summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorDavid Quigley <dpquigl@davequigley.com>2013-05-22 12:50:44 -0400
committerTrond Myklebust <Trond.Myklebust@netapp.com>2013-06-08 16:20:16 -0400
commitaa9c2669626ca7e5e5bab28e6caeb583fd40099b (patch)
tree632e008011b5a8b75edf5a2f4c3c0daf464f0cc4 /security
parent14c43f767818c42f91ec7ffa586ee975845f68c8 (diff)
downloadblackbird-op-linux-aa9c2669626ca7e5e5bab28e6caeb583fd40099b.tar.gz
blackbird-op-linux-aa9c2669626ca7e5e5bab28e6caeb583fd40099b.zip
NFS: Client implementation of Labeled-NFS
This patch implements the client transport and handling support for labeled NFS. The patch adds two functions to encode and decode the security label recommended attribute which makes use of the LSM hooks added earlier. It also adds code to grab the label from the file attribute structures and encode the label to be sent back to the server. Acked-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Matthew N. Dodd <Matthew.Dodd@sparta.com> Signed-off-by: Miguel Rodel Felipe <Rodel_FM@dsi.a-star.edu.sg> Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@dsi.a-star.edu.sg> Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@dsi.a-star.edu.sg> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/hooks.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6149633ff715..9f8e9b2e717a 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2908,7 +2908,10 @@ static void selinux_inode_post_setxattr(struct dentry *dentry, const char *name,
return;
}
+ isec->sclass = inode_mode_to_security_class(inode->i_mode);
isec->sid = newsid;
+ isec->initialized = 1;
+
return;
}
@@ -2996,6 +2999,7 @@ static int selinux_inode_setsecurity(struct inode *inode, const char *name,
if (rc)
return rc;
+ isec->sclass = inode_mode_to_security_class(inode->i_mode);
isec->sid = newsid;
isec->initialized = 1;
return 0;
OpenPOWER on IntegriCloud