+ struct seq_file *seq = file->private_data;
+ struct obd_device *obd = seq->private;
+ struct client_obd *cli = &obd->u.cli;
+ struct obd_import *imp = cli->cl_import;
+ struct sepol_downcall_data *param;
+ __u32 magic;
+ int size = sizeof(magic);
+ __u16 len;
+ int rc = 0;
+
+ if (count < size) {
+ rc = -EINVAL;
+ CERROR("%s: invalid buffer count = %lu, size = %d: rc = %d\n",
+ obd->obd_name, (unsigned long) count, size, rc);
+ return rc;
+ }
+
+ if (copy_from_user(&magic, buffer, size)) {
+ rc = -EFAULT;
+ CERROR("%s: bad sepol magic: rc = %d\n", obd->obd_name, rc);
+ return rc;
+ }
+
+ if (magic != SEPOL_DOWNCALL_MAGIC) {
+#if LUSTRE_VERSION_CODE < OBD_OCD_VERSION(2, 16, 53, 0)
+ if (magic == SEPOL_DOWNCALL_MAGIC_OLD) {
+ return sepol_seq_write_old(obd, buffer, count);
+ }
+#endif
+ rc = -EINVAL;
+ CERROR("%s: sepol downcall bad magic '%#08x': rc = %d\n",
+ obd->obd_name, magic, rc);
+ return rc;
+ }
+
+ size = sizeof(*param);
+ if (count < size) {
+ rc = -EINVAL;
+ CERROR("%s: invalid data count = %lu, size = %d: rc = %d\n",
+ obd->obd_name, (unsigned long) count, size, rc);
+ return rc;
+ }
+
+ OBD_ALLOC(param, size);
+ if (param == NULL)
+ return -ENOMEM;
+
+ if (copy_from_user(param, buffer, size)) {
+ rc = -EFAULT;
+ CERROR("%s: bad sepol data: rc = %d\n", obd->obd_name, rc);
+ GOTO(out, rc);
+ }
+
+ if (param->sdd_sepol_len == 0 ||
+ param->sdd_sepol_len >= sizeof(imp->imp_sec->ps_sepol)) {
+ rc = -EINVAL;
+ CERROR("%s: invalid sepol data returned: rc = %d\n",
+ obd->obd_name, rc);
+ GOTO(out, rc);
+ }
+ len = param->sdd_sepol_len; /* save sdd_sepol_len */
+ OBD_FREE(param, size);
+ size = offsetof(struct sepol_downcall_data,
+ sdd_sepol[len]);
+
+ /* alloc again with real size */
+ OBD_ALLOC(param, size);
+ if (param == NULL)
+ return -ENOMEM;
+
+ if (copy_from_user(param, buffer, size)) {
+ rc = -EFAULT;
+ CERROR("%s: cannot copy sepol data: rc = %d\n",
+ obd->obd_name, rc);
+ GOTO(out, rc);
+ }
+
+ spin_lock(&imp->imp_sec->ps_lock);
+ snprintf(imp->imp_sec->ps_sepol, param->sdd_sepol_len + 1, "%s",
+ param->sdd_sepol);
+ imp->imp_sec->ps_sepol_mtime = ktime_set(param->sdd_sepol_mtime, 0);
+ spin_unlock(&imp->imp_sec->ps_lock);