifndef HAVE_SECURITY_DENTRY_INIT_WITH_XATTR_NAME_ARG
103 *secctx_name = XATTR_NAME_SELINUX;
110 * A helper function for security_inode_init_security()
111 * that takes care of setting xattrs
113 * Get security context of @inode from @xattr_array,
114 * and put it in 'security.xxx' xattr of dentry
115 * stored in @fs_info.
118 * \retval -ENOMEM if no memory could be allocated for xattr name
119 * \retval < 0 failure to set xattr
122 ll_initxattrs(struct inode *inode, const struct xattr *xattr_array,
125 struct dentry *dentry = fs_info;
126 const struct xattr *xattr;
129 for (xattr = xattr_array; xattr->name; xattr++) {
132 full_name = kasprintf(GFP_KERNEL, "%s%s",
133 XATTR_SECURITY_PREFIX, xattr->name);
139 err = ll_vfs_setxattr(dentry, inode, full_name, xattr->value,
140 xattr->value_len, XATTR_CREATE);
149 * Initializes security context
151 * Get security context of @inode in @dir,
152 * and put it in 'security.xxx' xattr of @dentry.
154 * \retval 0 success, or SELinux is disabled
155 * \retval -ENOMEM if no memory could be allocated for xattr name
156 * \retval < 0 failure to get security context or set xattr
159 ll_inode_init_security(struct dentry *dentry, struct inode *inode,
164 if (!selinux_is_enabled())
167 rc = security_inode_init_security(inode, dir, NULL,
168 &ll_initxattrs, dentry);
169 if (rc == -EOPNOTSUPP)
176 * Get security context xattr name used by policy.
178 * \retval >= 0 length of xattr name
179 * \retval < 0 failure to get security context xattr name
182 ll_listsecurity(struct inode *inode, char *secctx_name, size_t secctx_name_size)
186 if (!selinux_is_enabled())
189 rc = security_inode_listsecurity(inode, secctx_name, secctx_name_size);
190 if (rc >= secctx_name_size)
193 secctx_name[rc] = '\0';