LU-5560 security: send file security context for creates

[fs/lustre-release.git] / lustre / mdd / mdd_dir.c

diff --git a/lustre/mdd/mdd_dir.c b/lustre/mdd/mdd_dir.c
index bb96d7c..0e4d287 100644 (file)
--- a/lustre/mdd/mdd_dir.c
+++ b/lustre/mdd/mdd_dir.c
@@ -2016,6 +2016,7 @@ static int mdd_declare_object_create(const struct lu_env *env,
                                     struct lu_buf *acl_buf,
                                     struct dt_allocation_hint *hint)
 {
+       const struct lu_buf *buf;
        int rc;
 
        rc = mdd_declare_object_create_internal(env, p, c, attr, handle, spec,
@@ -2051,8 +2052,6 @@ static int mdd_declare_object_create(const struct lu_env *env,
        /* replay case, create LOV EA from client data */
        if (spec->no_create ||
            (spec->sp_cr_flags & MDS_OPEN_HAS_EA && S_ISREG(attr->la_mode))) {
-               const struct lu_buf *buf;
-
                buf = mdd_buf_get_const(env, spec->u.sp_ea.eadata,
                                        spec->u.sp_ea.eadatalen);
                rc = mdo_declare_xattr_set(env, c, buf, XATTR_NAME_LOV, 0,
@@ -2072,6 +2071,16 @@ static int mdd_declare_object_create(const struct lu_env *env,
                 if (rc)
                         GOTO(out, rc);
         }
+
+       if (spec->sp_cr_file_secctx_name != NULL) {
+               buf = mdd_buf_get_const(env, spec->sp_cr_file_secctx,
+                                       spec->sp_cr_file_secctx_size);
+               rc = mdo_declare_xattr_set(env, c, buf,
+                                          spec->sp_cr_file_secctx_name, 0,
+                                          handle);
+               if (rc < 0)
+                       GOTO(out, rc);
+       }
 out:
        return rc;
 }
@@ -2182,6 +2191,7 @@ static int mdd_object_create(const struct lu_env *env, struct mdd_object *pobj,
                             struct dt_allocation_hint *hint,
                             struct thandle *handle)
 {
+       const struct lu_buf    *buf;
        int                     rc;
 
        mdd_write_lock(env, son, MOR_TGT_CHILD);
@@ -2217,8 +2227,6 @@ static int mdd_object_create(const struct lu_env *env, struct mdd_object *pobj,
        if (spec->no_create ||
            (S_ISREG(attr->la_mode) && spec->sp_cr_flags & MDS_OPEN_HAS_EA) ||
            S_ISDIR(attr->la_mode)) {
-               const struct lu_buf *buf;
-
                buf = mdd_buf_get_const(env, spec->u.sp_ea.eadata,
                                        spec->u.sp_ea.eadatalen);
                rc = mdo_xattr_set(env, son, buf,
@@ -2268,6 +2276,15 @@ static int mdd_object_create(const struct lu_env *env, struct mdd_object *pobj,
                        GOTO(err_initlized, rc = -EFAULT);
        }
 
+       if (spec->sp_cr_file_secctx_name != NULL) {
+               buf = mdd_buf_get_const(env, spec->sp_cr_file_secctx,
+                                       spec->sp_cr_file_secctx_size);
+               rc = mdo_xattr_set(env, son, buf, spec->sp_cr_file_secctx_name,
+                                  0, handle);
+               if (rc < 0)
+                       GOTO(err_initlized, rc);
+       }
+
 err_initlized:
        if (unlikely(rc != 0)) {
                int rc2;