[PATCH][0/7] xattr consolidation and support for ramfs & tmpfs

[PATCH][0/7] xattr consolidation and support for ramfs & tmpfs

[James Morris]

This series of patches consolidates some common xattr logic into libfs,
saving significant code duplication and making it easier for filesystem
writers to implement xattr support.

The ext3, ext2 and devpts filesytems are then converted to use the new
API, and xattr support is added to ramfs and tmpfs.

Three related LSM hooks are changed to take inodes instead of dentries, 
which is in keeping with the existing ext2 and ext3 code (the existing 
devpts code wants to pass a dentry, but it doesn't need to).

I've done a fair bit of testing of these patches with no problems.  Please 
review and apply if ok.


- James
-- 
James Morris
<jmorris@redhat.com>

[PATCH][1/7] xattr consolidation - libfs

[James Morris]

This patch consolidates common xattr handling logic into libfs, for
use by ext2, ext3 and devpts, as well as upcoming ramfs and tmpfs xattr code.


 fs/libfs.c         |  111 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 include/linux/fs.h |   23 ++++++++++
 2 files changed, 134 insertions(+)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>


diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/libfs.c linux-2.6.8.1-mm2.w/fs/libfs.c
--- linux-2.6.8.1-mm2.p/fs/libfs.c	2004-08-19 10:32:52.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/libfs.c	2004-08-23 00:36:10.438262984 -0400
@@ -521,6 +521,112 @@ int simple_transaction_release(struct in
 	return 0;
 }
 
+int simple_xattr_register(struct simple_xattr_info *info, int idx, struct simple_xattr_handler *handler)
+{
+	int ret = -EINVAL;
+	
+	if (idx > 0 && idx <= SIMPLE_XATTR_MAX) {
+		write_lock(&info->lock);
+		if (!info->handlers[idx - 1]) {
+			info->handlers[idx - 1] = handler;
+			ret = 0;
+		}
+		write_unlock(&info->lock);
+	}
+	return ret;
+}
+
+void simple_xattr_unregister(struct simple_xattr_info *info, int idx, struct simple_xattr_handler *handler)
+{
+	if (idx > 0 || idx <= SIMPLE_XATTR_MAX) {
+		write_lock(&info->lock);
+		info->handlers[idx - 1] = NULL;
+		write_unlock(&info->lock);
+	}
+}
+
+static const char *strcmp_prefix(const char *a, const char *a_prefix)
+{
+	while (*a_prefix && *a == *a_prefix) {
+		a++;
+		a_prefix++;
+	}
+	return *a_prefix ? NULL : a;
+}
+
+struct simple_xattr_handler *simple_xattr_resolve_name(struct simple_xattr_info *info, const char **name)
+{
+	struct simple_xattr_handler *handler = NULL;
+	int i;
+
+	if (!*name)
+		return NULL;
+
+	read_lock(&info->lock);
+	for (i = 0; i < SIMPLE_XATTR_MAX; i++) {
+		if (info->handlers[i]) {
+			const char *n = strcmp_prefix(*name,
+						info->handlers[i]->prefix);
+			if (n) {
+				handler = info->handlers[i];
+				*name = n;
+				break;
+			}
+		}
+	}
+	read_unlock(&info->lock);
+	return handler;
+}
+
+struct simple_xattr_handler *simple_xattr_handler(struct simple_xattr_info *info, int idx)
+{
+	struct simple_xattr_handler *handler = NULL;
+	if (idx > 0 && idx <= SIMPLE_XATTR_MAX) {
+		read_lock(&info->lock);
+		handler = info->handlers[idx - 1];
+		read_unlock(&info->lock);
+	}
+	return handler;
+}
+
+size_t simple_xattr_list(struct simple_xattr_info *info, struct dentry *dentry, char *buffer, size_t buffer_size)
+{
+	struct simple_xattr_handler *handler = NULL;
+	struct inode *inode = dentry->d_inode;
+	int i, error = 0;
+	unsigned int size = 0;
+	char *buf;
+
+	read_lock(&info->lock);
+
+	for (i = 0; i < SIMPLE_XATTR_MAX; i++) {
+		handler = info->handlers[i];
+		if (handler)
+			size += handler->list(inode, NULL, NULL, 0);
+	}
+
+	if (!buffer) {
+		error = size;
+		goto out;
+	} else {
+		error = -ERANGE;
+		if (size > buffer_size)
+			goto out;
+	}
+
+	buf = buffer;
+	for (i = 0; i < SIMPLE_XATTR_MAX; i++) {
+		handler = info->handlers[i];
+		if (handler)
+			buf += handler->list(inode, buf, NULL, 0);
+	}
+	error = size;
+
+out:
+	read_unlock(&info->lock);
+	return size;
+}
+
 EXPORT_SYMBOL(dcache_dir_close);
 EXPORT_SYMBOL(dcache_dir_lseek);
 EXPORT_SYMBOL(dcache_dir_open);
@@ -547,3 +653,8 @@ EXPORT_SYMBOL(simple_read_from_buffer);
 EXPORT_SYMBOL(simple_transaction_get);
 EXPORT_SYMBOL(simple_transaction_read);
 EXPORT_SYMBOL(simple_transaction_release);
+EXPORT_SYMBOL(simple_xattr_register);
+EXPORT_SYMBOL(simple_xattr_unregister);
+EXPORT_SYMBOL(simple_xattr_resolve_name);
+EXPORT_SYMBOL(simple_xattr_handler);
+EXPORT_SYMBOL(simple_xattr_list);
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/include/linux/fs.h linux-2.6.8.1-mm2.w/include/linux/fs.h
--- linux-2.6.8.1-mm2.p/include/linux/fs.h	2004-08-19 10:32:53.000000000 -0400
+++ linux-2.6.8.1-mm2.w/include/linux/fs.h	2004-08-23 00:24:43.985619648 -0400
@@ -1646,6 +1646,29 @@ static inline ino_t parent_ino(struct de
 	return res;
 }
 
+#define SIMPLE_XATTR_MAX 10
+
+struct simple_xattr_handler {
+	char *prefix;
+	size_t (*list)(struct inode *inode, char *list, const char *name,
+		       int name_len);
+	int (*get)(struct inode *inode, const char *name, void *buffer,
+		   size_t size);
+	int (*set)(struct inode *inode, const char *name, const void *buffer,
+		   size_t size, int flags);
+};
+
+struct simple_xattr_info {
+	rwlock_t lock;
+	struct simple_xattr_handler **handlers;
+};
+
+int simple_xattr_register(struct simple_xattr_info *info, int idx, struct simple_xattr_handler *handler);
+void simple_xattr_unregister(struct simple_xattr_info *info, int idx, struct simple_xattr_handler *handler);
+struct simple_xattr_handler *simple_xattr_resolve_name(struct simple_xattr_info *info, const char **name);
+struct simple_xattr_handler *simple_xattr_handler(struct simple_xattr_info *info, int idx);
+size_t simple_xattr_list(struct simple_xattr_info *info, struct dentry *dentry, char *buffer, size_t size);
+
 /* kernel/fork.c */
 extern int unshare_files(void);
 

[PATCH][2/7] xattr consolidation - LSM hook changes

[James Morris]

This patch replaces the dentry parameter with an inode in the LSM
inode_{set|get|list}security hooks, in keeping with the ext2/ext3 code.
dentries are not needed here.


 include/linux/security.h |   30 +++++++++++++++---------------
 security/dummy.c         |    6 +++---
 security/selinux/hooks.c |    8 +++-----
 3 files changed, 21 insertions(+), 23 deletions(-)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>
    
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/include/linux/security.h linux-2.6.8.1-mm2.w/include/linux/security.h
--- linux-2.6.8.1-mm2.p/include/linux/security.h	2004-08-14 10:25:45.000000000 -0400
+++ linux-2.6.8.1-mm2.w/include/linux/security.h	2004-08-23 00:55:03.541005184 -0400
@@ -395,13 +395,13 @@ struct swap_info_struct;
  * 	Return 0 if permission is granted.
  * @inode_getsecurity:
  *	Copy the extended attribute representation of the security label 
- *	associated with @name for @dentry into @buffer.  @buffer may be 
+ *	associated with @name for @inode into @buffer.  @buffer may be 
  *	NULL to request the size of the buffer required.  @size indicates
  *	the size of @buffer in bytes.  Note that @name is the remainder
  *	of the attribute name after the security. prefix has been removed.
  *	Return number of bytes used/required on success.
  * @inode_setsecurity:
- *	Set the security label associated with @name for @dentry from the 
+ *	Set the security label associated with @name for @inode from the 
  *	extended attribute value @value.  @size indicates the size of the
  *	@value in bytes.  @flags may be XATTR_CREATE, XATTR_REPLACE, or 0.
  *	Note that @name is the remainder of the attribute name after the 
@@ -409,7 +409,7 @@ struct swap_info_struct;
  *	Return 0 on success.
  * @inode_listsecurity:
  *	Copy the extended attribute names for the security labels
- *	associated with @dentry into @buffer.  @buffer may be NULL to 
+ *	associated with @inode into @buffer.  @buffer may be NULL to 
  *	request the size of the buffer required.  
  *	Returns number of bytes used/required on success.
  *
@@ -1108,9 +1108,9 @@ struct security_operations {
 	int (*inode_getxattr) (struct dentry *dentry, char *name);
 	int (*inode_listxattr) (struct dentry *dentry);
 	int (*inode_removexattr) (struct dentry *dentry, char *name);
-  	int (*inode_getsecurity)(struct dentry *dentry, const char *name, void *buffer, size_t size);
-  	int (*inode_setsecurity)(struct dentry *dentry, const char *name, const void *value, size_t size, int flags);
-  	int (*inode_listsecurity)(struct dentry *dentry, char *buffer);
+  	int (*inode_getsecurity)(struct inode *inode, const char *name, void *buffer, size_t size);
+  	int (*inode_setsecurity)(struct inode *inode, const char *name, const void *value, size_t size, int flags);
+  	int (*inode_listsecurity)(struct inode *inode, char *buffer);
 
 	int (*file_permission) (struct file * file, int mask);
 	int (*file_alloc_security) (struct file * file);
@@ -1575,19 +1575,19 @@ static inline int security_inode_removex
 	return security_ops->inode_removexattr (dentry, name);
 }
 
-static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
 {
-	return security_ops->inode_getsecurity(dentry, name, buffer, size);
+	return security_ops->inode_getsecurity(inode, name, buffer, size);
 }
 
-static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) 
+static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) 
 {
-	return security_ops->inode_setsecurity(dentry, name, value, size, flags);
+	return security_ops->inode_setsecurity(inode, name, value, size, flags);
 }
 
-static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer)
+static inline int security_inode_listsecurity(struct inode *inode, char *buffer)
 {
-	return security_ops->inode_listsecurity(dentry, buffer);
+	return security_ops->inode_listsecurity(inode, buffer);
 }
 
 static inline int security_file_permission (struct file *file, int mask)
@@ -2214,17 +2214,17 @@ static inline int security_inode_removex
 	return cap_inode_removexattr(dentry, name);
 }
 
-static inline int security_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size)
+static inline int security_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
 {
 	return -EOPNOTSUPP;
 }
 
-static inline int security_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) 
+static inline int security_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) 
 {
 	return -EOPNOTSUPP;
 }
 
-static inline int security_inode_listsecurity(struct dentry *dentry, char *buffer)
+static inline int security_inode_listsecurity(struct inode *inode, char *buffer)
 {
 	return 0;
 }
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/security/dummy.c linux-2.6.8.1-mm2.w/security/dummy.c
--- linux-2.6.8.1-mm2.p/security/dummy.c	2004-08-14 10:25:45.000000000 -0400
+++ linux-2.6.8.1-mm2.w/security/dummy.c	2004-08-23 00:55:03.542005032 -0400
@@ -447,17 +447,17 @@ static int dummy_inode_removexattr (stru
 	return 0;
 }
 
-static int dummy_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size)
+static int dummy_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
 {
 	return -EOPNOTSUPP;
 }
 
-static int dummy_inode_setsecurity(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) 
+static int dummy_inode_setsecurity(struct inode *inode, const char *name, const void *value, size_t size, int flags) 
 {
 	return -EOPNOTSUPP;
 }
 
-static int dummy_inode_listsecurity(struct dentry *dentry, char *buffer)
+static int dummy_inode_listsecurity(struct inode *inode, char *buffer)
 {
 	return 0;
 }
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/security/selinux/hooks.c linux-2.6.8.1-mm2.w/security/selinux/hooks.c
--- linux-2.6.8.1-mm2.p/security/selinux/hooks.c	2004-08-19 10:32:55.000000000 -0400
+++ linux-2.6.8.1-mm2.w/security/selinux/hooks.c	2004-08-23 00:55:03.546004424 -0400
@@ -2331,9 +2331,8 @@ static int selinux_inode_removexattr (st
 	return -EACCES;
 }
 
-static int selinux_inode_getsecurity(struct dentry *dentry, const char *name, void *buffer, size_t size)
+static int selinux_inode_getsecurity(struct inode *inode, const char *name, void *buffer, size_t size)
 {
-	struct inode *inode = dentry->d_inode;
 	struct inode_security_struct *isec = inode->i_security;
 	char *context;
 	unsigned len;
@@ -2361,10 +2360,9 @@ static int selinux_inode_getsecurity(str
 	return len;
 }
 
-static int selinux_inode_setsecurity(struct dentry *dentry, const char *name,
+static int selinux_inode_setsecurity(struct inode *inode, const char *name,
                                      const void *value, size_t size, int flags)
 {
-	struct inode *inode = dentry->d_inode;
 	struct inode_security_struct *isec = inode->i_security;
 	u32 newsid;
 	int rc;
@@ -2383,7 +2381,7 @@ static int selinux_inode_setsecurity(str
 	return 0;
 }
 
-static int selinux_inode_listsecurity(struct dentry *dentry, char *buffer)
+static int selinux_inode_listsecurity(struct inode *inode, char *buffer)
 {
 	const int len = sizeof(XATTR_NAME_SELINUX);
 	if (buffer)

[PATCH][3/7] xattr consolidation - ext3

[James Morris]

This patch converts the ext3 xattr and acl code to the new libfs API.


 fs/ext3/acl.c            |   30 +++++---
 fs/ext3/xattr.c          |  158 ++++++++++++++---------------------------------
 fs/ext3/xattr.h          |   21 +-----
 fs/ext3/xattr_security.c |    6 -
 fs/ext3/xattr_trusted.c  |    4 -
 fs/ext3/xattr_user.c     |    4 -
 6 files changed, 78 insertions(+), 145 deletions(-)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>
    

diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext3/acl.c linux-2.6.8.1-mm2.w/fs/ext3/acl.c
--- linux-2.6.8.1-mm2.p/fs/ext3/acl.c	2004-08-14 10:25:40.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext3/acl.c	2004-08-23 13:20:40.845901072 -0400
@@ -13,6 +13,8 @@
 #include "xattr.h"
 #include "acl.h"
 
+extern struct simple_xattr_info ext3_xattr_info;
+
 /*
  * Convert from filesystem to in-memory representation.
  */
@@ -452,7 +454,7 @@ out:
  * Extended attribute handlers
  */
 static size_t
-ext3_xattr_list_acl_access(char *list, struct inode *inode,
+ext3_xattr_list_acl_access(struct inode *inode, char *list,
 			   const char *name, int name_len)
 {
 	const size_t size = sizeof(XATTR_NAME_ACL_ACCESS);
@@ -465,7 +467,7 @@ ext3_xattr_list_acl_access(char *list, s
 }
 
 static size_t
-ext3_xattr_list_acl_default(char *list, struct inode *inode,
+ext3_xattr_list_acl_default(struct inode *inode, char *list,
 			    const char *name, int name_len)
 {
 	const size_t size = sizeof(XATTR_NAME_ACL_DEFAULT);
@@ -572,14 +574,14 @@ ext3_xattr_set_acl_default(struct inode 
 	return ext3_xattr_set_acl(inode, ACL_TYPE_DEFAULT, value, size);
 }
 
-struct ext3_xattr_handler ext3_xattr_acl_access_handler = {
+struct simple_xattr_handler ext3_xattr_acl_access_handler = {
 	.prefix	= XATTR_NAME_ACL_ACCESS,
 	.list	= ext3_xattr_list_acl_access,
 	.get	= ext3_xattr_get_acl_access,
 	.set	= ext3_xattr_set_acl_access,
 };
 
-struct ext3_xattr_handler ext3_xattr_acl_default_handler = {
+struct simple_xattr_handler ext3_xattr_acl_default_handler = {
 	.prefix	= XATTR_NAME_ACL_DEFAULT,
 	.list	= ext3_xattr_list_acl_default,
 	.get	= ext3_xattr_get_acl_default,
@@ -589,10 +591,12 @@ struct ext3_xattr_handler ext3_xattr_acl
 void
 exit_ext3_acl(void)
 {
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_POSIX_ACL_ACCESS,
-			      &ext3_xattr_acl_access_handler);
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT,
-			      &ext3_xattr_acl_default_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_POSIX_ACL_ACCESS,
+				&ext3_xattr_acl_access_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT,
+				&ext3_xattr_acl_default_handler);
 }
 
 int __init
@@ -600,12 +604,14 @@ init_ext3_acl(void)
 {
 	int error;
 
-	error = ext3_xattr_register(EXT3_XATTR_INDEX_POSIX_ACL_ACCESS,
-				    &ext3_xattr_acl_access_handler);
+	error = simple_xattr_register(&ext3_xattr_info,
+				      EXT3_XATTR_INDEX_POSIX_ACL_ACCESS,
+				      &ext3_xattr_acl_access_handler);
 	if (error)
 		goto fail;
-	error = ext3_xattr_register(EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT,
-				    &ext3_xattr_acl_default_handler);
+	error = simple_xattr_register(&ext3_xattr_info,
+				      EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT,
+				      &ext3_xattr_acl_default_handler);
 	if (error)
 		goto fail;
 	return 0;
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext3/xattr.c linux-2.6.8.1-mm2.w/fs/ext3/xattr.c
--- linux-2.6.8.1-mm2.p/fs/ext3/xattr.c	2004-08-19 10:32:52.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext3/xattr.c	2004-08-23 13:21:25.420124760 -0400
@@ -7,6 +7,7 @@
  * Ext3 code with a lot of help from Eric Jarman <ejarman@acm.org>.
  * Extended attributes for symlinks and special files added per
  *  suggestion of Luka Renko <luka.renko@hermes.si>.
+ * libfs consolidation James Morris <jmorris@redhat.com>
  */
 
 /*
@@ -87,6 +88,8 @@
 # define ea_bdebug(f...)
 #endif
 
+struct simple_xattr_info ext3_xattr_info;
+
 static int ext3_xattr_set_handle2(handle_t *, struct inode *,
 				  struct buffer_head *,
 				  struct ext3_xattr_header *);
@@ -100,84 +103,7 @@ static void ext3_xattr_rehash(struct ext
 			      struct ext3_xattr_entry *);
 
 static struct mb_cache *ext3_xattr_cache;
-static struct ext3_xattr_handler *ext3_xattr_handlers[EXT3_XATTR_INDEX_MAX];
-static rwlock_t ext3_handler_lock = RW_LOCK_UNLOCKED;
-
-int
-ext3_xattr_register(int name_index, struct ext3_xattr_handler *handler)
-{
-	int error = -EINVAL;
-
-	if (name_index > 0 && name_index <= EXT3_XATTR_INDEX_MAX) {
-		write_lock(&ext3_handler_lock);
-		if (!ext3_xattr_handlers[name_index-1]) {
-			ext3_xattr_handlers[name_index-1] = handler;
-			error = 0;
-		}
-		write_unlock(&ext3_handler_lock);
-	}
-	return error;
-}
-
-void
-ext3_xattr_unregister(int name_index, struct ext3_xattr_handler *handler)
-{
-	if (name_index > 0 || name_index <= EXT3_XATTR_INDEX_MAX) {
-		write_lock(&ext3_handler_lock);
-		ext3_xattr_handlers[name_index-1] = NULL;
-		write_unlock(&ext3_handler_lock);
-	}
-}
-
-static inline const char *
-strcmp_prefix(const char *a, const char *a_prefix)
-{
-	while (*a_prefix && *a == *a_prefix) {
-		a++;
-		a_prefix++;
-	}
-	return *a_prefix ? NULL : a;
-}
-
-/*
- * Decode the extended attribute name, and translate it into
- * the name_index and name suffix.
- */
-static inline struct ext3_xattr_handler *
-ext3_xattr_resolve_name(const char **name)
-{
-	struct ext3_xattr_handler *handler = NULL;
-	int i;
-
-	if (!*name)
-		return NULL;
-	read_lock(&ext3_handler_lock);
-	for (i=0; i<EXT3_XATTR_INDEX_MAX; i++) {
-		if (ext3_xattr_handlers[i]) {
-			const char *n = strcmp_prefix(*name,
-				ext3_xattr_handlers[i]->prefix);
-			if (n) {
-				handler = ext3_xattr_handlers[i];
-				*name = n;
-				break;
-			}
-		}
-	}
-	read_unlock(&ext3_handler_lock);
-	return handler;
-}
-
-static inline struct ext3_xattr_handler *
-ext3_xattr_handler(int name_index)
-{
-	struct ext3_xattr_handler *handler = NULL;
-	if (name_index > 0 && name_index <= EXT3_XATTR_INDEX_MAX) {
-		read_lock(&ext3_handler_lock);
-		handler = ext3_xattr_handlers[name_index-1];
-		read_unlock(&ext3_handler_lock);
-	}
-	return handler;
-}
+static struct simple_xattr_handler *ext3_xattr_handlers[SIMPLE_XATTR_MAX];
 
 /*
  * Inode operation getxattr()
@@ -188,10 +114,10 @@ ssize_t
 ext3_getxattr(struct dentry *dentry, const char *name,
 	      void *buffer, size_t size)
 {
-	struct ext3_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
 	struct inode *inode = dentry->d_inode;
 
-	handler = ext3_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&ext3_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
 	return handler->get(inode, name, buffer, size);
@@ -217,12 +143,12 @@ int
 ext3_setxattr(struct dentry *dentry, const char *name,
 	      const void *value, size_t size, int flags)
 {
-	struct ext3_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
 	struct inode *inode = dentry->d_inode;
 
 	if (size == 0)
 		value = "";  /* empty EA, do not remove */
-	handler = ext3_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&ext3_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
 	return handler->set(inode, name, value, size, flags);
@@ -236,10 +162,10 @@ ext3_setxattr(struct dentry *dentry, con
 int
 ext3_removexattr(struct dentry *dentry, const char *name)
 {
-	struct ext3_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
 	struct inode *inode = dentry->d_inode;
 
-	handler = ext3_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&ext3_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
 	return handler->set(inode, name, NULL, 0, XATTR_REPLACE);
@@ -393,15 +319,16 @@ bad_block:	ext3_error(inode->i_sb, "ext3
 	/* compute the size required for the list of attribute names */
 	for (entry = FIRST_ENTRY(bh); !IS_LAST_ENTRY(entry);
 	     entry = EXT3_XATTR_NEXT(entry)) {
-		struct ext3_xattr_handler *handler;
+		struct simple_xattr_handler *handler;
 		struct ext3_xattr_entry *next =
 			EXT3_XATTR_NEXT(entry);
 		if ((char *)next >= end)
 			goto bad_block;
 
-		handler = ext3_xattr_handler(entry->e_name_index);
+		handler = simple_xattr_handler(&ext3_xattr_info,
+					       entry->e_name_index);
 		if (handler)
-			size += handler->list(NULL, inode, entry->e_name,
+			size += handler->list(inode, NULL, entry->e_name,
 					      entry->e_name_len);
 	}
 
@@ -420,12 +347,13 @@ bad_block:	ext3_error(inode->i_sb, "ext3
 	buf = buffer;
 	for (entry = FIRST_ENTRY(bh); !IS_LAST_ENTRY(entry);
 	     entry = EXT3_XATTR_NEXT(entry)) {
-		struct ext3_xattr_handler *handler;
+		struct simple_xattr_handler *handler;
 
-		handler = ext3_xattr_handler(entry->e_name_index);
+		handler = simple_xattr_handler(&ext3_xattr_info,
+					       entry->e_name_index);
 		if (handler)
-			buf += handler->list(buf, inode, entry->e_name,
-					     entry->e_name_len);
+			buf += handler->list(inode, buf,
+					     entry->e_name, entry->e_name_len);
 	}
 	error = size;
 
@@ -1180,17 +1108,23 @@ init_ext3_xattr(void)
 {
 	int	err;
 
-	err = ext3_xattr_register(EXT3_XATTR_INDEX_USER,
-				  &ext3_xattr_user_handler);
+	ext3_xattr_info.lock = RW_LOCK_UNLOCKED;
+	ext3_xattr_info.handlers = ext3_xattr_handlers;
+        
+	err = simple_xattr_register(&ext3_xattr_info,
+				    EXT3_XATTR_INDEX_USER,
+				    &ext3_xattr_user_handler);
 	if (err)
 		return err;
-	err = ext3_xattr_register(EXT3_XATTR_INDEX_TRUSTED,
-				  &ext3_xattr_trusted_handler);
+	err = simple_xattr_register(&ext3_xattr_info,
+				    EXT3_XATTR_INDEX_TRUSTED,
+				    &ext3_xattr_trusted_handler);
 	if (err)
 		goto out;
 #ifdef CONFIG_EXT3_FS_SECURITY
-	err = ext3_xattr_register(EXT3_XATTR_INDEX_SECURITY,
-				  &ext3_xattr_security_handler);
+	err = simple_xattr_register(&ext3_xattr_info,
+				    EXT3_XATTR_INDEX_SECURITY,
+				    &ext3_xattr_security_handler);
 	if (err)
 		goto out1;
 #endif
@@ -1213,15 +1147,18 @@ out3:
 out2:
 #endif
 #ifdef CONFIG_EXT3_FS_SECURITY
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_SECURITY,
-			      &ext3_xattr_security_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_SECURITY,
+				&ext3_xattr_security_handler);
 out1:
 #endif
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_TRUSTED,
-			      &ext3_xattr_trusted_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_TRUSTED,
+				&ext3_xattr_trusted_handler);
 out:
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_USER,
-			      &ext3_xattr_user_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_USER,
+				&ext3_xattr_user_handler);
 	return err;
 }
 
@@ -1235,11 +1172,14 @@ exit_ext3_xattr(void)
 	exit_ext3_acl();
 #endif
 #ifdef CONFIG_EXT3_FS_SECURITY
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_SECURITY,
-			      &ext3_xattr_security_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_SECURITY,
+				&ext3_xattr_security_handler);
 #endif
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_TRUSTED,
-			      &ext3_xattr_trusted_handler);
-	ext3_xattr_unregister(EXT3_XATTR_INDEX_USER,
-			      &ext3_xattr_user_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_TRUSTED,
+				&ext3_xattr_trusted_handler);
+	simple_xattr_unregister(&ext3_xattr_info,
+				EXT3_XATTR_INDEX_USER,
+				&ext3_xattr_user_handler);
 }
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext3/xattr.h linux-2.6.8.1-mm2.w/fs/ext3/xattr.h
--- linux-2.6.8.1-mm2.p/fs/ext3/xattr.h	2004-06-16 01:20:04.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext3/xattr.h	2004-08-23 13:20:40.848900616 -0400
@@ -16,7 +16,6 @@
 #define EXT3_XATTR_REFCOUNT_MAX		1024
 
 /* Name indexes */
-#define EXT3_XATTR_INDEX_MAX			10
 #define EXT3_XATTR_INDEX_USER			1
 #define EXT3_XATTR_INDEX_POSIX_ACL_ACCESS	2
 #define EXT3_XATTR_INDEX_POSIX_ACL_DEFAULT	3
@@ -56,19 +55,6 @@ struct ext3_xattr_entry {
 
 # ifdef CONFIG_EXT3_FS_XATTR
 
-struct ext3_xattr_handler {
-	char *prefix;
-	size_t (*list)(char *list, struct inode *inode, const char *name,
-		       int name_len);
-	int (*get)(struct inode *inode, const char *name, void *buffer,
-		   size_t size);
-	int (*set)(struct inode *inode, const char *name, const void *buffer,
-		   size_t size, int flags);
-};
-
-extern int ext3_xattr_register(int, struct ext3_xattr_handler *);
-extern void ext3_xattr_unregister(int, struct ext3_xattr_handler *);
-
 extern int ext3_setxattr(struct dentry *, const char *, const void *, size_t, int);
 extern ssize_t ext3_getxattr(struct dentry *, const char *, void *, size_t);
 extern ssize_t ext3_listxattr(struct dentry *, char *, size_t);
@@ -141,6 +127,7 @@ exit_ext3_xattr(void)
 
 # endif  /* CONFIG_EXT3_FS_XATTR */
 
-extern struct ext3_xattr_handler ext3_xattr_user_handler;
-extern struct ext3_xattr_handler ext3_xattr_trusted_handler;
-extern struct ext3_xattr_handler ext3_xattr_security_handler;
+extern struct simple_xattr_handler ext3_xattr_user_handler;
+extern struct simple_xattr_handler ext3_xattr_trusted_handler;
+extern struct simple_xattr_handler ext3_xattr_security_handler;
+
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext3/xattr_security.c linux-2.6.8.1-mm2.w/fs/ext3/xattr_security.c
--- linux-2.6.8.1-mm2.p/fs/ext3/xattr_security.c	2004-06-16 01:19:23.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext3/xattr_security.c	2004-08-23 13:20:40.849900464 -0400
@@ -12,8 +12,8 @@
 #include "xattr.h"
 
 static size_t
-ext3_xattr_security_list(char *list, struct inode *inode,
-		    const char *name, int name_len)
+ext3_xattr_security_list(struct inode *inode, char *list,
+			 const char *name, int name_len)
 {
 	const int prefix_len = sizeof(XATTR_SECURITY_PREFIX)-1;
 
@@ -45,7 +45,7 @@ ext3_xattr_security_set(struct inode *in
 			      value, size, flags);
 }
 
-struct ext3_xattr_handler ext3_xattr_security_handler = {
+struct simple_xattr_handler ext3_xattr_security_handler = {
 	.prefix	= XATTR_SECURITY_PREFIX,
 	.list	= ext3_xattr_security_list,
 	.get	= ext3_xattr_security_get,
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext3/xattr_trusted.c linux-2.6.8.1-mm2.w/fs/ext3/xattr_trusted.c
--- linux-2.6.8.1-mm2.p/fs/ext3/xattr_trusted.c	2004-06-16 01:19:42.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext3/xattr_trusted.c	2004-08-23 13:20:40.850900312 -0400
@@ -16,7 +16,7 @@
 #define XATTR_TRUSTED_PREFIX "trusted."
 
 static size_t
-ext3_xattr_trusted_list(char *list, struct inode *inode,
+ext3_xattr_trusted_list(struct inode *inode, char *list,
 			const char *name, int name_len)
 {
 	const int prefix_len = sizeof(XATTR_TRUSTED_PREFIX)-1;
@@ -56,7 +56,7 @@ ext3_xattr_trusted_set(struct inode *ino
 			      value, size, flags);
 }
 
-struct ext3_xattr_handler ext3_xattr_trusted_handler = {
+struct simple_xattr_handler ext3_xattr_trusted_handler = {
 	.prefix	= XATTR_TRUSTED_PREFIX,
 	.list	= ext3_xattr_trusted_list,
 	.get	= ext3_xattr_trusted_get,
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext3/xattr_user.c linux-2.6.8.1-mm2.w/fs/ext3/xattr_user.c
--- linux-2.6.8.1-mm2.p/fs/ext3/xattr_user.c	2004-06-16 01:18:58.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext3/xattr_user.c	2004-08-23 13:20:40.851900160 -0400
@@ -16,7 +16,7 @@
 #define XATTR_USER_PREFIX "user."
 
 static size_t
-ext3_xattr_user_list(char *list, struct inode *inode,
+ext3_xattr_user_list(struct inode *inode, char *list,
 		     const char *name, int name_len)
 {
 	const int prefix_len = sizeof(XATTR_USER_PREFIX)-1;
@@ -70,7 +70,7 @@ ext3_xattr_user_set(struct inode *inode,
 			      value, size, flags);
 }
 
-struct ext3_xattr_handler ext3_xattr_user_handler = {
+struct simple_xattr_handler ext3_xattr_user_handler = {
 	.prefix	= XATTR_USER_PREFIX,
 	.list	= ext3_xattr_user_list,
 	.get	= ext3_xattr_user_get,

[PATCH][4/7] xattr consolidation - ext2

[James Morris]

This patch converts ext2 xattr and acl code to the new libs API, as well
as removing two unused functions: init_ext2_xattr_user() and
exit_ext2_xattr_user().


 fs/ext2/acl.c            |   30 +++++---
 fs/ext2/xattr.c          |  158 ++++++++++++++---------------------------------
 fs/ext2/xattr.h          |   19 -----
 fs/ext2/xattr_security.c |    4 -
 fs/ext2/xattr_trusted.c  |    4 -
 fs/ext2/xattr_user.c     |   18 -----
 6 files changed, 75 insertions(+), 158 deletions(-)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>

diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext2/acl.c linux-2.6.8.1-mm2.w/fs/ext2/acl.c
--- linux-2.6.8.1-mm2.p/fs/ext2/acl.c	2004-08-14 10:25:39.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext2/acl.c	2004-08-23 13:25:02.114182256 -0400
@@ -12,6 +12,8 @@
 #include "xattr.h"
 #include "acl.h"
 
+extern struct simple_xattr_info ext2_xattr_info;
+
 /*
  * Convert from filesystem to in-memory representation.
  */
@@ -429,7 +431,7 @@ ext2_acl_chmod(struct inode *inode)
  * Extended attribut handlers
  */
 static size_t
-ext2_xattr_list_acl_access(char *list, struct inode *inode,
+ext2_xattr_list_acl_access(struct inode *inode, char *list,
 			   const char *name, int name_len)
 {
 	const size_t size = sizeof(XATTR_NAME_ACL_ACCESS);
@@ -442,7 +444,7 @@ ext2_xattr_list_acl_access(char *list, s
 }
 
 static size_t
-ext2_xattr_list_acl_default(char *list, struct inode *inode,
+ext2_xattr_list_acl_default(struct inode *inode, char *list,
 			    const char *name, int name_len)
 {
 	const size_t size = sizeof(XATTR_NAME_ACL_DEFAULT);
@@ -541,14 +543,14 @@ ext2_xattr_set_acl_default(struct inode 
 	return ext2_xattr_set_acl(inode, ACL_TYPE_DEFAULT, value, size);
 }
 
-struct ext2_xattr_handler ext2_xattr_acl_access_handler = {
+struct simple_xattr_handler ext2_xattr_acl_access_handler = {
 	.prefix	= XATTR_NAME_ACL_ACCESS,
 	.list	= ext2_xattr_list_acl_access,
 	.get	= ext2_xattr_get_acl_access,
 	.set	= ext2_xattr_set_acl_access,
 };
 
-struct ext2_xattr_handler ext2_xattr_acl_default_handler = {
+struct simple_xattr_handler ext2_xattr_acl_default_handler = {
 	.prefix	= XATTR_NAME_ACL_DEFAULT,
 	.list	= ext2_xattr_list_acl_default,
 	.get	= ext2_xattr_get_acl_default,
@@ -558,10 +560,12 @@ struct ext2_xattr_handler ext2_xattr_acl
 void
 exit_ext2_acl(void)
 {
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_POSIX_ACL_ACCESS,
-			      &ext2_xattr_acl_access_handler);
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT,
-			      &ext2_xattr_acl_default_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_POSIX_ACL_ACCESS,
+				&ext2_xattr_acl_access_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT,
+				&ext2_xattr_acl_default_handler);
 }
 
 int __init
@@ -569,12 +573,14 @@ init_ext2_acl(void)
 {
 	int error;
 
-	error = ext2_xattr_register(EXT2_XATTR_INDEX_POSIX_ACL_ACCESS,
-				    &ext2_xattr_acl_access_handler);
+	error = simple_xattr_register(&ext2_xattr_info,
+				      EXT2_XATTR_INDEX_POSIX_ACL_ACCESS,
+				      &ext2_xattr_acl_access_handler);
 	if (error)
 		goto fail;
-	error = ext2_xattr_register(EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT,
-				    &ext2_xattr_acl_default_handler);
+	error = simple_xattr_register(&ext2_xattr_info,
+				      EXT2_XATTR_INDEX_POSIX_ACL_DEFAULT,
+				      &ext2_xattr_acl_default_handler);
 	if (error)
 		goto fail;
 	return 0;
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext2/xattr.c linux-2.6.8.1-mm2.w/fs/ext2/xattr.c
--- linux-2.6.8.1-mm2.p/fs/ext2/xattr.c	2004-08-14 10:25:40.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext2/xattr.c	2004-08-23 13:25:23.235971256 -0400
@@ -6,6 +6,7 @@
  * Fix by Harrison Xing <harrison@mountainviewdata.com>.
  * Extended attributes for symlinks and special files added per
  *  suggestion of Luka Renko <luka.renko@hermes.si>.
+ * libfs consolidation James Morris <jmorris@redhat.com>
  */
 
 /*
@@ -62,8 +63,6 @@
 #include "acl.h"
 
 /* These symbols may be needed by a module. */
-EXPORT_SYMBOL(ext2_xattr_register);
-EXPORT_SYMBOL(ext2_xattr_unregister);
 EXPORT_SYMBOL(ext2_xattr_get);
 EXPORT_SYMBOL(ext2_xattr_list);
 EXPORT_SYMBOL(ext2_xattr_set);
@@ -93,6 +92,8 @@ EXPORT_SYMBOL(ext2_xattr_set);
 # define ea_bdebug(f...)
 #endif
 
+struct simple_xattr_info ext2_xattr_info;
+
 static int ext2_xattr_set2(struct inode *, struct buffer_head *,
 			   struct ext2_xattr_header *);
 
@@ -104,84 +105,7 @@ static void ext2_xattr_rehash(struct ext
 			      struct ext2_xattr_entry *);
 
 static struct mb_cache *ext2_xattr_cache;
-static struct ext2_xattr_handler *ext2_xattr_handlers[EXT2_XATTR_INDEX_MAX];
-static rwlock_t ext2_handler_lock = RW_LOCK_UNLOCKED;
-
-int
-ext2_xattr_register(int name_index, struct ext2_xattr_handler *handler)
-{
-	int error = -EINVAL;
-
-	if (name_index > 0 && name_index <= EXT2_XATTR_INDEX_MAX) {
-		write_lock(&ext2_handler_lock);
-		if (!ext2_xattr_handlers[name_index-1]) {
-			ext2_xattr_handlers[name_index-1] = handler;
-			error = 0;
-		}
-		write_unlock(&ext2_handler_lock);
-	}
-	return error;
-}
-
-void
-ext2_xattr_unregister(int name_index, struct ext2_xattr_handler *handler)
-{
-	if (name_index > 0 || name_index <= EXT2_XATTR_INDEX_MAX) {
-		write_lock(&ext2_handler_lock);
-		ext2_xattr_handlers[name_index-1] = NULL;
-		write_unlock(&ext2_handler_lock);
-	}
-}
-
-static inline const char *
-strcmp_prefix(const char *a, const char *a_prefix)
-{
-	while (*a_prefix && *a == *a_prefix) {
-		a++;
-		a_prefix++;
-	}
-	return *a_prefix ? NULL : a;
-}
-
-/*
- * Decode the extended attribute name, and translate it into
- * the name_index and name suffix.
- */
-static struct ext2_xattr_handler *
-ext2_xattr_resolve_name(const char **name)
-{
-	struct ext2_xattr_handler *handler = NULL;
-	int i;
-
-	if (!*name)
-		return NULL;
-	read_lock(&ext2_handler_lock);
-	for (i=0; i<EXT2_XATTR_INDEX_MAX; i++) {
-		if (ext2_xattr_handlers[i]) {
-			const char *n = strcmp_prefix(*name,
-				ext2_xattr_handlers[i]->prefix);
-			if (n) {
-				handler = ext2_xattr_handlers[i];
-				*name = n;
-				break;
-			}
-		}
-	}
-	read_unlock(&ext2_handler_lock);
-	return handler;
-}
-
-static inline struct ext2_xattr_handler *
-ext2_xattr_handler(int name_index)
-{
-	struct ext2_xattr_handler *handler = NULL;
-	if (name_index > 0 && name_index <= EXT2_XATTR_INDEX_MAX) {
-		read_lock(&ext2_handler_lock);
-		handler = ext2_xattr_handlers[name_index-1];
-		read_unlock(&ext2_handler_lock);
-	}
-	return handler;
-}
+static struct simple_xattr_handler *ext2_xattr_handlers[SIMPLE_XATTR_MAX];
 
 /*
  * Inode operation getxattr()
@@ -192,10 +116,10 @@ ssize_t
 ext2_getxattr(struct dentry *dentry, const char *name,
 	      void *buffer, size_t size)
 {
-	struct ext2_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
 	struct inode *inode = dentry->d_inode;
 
-	handler = ext2_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&ext2_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
 	return handler->get(inode, name, buffer, size);
@@ -221,12 +145,12 @@ int
 ext2_setxattr(struct dentry *dentry, const char *name,
 	      const void *value, size_t size, int flags)
 {
-	struct ext2_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
 	struct inode *inode = dentry->d_inode;
 
 	if (size == 0)
 		value = "";  /* empty EA, do not remove */
-	handler = ext2_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&ext2_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
 	return handler->set(inode, name, value, size, flags);
@@ -240,10 +164,10 @@ ext2_setxattr(struct dentry *dentry, con
 int
 ext2_removexattr(struct dentry *dentry, const char *name)
 {
-	struct ext2_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
 	struct inode *inode = dentry->d_inode;
 
-	handler = ext2_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&ext2_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
 	return handler->set(inode, name, NULL, 0, XATTR_REPLACE);
@@ -397,15 +321,16 @@ bad_block:	ext2_error(inode->i_sb, "ext2
 	/* compute the size required for the list of attribute names */
 	for (entry = FIRST_ENTRY(bh); !IS_LAST_ENTRY(entry);
 	     entry = EXT2_XATTR_NEXT(entry)) {
-		struct ext2_xattr_handler *handler;
+		struct simple_xattr_handler *handler;
 		struct ext2_xattr_entry *next =
 			EXT2_XATTR_NEXT(entry);
 		if ((char *)next >= end)
 			goto bad_block;
 
-		handler = ext2_xattr_handler(entry->e_name_index);
+		handler = simple_xattr_handler(&ext2_xattr_info,
+					       entry->e_name_index);
 		if (handler)
-			size += handler->list(NULL, inode, entry->e_name,
+			size += handler->list(inode, NULL, entry->e_name,
 					      entry->e_name_len);
 	}
 
@@ -424,11 +349,12 @@ bad_block:	ext2_error(inode->i_sb, "ext2
 	buf = buffer;
 	for (entry = FIRST_ENTRY(bh); !IS_LAST_ENTRY(entry);
 	     entry = EXT2_XATTR_NEXT(entry)) {
-		struct ext2_xattr_handler *handler;
+		struct simple_xattr_handler *handler;
 		
-		handler = ext2_xattr_handler(entry->e_name_index);
+		handler = simple_xattr_handler(&ext2_xattr_info,
+					       entry->e_name_index);
 		if (handler)
-			buf += handler->list(buf, inode, entry->e_name,
+			buf += handler->list(inode, buf, entry->e_name,
 					     entry->e_name_len);
 	}
 	error = size;
@@ -1121,18 +1047,24 @@ int __init
 init_ext2_xattr(void)
 {
 	int	err;
+
+	ext2_xattr_info.lock = RW_LOCK_UNLOCKED;
+	ext2_xattr_info.handlers = ext2_xattr_handlers;
 	
-	err = ext2_xattr_register(EXT2_XATTR_INDEX_USER,
-				  &ext2_xattr_user_handler);
+	err = simple_xattr_register(&ext2_xattr_info,
+				    EXT2_XATTR_INDEX_USER,
+				    &ext2_xattr_user_handler);
 	if (err)
 		return err;
-	err = ext2_xattr_register(EXT2_XATTR_INDEX_TRUSTED,
-				  &ext2_xattr_trusted_handler);
+	err = simple_xattr_register(&ext2_xattr_info,
+				    EXT2_XATTR_INDEX_TRUSTED,
+				    &ext2_xattr_trusted_handler);
 	if (err)
 		goto out;
 #ifdef CONFIG_EXT2_FS_SECURITY
-	err = ext2_xattr_register(EXT2_XATTR_INDEX_SECURITY,
-				  &ext2_xattr_security_handler);
+	err = simple_xattr_register(&ext2_xattr_info,
+				    EXT2_XATTR_INDEX_SECURITY,
+				    &ext2_xattr_security_handler);
 	if (err)
 		goto out1;
 #endif
@@ -1155,15 +1087,18 @@ out3:
 out2:
 #endif
 #ifdef CONFIG_EXT2_FS_SECURITY
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_SECURITY,
-			      &ext2_xattr_security_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_SECURITY,
+				&ext2_xattr_security_handler);
 out1:
 #endif
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_TRUSTED,
-			      &ext2_xattr_trusted_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_TRUSTED,
+				&ext2_xattr_trusted_handler);
 out:
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_USER,
-			      &ext2_xattr_user_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_USER,
+				&ext2_xattr_user_handler);
 	return err;
 }
 
@@ -1175,11 +1110,14 @@ exit_ext2_xattr(void)
 	exit_ext2_acl();
 #endif
 #ifdef CONFIG_EXT2_FS_SECURITY
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_SECURITY,
-			      &ext2_xattr_security_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_SECURITY,
+				&ext2_xattr_security_handler);
 #endif
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_TRUSTED,
-			      &ext2_xattr_trusted_handler);
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_USER,
-			      &ext2_xattr_user_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_TRUSTED,
+				&ext2_xattr_trusted_handler);
+	simple_xattr_unregister(&ext2_xattr_info,
+				EXT2_XATTR_INDEX_USER,
+				&ext2_xattr_user_handler);
 }
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext2/xattr.h linux-2.6.8.1-mm2.w/fs/ext2/xattr.h
--- linux-2.6.8.1-mm2.p/fs/ext2/xattr.h	2004-06-16 01:19:42.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext2/xattr.h	2004-08-23 13:25:02.117181800 -0400
@@ -57,19 +57,6 @@ struct ext2_xattr_entry {
 
 # ifdef CONFIG_EXT2_FS_XATTR
 
-struct ext2_xattr_handler {
-	char *prefix;
-	size_t (*list)(char *list, struct inode *inode, const char *name,
-		       int name_len);
-	int (*get)(struct inode *inode, const char *name, void *buffer,
-		   size_t size);
-	int (*set)(struct inode *inode, const char *name, const void *buffer,
-		   size_t size, int flags);
-};
-
-extern int ext2_xattr_register(int, struct ext2_xattr_handler *);
-extern void ext2_xattr_unregister(int, struct ext2_xattr_handler *);
-
 extern int ext2_setxattr(struct dentry *, const char *, const void *, size_t, int);
 extern ssize_t ext2_getxattr(struct dentry *, const char *, void *, size_t);
 extern ssize_t ext2_listxattr(struct dentry *, char *, size_t);
@@ -134,7 +121,7 @@ exit_ext2_xattr(void)
 
 # endif  /* CONFIG_EXT2_FS_XATTR */
 
-extern struct ext2_xattr_handler ext2_xattr_user_handler;
-extern struct ext2_xattr_handler ext2_xattr_trusted_handler;
-extern struct ext2_xattr_handler ext2_xattr_security_handler;
+extern struct simple_xattr_handler ext2_xattr_user_handler;
+extern struct simple_xattr_handler ext2_xattr_trusted_handler;
+extern struct simple_xattr_handler ext2_xattr_security_handler;
 
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext2/xattr_security.c linux-2.6.8.1-mm2.w/fs/ext2/xattr_security.c
--- linux-2.6.8.1-mm2.p/fs/ext2/xattr_security.c	2004-06-16 01:19:23.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext2/xattr_security.c	2004-08-23 13:25:02.118181648 -0400
@@ -11,7 +11,7 @@
 #include "xattr.h"
 
 static size_t
-ext2_xattr_security_list(char *list, struct inode *inode,
+ext2_xattr_security_list(struct inode *inode, char *list,
 			const char *name, int name_len)
 {
 	const int prefix_len = sizeof(XATTR_SECURITY_PREFIX)-1;
@@ -44,7 +44,7 @@ ext2_xattr_security_set(struct inode *in
 			      value, size, flags);
 }
 
-struct ext2_xattr_handler ext2_xattr_security_handler = {
+struct simple_xattr_handler ext2_xattr_security_handler = {
 	.prefix	= XATTR_SECURITY_PREFIX,
 	.list	= ext2_xattr_security_list,
 	.get	= ext2_xattr_security_get,
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext2/xattr_trusted.c linux-2.6.8.1-mm2.w/fs/ext2/xattr_trusted.c
--- linux-2.6.8.1-mm2.p/fs/ext2/xattr_trusted.c	2004-06-16 01:18:58.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext2/xattr_trusted.c	2004-08-23 13:25:02.119181496 -0400
@@ -15,7 +15,7 @@
 #define XATTR_TRUSTED_PREFIX "trusted."
 
 static size_t
-ext2_xattr_trusted_list(char *list, struct inode *inode,
+ext2_xattr_trusted_list(struct inode *inode, char *list,
 			const char *name, int name_len)
 {
 	const int prefix_len = sizeof(XATTR_TRUSTED_PREFIX)-1;
@@ -55,7 +55,7 @@ ext2_xattr_trusted_set(struct inode *ino
 			      value, size, flags);
 }
 
-struct ext2_xattr_handler ext2_xattr_trusted_handler = {
+struct simple_xattr_handler ext2_xattr_trusted_handler = {
 	.prefix	= XATTR_TRUSTED_PREFIX,
 	.list	= ext2_xattr_trusted_list,
 	.get	= ext2_xattr_trusted_get,
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ext2/xattr_user.c linux-2.6.8.1-mm2.w/fs/ext2/xattr_user.c
--- linux-2.6.8.1-mm2.p/fs/ext2/xattr_user.c	2004-06-16 01:19:36.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ext2/xattr_user.c	2004-08-23 13:25:02.120181344 -0400
@@ -14,7 +14,7 @@
 #define XATTR_USER_PREFIX "user."
 
 static size_t
-ext2_xattr_user_list(char *list, struct inode *inode,
+ext2_xattr_user_list(struct inode *inode, char *list,
 		     const char *name, int name_len)
 {
 	const int prefix_len = sizeof(XATTR_USER_PREFIX)-1;
@@ -68,23 +68,9 @@ ext2_xattr_user_set(struct inode *inode,
 			      value, size, flags);
 }
 
-struct ext2_xattr_handler ext2_xattr_user_handler = {
+struct simple_xattr_handler ext2_xattr_user_handler = {
 	.prefix	= XATTR_USER_PREFIX,
 	.list	= ext2_xattr_user_list,
 	.get	= ext2_xattr_user_get,
 	.set	= ext2_xattr_user_set,
 };
-
-int __init
-init_ext2_xattr_user(void)
-{
-	return ext2_xattr_register(EXT2_XATTR_INDEX_USER,
-				   &ext2_xattr_user_handler);
-}
-
-void
-exit_ext2_xattr_user(void)
-{
-	ext2_xattr_unregister(EXT2_XATTR_INDEX_USER,
-			      &ext2_xattr_user_handler);
-}

[5/7] xattr consolidation - devpts

[James Morris]

This patch updates the devpts xattr handler code to the new libs API, also
adds a GPL notice, author and copyright details.


 fs/devpts/xattr.c          |  171 +++++++++------------------------------------
 fs/devpts/xattr.h          |   16 ----
 fs/devpts/xattr_security.c |   34 +++++---
 3 files changed, 58 insertions(+), 163 deletions(-)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>
    
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/devpts/xattr.c linux-2.6.8.1-mm2.w/fs/devpts/xattr.c
--- linux-2.6.8.1-mm2.p/fs/devpts/xattr.c	2004-08-23 01:23:25.470272608 -0400
+++ linux-2.6.8.1-mm2.w/fs/devpts/xattr.c	2004-08-23 01:25:08.832559152 -0400
@@ -1,97 +1,24 @@
 /*
-  File: fs/devpts/xattr.c
- 
-  Derived from fs/ext3/xattr.c, changed in the following ways:
-      drop everything related to persistent storage of EAs
-      pass dentry rather than inode to internal methods
-      only presently define a handler for security modules
-*/
-
+ * Pseudo xattr support for devpts.
+ *
+ * Originally derived from fs/ext3/xattr.c, changed in the following ways:
+ *   drop everything related to persistent storage of EAs
+ *   only presently define a handler for security modules
+ *
+ * Author: Stephen Smalley <sds@epoch.ncsc.mil>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option) 
+ * any later version.
+ */
 #include <linux/init.h>
 #include <linux/fs.h>
-#include <linux/slab.h>
-#include <linux/string.h>
-#include <asm/semaphore.h>
 #include "xattr.h"
 
-static struct devpts_xattr_handler *devpts_xattr_handlers[DEVPTS_XATTR_INDEX_MAX];
-static rwlock_t devpts_handler_lock = RW_LOCK_UNLOCKED;
-
-int
-devpts_xattr_register(int name_index, struct devpts_xattr_handler *handler)
-{
-	int error = -EINVAL;
-
-	if (name_index > 0 && name_index <= DEVPTS_XATTR_INDEX_MAX) {
-		write_lock(&devpts_handler_lock);
-		if (!devpts_xattr_handlers[name_index-1]) {
-			devpts_xattr_handlers[name_index-1] = handler;
-			error = 0;
-		}
-		write_unlock(&devpts_handler_lock);
-	}
-	return error;
-}
-
-void
-devpts_xattr_unregister(int name_index, struct devpts_xattr_handler *handler)
-{
-	if (name_index > 0 || name_index <= DEVPTS_XATTR_INDEX_MAX) {
-		write_lock(&devpts_handler_lock);
-		devpts_xattr_handlers[name_index-1] = NULL;
-		write_unlock(&devpts_handler_lock);
-	}
-}
-
-static inline const char *
-strcmp_prefix(const char *a, const char *a_prefix)
-{
-	while (*a_prefix && *a == *a_prefix) {
-		a++;
-		a_prefix++;
-	}
-	return *a_prefix ? NULL : a;
-}
-
-/*
- * Decode the extended attribute name, and translate it into
- * the name_index and name suffix.
- */
-static inline struct devpts_xattr_handler *
-devpts_xattr_resolve_name(const char **name)
-{
-	struct devpts_xattr_handler *handler = NULL;
-	int i;
-
-	if (!*name)
-		return NULL;
-	read_lock(&devpts_handler_lock);
-	for (i=0; i<DEVPTS_XATTR_INDEX_MAX; i++) {
-		if (devpts_xattr_handlers[i]) {
-			const char *n = strcmp_prefix(*name,
-				devpts_xattr_handlers[i]->prefix);
-			if (n) {
-				handler = devpts_xattr_handlers[i];
-				*name = n;
-				break;
-			}
-		}
-	}
-	read_unlock(&devpts_handler_lock);
-	return handler;
-}
-
-static inline struct devpts_xattr_handler *
-devpts_xattr_handler(int name_index)
-{
-	struct devpts_xattr_handler *handler = NULL;
-	if (name_index > 0 && name_index <= DEVPTS_XATTR_INDEX_MAX) {
-		read_lock(&devpts_handler_lock);
-		handler = devpts_xattr_handlers[name_index-1];
-		read_unlock(&devpts_handler_lock);
-	}
-	return handler;
-}
+static struct simple_xattr_handler *devpts_xattr_handlers[SIMPLE_XATTR_MAX];
+static struct simple_xattr_info devpts_xattr_info;
 
 /*
  * Inode operation getxattr()
@@ -102,12 +29,13 @@ ssize_t
 devpts_getxattr(struct dentry *dentry, const char *name,
 	      void *buffer, size_t size)
 {
-	struct devpts_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
 
-	handler = devpts_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&devpts_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
-	return handler->get(dentry, name, buffer, size);
+	return handler->get(inode, name, buffer, size);
 }
 
 /*
@@ -116,41 +44,9 @@ devpts_getxattr(struct dentry *dentry, c
  * dentry->d_inode->i_sem down
  */
 ssize_t
-devpts_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
+devpts_listxattr(struct dentry *dentry, char *buffer, size_t size)
 {
-	struct devpts_xattr_handler *handler = NULL;
-	int i, error = 0;
-	unsigned int size = 0;
-	char *buf;
-
-	read_lock(&devpts_handler_lock);
-
-	for (i=0; i<DEVPTS_XATTR_INDEX_MAX; i++) {
-		handler = devpts_xattr_handlers[i];
-		if (handler)
-			size += handler->list(dentry, NULL);
-	}
-
-	if (!buffer) {
-		error = size;
-		goto out;
-	} else {
-		error = -ERANGE;
-		if (size > buffer_size)
-			goto out;
-	}
-
-	buf = buffer;
-	for (i=0; i<DEVPTS_XATTR_INDEX_MAX; i++) {
-		handler = devpts_xattr_handlers[i];
-		if (handler)
-			buf += handler->list(dentry, buf);
-	}
-	error = size;
-
-out:
-	read_unlock(&devpts_handler_lock);
-	return size;
+	return simple_xattr_list(&devpts_xattr_info, dentry, buffer, size);
 }
 
 /*
@@ -162,14 +58,15 @@ int
 devpts_setxattr(struct dentry *dentry, const char *name,
 	      const void *value, size_t size, int flags)
 {
-	struct devpts_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
 
 	if (size == 0)
 		value = "";  /* empty EA, do not remove */
-	handler = devpts_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&devpts_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
-	return handler->set(dentry, name, value, size, flags);
+	return handler->set(inode, name, value, size, flags);
 }
 
 /*
@@ -180,12 +77,13 @@ devpts_setxattr(struct dentry *dentry, c
 int
 devpts_removexattr(struct dentry *dentry, const char *name)
 {
-	struct devpts_xattr_handler *handler;
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
 
-	handler = devpts_xattr_resolve_name(&name);
+	handler = simple_xattr_resolve_name(&devpts_xattr_info, &name);
 	if (!handler)
 		return -EOPNOTSUPP;
-	return handler->set(dentry, name, NULL, 0, XATTR_REPLACE);
+	return handler->set(inode, name, NULL, 0, XATTR_REPLACE);
 }
 
 int __init
@@ -193,8 +91,12 @@ init_devpts_xattr(void)
 {
 #ifdef CONFIG_DEVPTS_FS_SECURITY	
 	int	err;
+	
+	devpts_xattr_info.lock = RW_LOCK_UNLOCKED;
+	devpts_xattr_info.handlers = devpts_xattr_handlers;
 
-	err = devpts_xattr_register(DEVPTS_XATTR_INDEX_SECURITY,
+	err = simple_xattr_register(&devpts_xattr_info,
+				    DEVPTS_XATTR_INDEX_SECURITY,
 				    &devpts_xattr_security_handler);
 	if (err)
 		return err;
@@ -207,7 +109,8 @@ void
 exit_devpts_xattr(void)
 {
 #ifdef CONFIG_DEVPTS_FS_SECURITY	
-	devpts_xattr_unregister(DEVPTS_XATTR_INDEX_SECURITY,
+	simple_xattr_unregister(&devpts_xattr_info,
+				DEVPTS_XATTR_INDEX_SECURITY,
 				&devpts_xattr_security_handler);
 #endif
 
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/devpts/xattr.h linux-2.6.8.1-mm2.w/fs/devpts/xattr.h
--- linux-2.6.8.1-mm2.p/fs/devpts/xattr.h	2004-08-23 01:23:25.471272456 -0400
+++ linux-2.6.8.1-mm2.w/fs/devpts/xattr.h	2004-08-23 01:19:12.341753992 -0400
@@ -3,7 +3,6 @@
  
   Derived from fs/ext3/xattr.h, changed in the following ways:
       drop everything related to persistent storage of EAs
-      pass dentry rather than inode to internal methods
       only presently define a handler for security modules
 */
 
@@ -11,23 +10,10 @@
 #include <linux/xattr.h>
 
 /* Name indexes */
-#define DEVPTS_XATTR_INDEX_MAX			10
 #define DEVPTS_XATTR_INDEX_SECURITY	        1
 
 # ifdef CONFIG_DEVPTS_FS_XATTR
 
-struct devpts_xattr_handler {
-	char *prefix;
-	size_t (*list)(struct dentry *dentry, char *buffer);
-	int (*get)(struct dentry *dentry, const char *name, void *buffer,
-		   size_t size);
-	int (*set)(struct dentry *dentry, const char *name, const void *buffer,
-		   size_t size, int flags);
-};
-
-extern int devpts_xattr_register(int, struct devpts_xattr_handler *);
-extern void devpts_xattr_unregister(int, struct devpts_xattr_handler *);
-
 extern int devpts_setxattr(struct dentry *, const char *, const void *, size_t, int);
 extern ssize_t devpts_getxattr(struct dentry *, const char *, void *, size_t);
 extern ssize_t devpts_listxattr(struct dentry *, char *, size_t);
@@ -55,5 +41,5 @@ exit_devpts_xattr(void)
 
 # endif  /* CONFIG_DEVPTS_FS_XATTR */
 
-extern struct devpts_xattr_handler devpts_xattr_security_handler;
+extern struct simple_xattr_handler devpts_xattr_security_handler;
 
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/devpts/xattr_security.c linux-2.6.8.1-mm2.w/fs/devpts/xattr_security.c
--- linux-2.6.8.1-mm2.p/fs/devpts/xattr_security.c	2004-08-23 01:23:25.472272304 -0400
+++ linux-2.6.8.1-mm2.w/fs/devpts/xattr_security.c	2004-08-23 01:25:07.312790192 -0400
@@ -1,38 +1,44 @@
 /*
- * File: fs/devpts/xattr_security.c
+ * Security xattr support for devpts.
+ *
+ * Author: Stephen Smalley <sds@epoch.ncsc.mil>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option) 
+ * any later version.
  */
-
 #include <linux/module.h>
 #include <linux/string.h>
 #include <linux/fs.h>
 #include <linux/security.h>
 #include "xattr.h"
 
-static size_t
-devpts_xattr_security_list(struct dentry *dentry, char *buffer)
+static size_t devpts_xattr_security_list(struct inode *inode, char *list,
+					 const char *name, int name_len)
+                       
 {
-	return security_inode_listsecurity(dentry, buffer);
+	return security_inode_listsecurity(inode, list);
 }
 
-static int
-devpts_xattr_security_get(struct dentry *dentry, const char *name,
-			  void *buffer, size_t size)
+static int devpts_xattr_security_get(struct inode *inode, const char *name,
+				     void *buffer, size_t size)
 {
 	if (strcmp(name, "") == 0)
 		return -EINVAL;
-	return security_inode_getsecurity(dentry, name, buffer, size);
+	return security_inode_getsecurity(inode, name, buffer, size);
 }
 
-static int
-devpts_xattr_security_set(struct dentry *dentry, const char *name,
-			  const void *value, size_t size, int flags)
+static int devpts_xattr_security_set(struct inode *inode, const char *name,
+				     const void *value, size_t size, int flags)
 {
 	if (strcmp(name, "") == 0)
 		return -EINVAL;
-	return security_inode_setsecurity(dentry, name, value, size, flags);
+	return security_inode_setsecurity(inode, name, value, size, flags);
 }
 
-struct devpts_xattr_handler devpts_xattr_security_handler = {
+struct simple_xattr_handler devpts_xattr_security_handler = {
 	.prefix	= XATTR_SECURITY_PREFIX,
 	.list	= devpts_xattr_security_list,
 	.get	= devpts_xattr_security_get,

[PATCH][6/7] add xattr support to tmpfs

[James Morris]

This patch adds xattr support to tmpfs, and a security xattr handler.
Original patch from: Luke Kenneth Casson Leighton <lkcl@lkcl.net>


 fs/Kconfig                |   22 +++++++++++
 mm/Makefile               |    2 +
 mm/shmem.c                |   57 +++++++++++++++++++++++++++---
 mm/shmem_xattr.c          |   86 ++++++++++++++++++++++++++++++++++++++++++++++
 mm/shmem_xattr.h          |   39 ++++++++++++++++++++
 mm/shmem_xattr_security.c |   43 +++++++++++++++++++++++
 6 files changed, 243 insertions(+), 6 deletions(-)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>
    
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/Kconfig linux-2.6.8.1-mm2.w/fs/Kconfig
--- linux-2.6.8.1-mm2.p/fs/Kconfig	2004-08-19 10:32:52.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/Kconfig	2004-08-23 01:28:04.582841048 -0400
@@ -918,6 +918,28 @@ config TMPFS
 
 	  See <file:Documentation/filesystems/tmpfs.txt> for details.
 
+config TMPFS_XATTR
+	bool "tmpfs Extended Attributes"
+	depends on TMPFS
+	help
+	  Extended attributes are name:value pairs associated with inodes by
+	  the kernel or by users (see the attr(5) manual page, or visit
+	  <http://acl.bestbits.at/> for details).
+
+	  If unsure, say N.
+
+config TMPFS_SECURITY
+	bool "tmpfs Security Labels"
+	depends on TMPFS_XATTR
+	help
+	  Security labels support alternative access control models
+	  implemented by security modules like SELinux.  This option
+	  enables an extended attribute handler for file security
+	  labels in the tmpfs filesystem.
+
+	  If you are not using a security module that requires using
+	  extended attributes for file security labels, say N.
+
 config HUGETLBFS
 	bool "HugeTLB file system support"
 	depends X86 || IA64 || PPC64 || SPARC64 || SUPERH || X86_64 || BROKEN
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/mm/Makefile linux-2.6.8.1-mm2.w/mm/Makefile
--- linux-2.6.8.1-mm2.p/mm/Makefile	2004-08-19 10:32:55.000000000 -0400
+++ linux-2.6.8.1-mm2.w/mm/Makefile	2004-08-23 01:28:04.583840896 -0400
@@ -15,3 +15,5 @@ obj-y			:= bootmem.o filemap.o mempool.o
 obj-$(CONFIG_SWAP)	+= page_io.o swap_state.o swapfile.o thrash.o
 obj-$(CONFIG_HUGETLBFS)	+= hugetlb.o
 obj-$(CONFIG_NUMA) 	+= mempolicy.o
+obj-$(CONFIG_TMPFS_XATTR)	+= shmem_xattr.o
+obj-$(CONFIG_TMPFS_SECURITY)	+= shmem_xattr_security.o
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/mm/shmem.c linux-2.6.8.1-mm2.w/mm/shmem.c
--- linux-2.6.8.1-mm2.p/mm/shmem.c	2004-08-19 10:32:55.000000000 -0400
+++ linux-2.6.8.1-mm2.w/mm/shmem.c	2004-08-23 01:28:04.585840592 -0400
@@ -10,6 +10,10 @@
  * Copyright (C) 2002-2003 VERITAS Software Corporation.
  * Copyright (C) 2004 Andi Kleen, SuSE Labs
  *
+ * Extended attribute support for tmpfs:
+ * Copyright (c) 2004, Luke Kenneth Casson Leighton <lkcl@lkcl.net>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
  * This file is released under the GPL.
  */
 
@@ -45,6 +49,8 @@
 #include <asm/div64.h>
 #include <asm/pgtable.h>
 
+#include "shmem_xattr.h"
+
 /* This magic number is used in glibc for posix shared memory */
 #define TMPFS_MAGIC	0x01021994
 
@@ -171,6 +177,7 @@ static struct address_space_operations s
 static struct file_operations shmem_file_operations;
 static struct inode_operations shmem_inode_operations;
 static struct inode_operations shmem_dir_inode_operations;
+static struct inode_operations shmem_special_inode_operations;
 static struct vm_operations_struct shmem_vm_ops;
 
 static struct backing_dev_info shmem_backing_dev_info = {
@@ -1211,6 +1218,7 @@ shmem_get_inode(struct super_block *sb, 
  		mpol_shared_policy_init(&info->policy);
 		switch (mode & S_IFMT) {
 		default:
+			inode->i_op = &shmem_special_inode_operations;
 			init_special_inode(inode, mode, dev);
 			break;
 		case S_IFREG:
@@ -1708,6 +1716,12 @@ static void shmem_put_link(struct dentry
 static struct inode_operations shmem_symlink_inline_operations = {
 	.readlink	= generic_readlink,
 	.follow_link	= shmem_follow_link_inline,
+#ifdef CONFIG_TMPFS
+	.setxattr       = shmem_setxattr,
+	.getxattr       = shmem_getxattr,
+	.listxattr      = shmem_listxattr,
+	.removexattr    = shmem_removexattr,
+#endif
 };
 
 static struct inode_operations shmem_symlink_inode_operations = {
@@ -1715,6 +1729,12 @@ static struct inode_operations shmem_sym
 	.readlink	= generic_readlink,
 	.follow_link	= shmem_follow_link,
 	.put_link	= shmem_put_link,
+#ifdef CONFIG_TMPFS
+	.setxattr       = shmem_setxattr,
+	.getxattr       = shmem_getxattr,
+	.listxattr      = shmem_listxattr,
+	.removexattr    = shmem_removexattr,
+#endif	
 };
 
 static int shmem_parse_options(char *options, int *mode, uid_t *uid, gid_t *gid, unsigned long *blocks, unsigned long *inodes)
@@ -1933,6 +1953,12 @@ static struct file_operations shmem_file
 static struct inode_operations shmem_inode_operations = {
 	.truncate	= shmem_truncate,
 	.setattr	= shmem_notify_change,
+#ifdef CONFIG_TMPFS
+	.setxattr	= shmem_setxattr,
+	.getxattr	= shmem_getxattr,
+	.listxattr	= shmem_listxattr,
+	.removexattr	= shmem_removexattr,
+#endif
 };
 
 static struct inode_operations shmem_dir_inode_operations = {
@@ -1946,6 +1972,19 @@ static struct inode_operations shmem_dir
 	.rmdir		= shmem_rmdir,
 	.mknod		= shmem_mknod,
 	.rename		= shmem_rename,
+	.setxattr       = shmem_setxattr,
+	.getxattr       = shmem_getxattr,
+	.listxattr      = shmem_listxattr,
+	.removexattr    = shmem_removexattr,
+#endif
+};
+
+static struct inode_operations shmem_special_inode_operations = {
+#ifdef CONFIG_TMPFS
+	.setxattr	= shmem_setxattr,
+	.getxattr	= shmem_getxattr,
+	.listxattr	= shmem_listxattr,
+	.removexattr	= shmem_removexattr,
 #endif
 };
 
@@ -1990,12 +2029,16 @@ static int __init init_tmpfs(void)
 
 	error = init_inodecache();
 	if (error)
-		goto out3;
+		goto out_error;
+
+	error = init_shmem_xattr();
+	if (error)
+		goto out_destroy_inodecache;
 
 	error = register_filesystem(&tmpfs_fs_type);
 	if (error) {
 		printk(KERN_ERR "Could not register tmpfs\n");
-		goto out2;
+		goto out_exit_shmem_xattr;
 	}
 #ifdef CONFIG_TMPFS
 	devfs_mk_dir("shm");
@@ -2004,18 +2047,20 @@ static int __init init_tmpfs(void)
 	if (IS_ERR(shm_mnt)) {
 		error = PTR_ERR(shm_mnt);
 		printk(KERN_ERR "Could not kern_mount tmpfs\n");
-		goto out1;
+		goto out_unregister;
 	}
 
 	/* The internal instance should not do size checking */
 	shmem_set_size(SHMEM_SB(shm_mnt->mnt_sb), ULONG_MAX, ULONG_MAX);
 	return 0;
 
-out1:
+out_unregister:
 	unregister_filesystem(&tmpfs_fs_type);
-out2:
+out_exit_shmem_xattr:
+	exit_shmem_xattr();
+out_destroy_inodecache:
 	destroy_inodecache();
-out3:
+out_error:
 	shm_mnt = ERR_PTR(error);
 	return error;
 }
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/mm/shmem_xattr.c linux-2.6.8.1-mm2.w/mm/shmem_xattr.c
--- linux-2.6.8.1-mm2.p/mm/shmem_xattr.c	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.8.1-mm2.w/mm/shmem_xattr.c	2004-08-23 01:28:54.336277376 -0400
@@ -0,0 +1,86 @@
+/*
+ * Pseudo xattr support for tmpfs.
+ *
+ * Based on fs/devpts/xattr.c by Stephen Smalley <sds@epoch.ncsc.mil>
+ *
+ * Copyright (c) 2004, Luke Kenneth Casson Leighton <lkcl@lkcl.net>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option) 
+ * any later version.
+ */
+#include <linux/init.h>
+#include <linux/fs.h>
+#include "shmem_xattr.h"
+
+static struct simple_xattr_handler *shmem_xattr_handlers[SIMPLE_XATTR_MAX];
+static struct simple_xattr_info shmem_xattr_info;
+
+ssize_t shmem_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size)
+{
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
+
+	handler = simple_xattr_resolve_name(&shmem_xattr_info, &name);
+	if (!handler)
+		return -EOPNOTSUPP;
+	return handler->get(inode, name, buffer, size);
+}
+
+ssize_t shmem_listxattr(struct dentry *dentry, char *buffer, size_t size)
+{
+	return simple_xattr_list(&shmem_xattr_info, dentry, buffer, size);
+}
+
+int shmem_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
+{
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
+
+	if (size == 0)
+		value = "";  /* empty EA, do not remove */
+	handler = simple_xattr_resolve_name(&shmem_xattr_info, &name);
+	if (!handler)
+		return -EOPNOTSUPP;
+	return handler->set(inode, name, value, size, flags);
+}
+
+int shmem_removexattr(struct dentry *dentry, const char *name)
+{
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
+
+	handler = simple_xattr_resolve_name(&shmem_xattr_info, &name);
+	if (!handler)
+		return -EOPNOTSUPP;
+	return handler->set(inode, name, NULL, 0, XATTR_REPLACE);
+}
+
+int __init init_shmem_xattr(void)
+{
+#ifdef CONFIG_TMPFS_SECURITY
+	int	err;
+	
+	shmem_xattr_info.lock = RW_LOCK_UNLOCKED;
+	shmem_xattr_info.handlers = shmem_xattr_handlers;
+
+	err = simple_xattr_register(&shmem_xattr_info,
+				    SHMEM_XATTR_INDEX_SECURITY,
+				    &shmem_xattr_security_handler);
+	if (err)
+		return err;
+#endif
+	return 0;
+}
+
+void exit_shmem_xattr(void)
+{
+#ifdef CONFIG_TMPFS_SECURITY
+	simple_xattr_unregister(&shmem_xattr_info,
+				SHMEM_XATTR_INDEX_SECURITY,
+				&shmem_xattr_security_handler);
+#endif
+
+}
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/mm/shmem_xattr.h linux-2.6.8.1-mm2.w/mm/shmem_xattr.h
--- linux-2.6.8.1-mm2.p/mm/shmem_xattr.h	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.8.1-mm2.w/mm/shmem_xattr.h	2004-08-23 01:28:04.587840288 -0400
@@ -0,0 +1,39 @@
+/*
+ * Pseudo xattr support for tmpfs.
+ */
+#include <linux/config.h>
+#include <linux/xattr.h>
+
+/* Name indexes */
+#define SHMEM_XATTR_INDEX_SECURITY	1
+
+#ifdef CONFIG_TMPFS_XATTR
+
+int shmem_setxattr(struct dentry *, const char *, const void *, size_t, int);
+ssize_t shmem_getxattr(struct dentry *, const char *, void *, size_t);
+ssize_t shmem_listxattr(struct dentry *, char *, size_t);
+int shmem_removexattr(struct dentry *, const char *);
+
+int init_shmem_xattr(void);
+void exit_shmem_xattr(void);
+
+#else	/* !CONFIG_TMPFS_XATTR */
+
+#define shmem_setxattr		NULL
+#define shmem_getxattr		NULL
+#define shmem_listxattr		NULL
+#define shmem_removexattr	NULL
+
+static inline int init_shmem_xattr(void)
+{
+	return 0;
+}
+
+static inline void exit_shmem_xattr(void)
+{
+}
+
+#endif  /* CONFIG_TMPFS_XATTR */
+
+extern struct simple_xattr_handler shmem_xattr_security_handler;
+
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/mm/shmem_xattr_security.c linux-2.6.8.1-mm2.w/mm/shmem_xattr_security.c
--- linux-2.6.8.1-mm2.p/mm/shmem_xattr_security.c	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.8.1-mm2.w/mm/shmem_xattr_security.c	2004-08-23 01:28:50.042930064 -0400
@@ -0,0 +1,43 @@
+/*
+ * Security xattr support for tmpfs.
+ *
+ * Based on fs/devpts/xattr_security.c by Stephen Smalley <sds@epoch.ncsc.mil>
+ *
+ * Copyright (c) 2004, Luke Kenneth Casson Leighton <lkcl@lkcl.net>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option) 
+ * any later version.
+ */
+#include <linux/module.h>
+#include <linux/fs.h>
+#include <linux/security.h>
+#include "shmem_xattr.h"
+
+static size_t shmem_xattr_security_list(struct inode *inode, char *list, const char *name, int name_len)
+{
+	return security_inode_listsecurity(inode, list);
+}
+
+static int shmem_xattr_security_get(struct inode *inode, const char *name, void *buffer, size_t size)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return security_inode_getsecurity(inode, name, buffer, size);
+}
+
+static int shmem_xattr_security_set(struct inode *inode, const char *name, const void *value, size_t size, int flags)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return security_inode_setsecurity(inode, name, value, size, flags);
+}
+
+struct simple_xattr_handler shmem_xattr_security_handler = {
+	.prefix	= XATTR_SECURITY_PREFIX,
+	.list	= shmem_xattr_security_list,
+	.get	= shmem_xattr_security_get,
+	.set	= shmem_xattr_security_set,
+};

[PATCH][7/7] add xattr support to ramfs

[James Morris]

This patch adds xattr support to tmpfs, and a security xattr handler.
Original patch from: Chris PeBenito <pebenito@gentoo.org>


 fs/Kconfig                |   22 +++++++++++
 fs/ramfs/Makefile         |    3 +
 fs/ramfs/inode.c          |   36 +++++++++++++++++--
 fs/ramfs/xattr.c          |   87 ++++++++++++++++++++++++++++++++++++++++++++++
 fs/ramfs/xattr.h          |   39 ++++++++++++++++++++
 fs/ramfs/xattr_security.c |   43 ++++++++++++++++++++++
 6 files changed, 228 insertions(+), 2 deletions(-)

 Signed-off-by: James Morris <jmorris@redhat.com>
 Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>
    
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/Kconfig linux-2.6.8.1-mm2.w/fs/Kconfig
--- linux-2.6.8.1-mm2.p/fs/Kconfig	2004-08-23 13:27:54.690946600 -0400
+++ linux-2.6.8.1-mm2.w/fs/Kconfig	2004-08-23 13:27:45.330369624 -0400
@@ -961,6 +961,28 @@ config RAMFS
 	  To compile this as a module, choose M here: the module will be called
 	  ramfs.
 
+config RAMFS_XATTR
+	bool "ramfs Extended Attributes"
+	depends on RAMFS
+	help
+	  Extended attributes are name:value pairs associated with inodes by
+	  the kernel or by users (see the attr(5) manual page, or visit
+	  <http://acl.bestbits.at/> for details).
+
+	  If unsure, say N.
+
+config RAMFS_SECURITY
+	bool "ramfs Security Labels"
+	depends on RAMFS_XATTR
+	help
+	  Security labels support alternative access control models
+	  implemented by security modules like SELinux.  This option
+	  enables an extended attribute handler for file security
+	  labels in the ramfs filesystem.
+
+	  If you are not using a security module that requires using
+	  extended attributes for file security labels, say N.
+
 config KEYFS
 	bool "Key managment database interface filesystem"
 	depends on KEYS
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ramfs/inode.c linux-2.6.8.1-mm2.w/fs/ramfs/inode.c
--- linux-2.6.8.1-mm2.p/fs/ramfs/inode.c	2004-06-16 01:19:11.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ramfs/inode.c	2004-08-23 13:27:45.331369472 -0400
@@ -34,6 +34,8 @@
 
 #include <asm/uaccess.h>
 
+#include "xattr.h"
+
 /* some random number */
 #define RAMFS_MAGIC	0x858458f6
 
@@ -42,6 +44,8 @@ static struct address_space_operations r
 static struct file_operations ramfs_file_operations;
 static struct inode_operations ramfs_file_inode_operations;
 static struct inode_operations ramfs_dir_inode_operations;
+static struct inode_operations ramfs_symlink_inode_operations;
+static struct inode_operations ramfs_special_inode_operations;
 
 static struct backing_dev_info ramfs_backing_dev_info = {
 	.ra_pages	= 0,	/* No readahead */
@@ -63,6 +67,7 @@ static struct inode *ramfs_get_inode(str
 		inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
 		switch (mode & S_IFMT) {
 		default:
+			inode->i_op = &ramfs_special_inode_operations;
 			init_special_inode(inode, mode, dev);
 			break;
 		case S_IFREG:
@@ -77,7 +82,7 @@ static struct inode *ramfs_get_inode(str
 			inode->i_nlink++;
 			break;
 		case S_IFLNK:
-			inode->i_op = &page_symlink_inode_operations;
+			inode->i_op = &ramfs_symlink_inode_operations;
 			break;
 		}
 	}
@@ -157,6 +162,10 @@ static struct file_operations ramfs_file
 
 static struct inode_operations ramfs_file_inode_operations = {
 	.getattr	= simple_getattr,
+	.setxattr	= ramfs_setxattr,
+	.getxattr	= ramfs_getxattr,
+	.listxattr	= ramfs_listxattr,
+	.removexattr	= ramfs_removexattr,
 };
 
 static struct inode_operations ramfs_dir_inode_operations = {
@@ -169,8 +178,28 @@ static struct inode_operations ramfs_dir
 	.rmdir		= simple_rmdir,
 	.mknod		= ramfs_mknod,
 	.rename		= simple_rename,
+	.setxattr	= ramfs_setxattr,
+	.getxattr	= ramfs_getxattr,
+	.listxattr	= ramfs_listxattr,
+	.removexattr	= ramfs_removexattr,
+};
+
+static struct inode_operations ramfs_symlink_inode_operations = {
+	.readlink	= page_readlink,
+	.follow_link	= page_follow_link,
+	.setxattr	= ramfs_setxattr,
+	.getxattr	= ramfs_getxattr,
+	.listxattr	= ramfs_listxattr,
+	.removexattr	= ramfs_removexattr,
+};
+
+static struct inode_operations ramfs_special_inode_operations = {
+	.setxattr	= ramfs_setxattr,
+	.getxattr	= ramfs_getxattr,
+	.listxattr	= ramfs_listxattr,
+	.removexattr	= ramfs_removexattr,
 };
-
+ 
 static struct super_operations ramfs_ops = {
 	.statfs		= simple_statfs,
 	.drop_inode	= generic_delete_inode,
@@ -224,6 +253,9 @@ static struct file_system_type rootfs_fs
 
 static int __init init_ramfs_fs(void)
 {
+	int err = init_ramfs_xattr();
+	if (err)
+		return err;
 	return register_filesystem(&ramfs_fs_type);
 }
 
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ramfs/Makefile linux-2.6.8.1-mm2.w/fs/ramfs/Makefile
--- linux-2.6.8.1-mm2.p/fs/ramfs/Makefile	2004-06-16 01:20:26.000000000 -0400
+++ linux-2.6.8.1-mm2.w/fs/ramfs/Makefile	2004-08-23 13:27:45.332369320 -0400
@@ -5,3 +5,6 @@
 obj-$(CONFIG_RAMFS) += ramfs.o
 
 ramfs-objs := inode.o
+ramfs-$(CONFIG_RAMFS_XATTR)	+= xattr.o
+ramfs-$(CONFIG_RAMFS_SECURITY)	+= xattr_security.o
+
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ramfs/xattr.c linux-2.6.8.1-mm2.w/fs/ramfs/xattr.c
--- linux-2.6.8.1-mm2.p/fs/ramfs/xattr.c	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.8.1-mm2.w/fs/ramfs/xattr.c	2004-08-23 13:27:45.333369168 -0400
@@ -0,0 +1,87 @@
+/*
+ * Pseudo xattr support for ramfs.
+ *
+ * Based on fs/devpts/xattr.c by Stephen Smalley <sds@epoch.ncsc.mil>
+ *
+ * Copyright (c) 2004, Joshua Brindle <method@gentoo.org>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option) 
+ * any later version.
+ */
+#include <linux/init.h>
+#include <linux/fs.h>
+#include "xattr.h"
+
+static struct simple_xattr_handler *ramfs_xattr_handlers[SIMPLE_XATTR_MAX];
+static struct simple_xattr_info ramfs_xattr_info;
+
+ssize_t ramfs_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size)
+{
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
+
+	handler = simple_xattr_resolve_name(&ramfs_xattr_info, &name);
+	if (!handler)
+		return -EOPNOTSUPP;
+	return handler->get(inode, name, buffer, size);
+}
+
+ssize_t ramfs_listxattr(struct dentry *dentry, char *buffer, size_t size)
+{
+	return simple_xattr_list(&ramfs_xattr_info, dentry, buffer, size);
+}
+
+int ramfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags)
+{
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
+
+	if (size == 0)
+		value = "";  /* empty EA, do not remove */
+	handler = simple_xattr_resolve_name(&ramfs_xattr_info, &name);
+	if (!handler)
+		return -EOPNOTSUPP;
+	return handler->set(inode, name, value, size, flags);
+}
+
+int ramfs_removexattr(struct dentry *dentry, const char *name)
+{
+	struct simple_xattr_handler *handler;
+	struct inode *inode = dentry->d_inode;
+
+	handler = simple_xattr_resolve_name(&ramfs_xattr_info, &name);
+	if (!handler)
+		return -EOPNOTSUPP;
+	return handler->set(inode, name, NULL, 0, XATTR_REPLACE);
+}
+
+int __init init_ramfs_xattr(void)
+{
+#ifdef CONFIG_RAMFS_SECURITY	
+	int	err;
+	
+	ramfs_xattr_info.lock = RW_LOCK_UNLOCKED;
+	ramfs_xattr_info.handlers = ramfs_xattr_handlers;
+
+	err = simple_xattr_register(&ramfs_xattr_info,
+				    RAMFS_XATTR_INDEX_SECURITY,
+				    &ramfs_xattr_security_handler);
+	if (err)
+		return err;
+#endif
+
+	return 0;
+}
+
+void exit_ramfs_xattr(void)
+{
+#ifdef CONFIG_RAMFS_FS_SECURITY	
+	simple_xattr_unregister(&ramfs_xattr_info,
+				RAMFS_XATTR_INDEX_SECURITY,
+				&ramfs_xattr_security_handler);
+#endif
+
+}
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ramfs/xattr.h linux-2.6.8.1-mm2.w/fs/ramfs/xattr.h
--- linux-2.6.8.1-mm2.p/fs/ramfs/xattr.h	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.8.1-mm2.w/fs/ramfs/xattr.h	2004-08-23 13:27:45.333369168 -0400
@@ -0,0 +1,39 @@
+/*
+ * Pseudo xattr support for ramfs.
+ */
+#include <linux/config.h>
+#include <linux/xattr.h>
+
+/* Name indexes */
+#define RAMFS_XATTR_INDEX_SECURITY	1
+
+#ifdef CONFIG_RAMFS_XATTR
+
+int ramfs_setxattr(struct dentry *, const char *, const void *, size_t, int);
+ssize_t ramfs_getxattr(struct dentry *, const char *, void *, size_t);
+ssize_t ramfs_listxattr(struct dentry *, char *, size_t);
+int ramfs_removexattr(struct dentry *, const char *);
+
+int init_ramfs_xattr(void);
+void exit_ramfs_xattr(void);
+
+#else	/* !CONFIG_RAMFS_XATTR */
+
+#define ramfs_setxattr		NULL
+#define ramfs_getxattr		NULL
+#define ramfs_listxattr		NULL
+#define ramfs_removexattr	NULL
+
+static inline int init_ramfs_xattr(void)
+{
+	return 0;
+}
+
+static inline void exit_ramfs_xattr(void)
+{
+}
+
+#endif  /* CONFIG_RAMFS_XATTR */
+
+extern struct simple_xattr_handler ramfs_xattr_security_handler;
+
diff -purN -X dontdiff linux-2.6.8.1-mm2.p/fs/ramfs/xattr_security.c linux-2.6.8.1-mm2.w/fs/ramfs/xattr_security.c
--- linux-2.6.8.1-mm2.p/fs/ramfs/xattr_security.c	1969-12-31 19:00:00.000000000 -0500
+++ linux-2.6.8.1-mm2.w/fs/ramfs/xattr_security.c	2004-08-23 13:28:49.505613504 -0400
@@ -0,0 +1,43 @@
+/*
+ * Security xattr support for ramfs.
+ *
+ * Based on fs/devpts/xattr_security.c by Stephen Smalley <sds@epoch.ncsc.mil>
+ *
+ * Copyright (c) 2004, Chris PeBenito <pebenito@gentoo.org>
+ * Copyright (c) 2004 Red Hat, Inc., James Morris <jmorris@redhat.com>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option) 
+ * any later version.
+ */
+#include <linux/module.h>
+#include <linux/fs.h>
+#include <linux/security.h>
+#include "xattr.h"
+
+static size_t ramfs_xattr_security_list(struct inode *inode, char *list, const char *name, int name_len)
+{
+	return security_inode_listsecurity(inode, list);
+}
+
+static int ramfs_xattr_security_get(struct inode *inode, const char *name, void *buffer, size_t size)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return security_inode_getsecurity(inode, name, buffer, size);
+}
+
+static int ramfs_xattr_security_set(struct inode *inode, const char *name, const void *value, size_t size, int flags)
+{
+	if (strcmp(name, "") == 0)
+		return -EINVAL;
+	return security_inode_setsecurity(inode, name, value, size, flags);
+}
+
+struct simple_xattr_handler ramfs_xattr_security_handler = {
+	.prefix	= XATTR_SECURITY_PREFIX,
+	.list	= ramfs_xattr_security_list,
+	.get	= ramfs_xattr_security_get,
+	.set	= ramfs_xattr_security_set,
+};

Re: [PATCH][1/7] xattr consolidation - libfs

[Christoph Hellwig]

On Mon, Aug 23, 2004 at 02:15:15PM -0400, James Morris wrote:
> This patch consolidates common xattr handling logic into libfs, for
> use by ext2, ext3 and devpts, as well as upcoming ramfs and tmpfs xattr code.

Please don't do it this way.  By making the xattr handlers constant for
a superblock's lifetime you can get rid of all the locking, and the arbitrary
limit on the number of xattrs.  Please also move the code to xattr.c where
it belong (long-term I'd like to kill the old inode ops so we can do things
like moving the permission checks for user xattrs into common code where they
belong)

Also s/simple_// for most symbols as this stuff isn't simple, in fact it's
quite complex :)

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[Christoph Hellwig]

On Mon, Aug 23, 2004 at 02:16:17PM -0400, James Morris wrote:
> This patch replaces the dentry parameter with an inode in the LSM
> inode_{set|get|list}security hooks, in keeping with the ext2/ext3 code.
> dentries are not needed here.

Given that the actual methods take a dentry this sounds like a bad design.
Can;t you just pass down the dentry through all of the ext2 interfaces?

(And again, mid-term these checks should move to the VFS)

Re: [PATCH][6/7] add xattr support to tmpfs

[Christoph Hellwig]

On Mon, Aug 23, 2004 at 02:20:58PM -0400, James Morris wrote:
> This patch adds xattr support to tmpfs, and a security xattr handler.
> Original patch from: Luke Kenneth Casson Leighton <lkcl@lkcl.net>

The generic xattr inode ops implementations should also move to xattr.c
(easy with my proposal of handing the sub-methods off the sb).

Also please don't add so many new files, life would be much easier if all
of this just went to shmem.c.  (and long-term tmpfs should maybe move to
fs/tmpfs)

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[James Morris]

On Mon, 23 Aug 2004, Christoph Hellwig wrote:

> On Mon, Aug 23, 2004 at 02:16:17PM -0400, James Morris wrote:
> > This patch replaces the dentry parameter with an inode in the LSM
> > inode_{set|get|list}security hooks, in keeping with the ext2/ext3 code.
> > dentries are not needed here.
> 
> Given that the actual methods take a dentry this sounds like a bad design.
> Can;t you just pass down the dentry through all of the ext2 interfaces?

Yes, this can be done, although all that's needed is the inode.


- James
-- 
James Morris
<jmorris@redhat.com>

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[Stephen Smalley]

On Mon, 2004-08-23 at 15:03, Christoph Hellwig wrote:
> On Mon, Aug 23, 2004 at 02:16:17PM -0400, James Morris wrote:
> > This patch replaces the dentry parameter with an inode in the LSM
> > inode_{set|get|list}security hooks, in keeping with the ext2/ext3 code.
> > dentries are not needed here.
> 
> Given that the actual methods take a dentry this sounds like a bad design.
> Can;t you just pass down the dentry through all of the ext2 interfaces?

Changing the methods to take an inode would be even better, IMHO, as the
dentry is unnecessary.  That would simplify SELinux as well.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

Re: [PATCH][7/7] add xattr support to ramfs

[Christoph Hellwig]

On Mon, Aug 23, 2004 at 02:22:20PM -0400, James Morris wrote:
> This patch adds xattr support to tmpfs, and a security xattr handler.
> Original patch from: Chris PeBenito <pebenito@gentoo.org>

What's the point on doing this for ramfs?  And if you really want this
the implementation could be shared with tmpfs easily and put into xattr.c

Re: [PATCH][7/7] add xattr support to ramfs

[Stephen Smalley]

On Mon, 2004-08-23 at 16:26, Christoph Hellwig wrote:
> On Mon, Aug 23, 2004 at 02:22:20PM -0400, James Morris wrote:
> > This patch adds xattr support to tmpfs, and a security xattr handler.
> > Original patch from: Chris PeBenito <pebenito@gentoo.org>
> 
> What's the point on doing this for ramfs?  And if you really want this
> the implementation could be shared with tmpfs easily and put into xattr.c

For udev.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

Re: [PATCH][7/7] add xattr support to ramfs

[Christoph Hellwig]

On Mon, Aug 23, 2004 at 04:26:29PM -0400, Stephen Smalley wrote:
> > What's the point on doing this for ramfs?  And if you really want this
> > the implementation could be shared with tmpfs easily and put into xattr.c
> 
> For udev.

Last time I checked udev required neither ramfs nor xattrs.

Re: [PATCH][7/7] add xattr support to ramfs

[Greg KH]

On Mon, Aug 23, 2004 at 04:26:29PM -0400, Stephen Smalley wrote:
> On Mon, 2004-08-23 at 16:26, Christoph Hellwig wrote:
> > On Mon, Aug 23, 2004 at 02:22:20PM -0400, James Morris wrote:
> > > This patch adds xattr support to tmpfs, and a security xattr handler.
> > > Original patch from: Chris PeBenito <pebenito@gentoo.org>
> > 
> > What's the point on doing this for ramfs?  And if you really want this
> > the implementation could be shared with tmpfs easily and put into xattr.c
> 
> For udev.

What's wrong with using a tmpfs for udev in such situations that xattrs
are needed?  udev does not require ramfs at all.  In fact, why not just
use a ext2 or ext3 partition for /dev instead today, if you really need
it?

thanks,

greg k-h


> 
> -- 
> Stephen Smalley <sds@epoch.ncsc.mil>
> National Security Agency
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: [PATCH][7/7] add xattr support to ramfs [u]

[Martin Schlemmer [c]]

[-- Attachment #1: Type: text/plain, Size: 977 bytes --]

On Mon, 2004-08-23 at 22:59, Greg KH wrote:
> On Mon, Aug 23, 2004 at 04:26:29PM -0400, Stephen Smalley wrote:
> > On Mon, 2004-08-23 at 16:26, Christoph Hellwig wrote:
> > > On Mon, Aug 23, 2004 at 02:22:20PM -0400, James Morris wrote:
> > > > This patch adds xattr support to tmpfs, and a security xattr handler.
> > > > Original patch from: Chris PeBenito <pebenito@gentoo.org>
> > > 
> > > What's the point on doing this for ramfs?  And if you really want this
> > > the implementation could be shared with tmpfs easily and put into xattr.c
> > 
> > For udev.
> 
> What's wrong with using a tmpfs for udev in such situations that xattrs
> are needed?  udev does not require ramfs at all.  In fact, why not just
> use a ext2 or ext3 partition for /dev instead today, if you really need
> it?
> 

Root-less boxes comes to mind ...  Wont comment on if tmpfs/ramfs
should be used though - that you guys can sort out =)


Thanks,

-- 
Martin Schlemmer

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[Andreas Dilger]

[-- Attachment #1: Type: text/plain, Size: 824 bytes --]

On Aug 23, 2004  20:03 +0100, Christoph Hellwig wrote:
> On Mon, Aug 23, 2004 at 02:16:17PM -0400, James Morris wrote:
> > This patch replaces the dentry parameter with an inode in the LSM
> > inode_{set|get|list}security hooks, in keeping with the ext2/ext3 code.
> > dentries are not needed here.
> 
> Given that the actual methods take a dentry this sounds like a bad design.
> Can;t you just pass down the dentry through all of the ext2 interfaces?
> 
> (And again, mid-term these checks should move to the VFS)

Actually, I recall something about it being desirable to pass the dentry
down instead of just the inode, maybe Andreas G. recalls?

Cheers, Andreas
--
Andreas Dilger
http://sourceforge.net/projects/ext2resize/
http://members.shaw.ca/adilger/             http://members.shaw.ca/golinux/


[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [PATCH][7/7] add xattr support to ramfs

[Valdis.Kletnieks]

[-- Attachment #1: Type: text/plain, Size: 1335 bytes --]

On Mon, 23 Aug 2004 13:59:43 PDT, Greg KH said:

> What's wrong with using a tmpfs for udev in such situations that xattrs
> are needed?  udev does not require ramfs at all.  In fact, why not just
> use a ext2 or ext3 partition for /dev instead today, if you really need
> it?

Somehow, 'mount /dev/some-ext3-partition /dev' strikes me as having an innate
bootstrapping issue :) (Yes, I know there's initial setup magic needed in an
initrd to get a *working* udev up and running on a /dev on tmpfs).

The underlying end goal is to allow a configuration such as "/dev on a
tmpfs and not break with SELinux or other xattr-using system".  This
has several wins:

1) You can mount / with 'nodev' (currently, / is the only partition on this
machine *not* mounted with 'nodev')..

2) /dev loses all the "legacy" entries your particular box doesn't need:
# find /dev -type b -o -type c | wc -l
19200
# find /udev -type b -o -type c | wc -l
211
(On a laptop running Fedora Core)

3) As mentioned, less bootstrapping issues for initrd systems that may need
a /dev in order to get to a partition (LVM/raid/etc)

4) Having udev-on-tmpfs work even under SELinux would be just one more
thing to use against any remaining devfs infidels. ;)

(And yes, the lack of xattr support is the only reason I'm not already using
udev-on-tmpfs for a /dev)....

[-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --]

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[James Morris]

On Mon, 23 Aug 2004, Stephen Smalley wrote:

> On Mon, 2004-08-23 at 15:03, Christoph Hellwig wrote:

> > Given that the actual methods take a dentry this sounds like a bad design.
> > Can;t you just pass down the dentry through all of the ext2 interfaces?
> 
> Changing the methods to take an inode would be even better, IMHO, as the
> dentry is unnecessary.  That would simplify SELinux as well.

This could work for all in-tree filesystems with xattrs, except CIFS,
which passes the dentry to it's own build_path_from_dentry() function.  

(In this case, they probably want to use d_path() and have a vfsmnt added 
to the methods?).


- James
-- 
James Morris
<jmorris@redhat.com>

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[viro]

On Mon, Aug 23, 2004 at 08:54:14PM -0400, James Morris wrote:
> On Mon, 23 Aug 2004, Stephen Smalley wrote:
> 
> > On Mon, 2004-08-23 at 15:03, Christoph Hellwig wrote:
> 
> > > Given that the actual methods take a dentry this sounds like a bad design.
> > > Can;t you just pass down the dentry through all of the ext2 interfaces?
> > 
> > Changing the methods to take an inode would be even better, IMHO, as the
> > dentry is unnecessary.  That would simplify SELinux as well.
> 
> This could work for all in-tree filesystems with xattrs, except CIFS,
> which passes the dentry to it's own build_path_from_dentry() function.  
> 
> (In this case, they probably want to use d_path() and have a vfsmnt added 
> to the methods?).

No.  Think for a second and you'll see why - we are doing an operation that
by definition should not depend on where we have mounted the filesystem in
question.

Re: [PATCH][1/7] xattr consolidation - libfs

[James Morris]

On Mon, 23 Aug 2004, Christoph Hellwig wrote:

> Please don't do it this way.  By making the xattr handlers constant for
> a superblock's lifetime you can get rid of all the locking, and the arbitrary
> limit on the number of xattrs.

Then you can't dynamically regsiter an xattr handler (e.g. as a module).  
Is this really desirable?

> Also s/simple_// for most symbols as this stuff isn't simple, in fact it's
> quite complex :)

Removing the prefix would imply that this was the 'proper' way to
implement xattr support.  Really, these are just helper functions for the 
simplest xattr implementations.  I think they should have some prefix, but 
don't care too much what it actually is.  Suggestions?


- James
-- 
James Morris
<jmorris@redhat.com>

Re: [PATCH][1/7] xattr consolidation - libfs

[Christoph Hellwig]

On Tue, Aug 24, 2004 at 12:32:13AM -0400, James Morris wrote:
> > limit on the number of xattrs.
> 
> Then you can't dynamically regsiter an xattr handler (e.g. as a module).  
> Is this really desirable?

IMHO yes.  This is an integral part of the filesystem, and the handlers are
really small anyway.  And it makes the code really a lot simpler.

> 
> > Also s/simple_// for most symbols as this stuff isn't simple, in fact it's
> > quite complex :)
> 
> Removing the prefix would imply that this was the 'proper' way to
> implement xattr support.  Really, these are just helper functions for the 
> simplest xattr implementations.  I think they should have some prefix, but 
> don't care too much what it actually is.  Suggestions?

I'd call them generic_.  I've done some research and they should work very
well for any xattr implementation in the tree.  As I mentioned in the
previous mail I'd like to get rid of the old inode operations for xattrs
completely in the long-term (I had been researching this before your patch
because I wanted to get rid of the access control checks in the filesystem
that are inherent with theses)

Re: [PATCH][7/7] add xattr support to ramfs

[Stephen Smalley]

On Mon, 2004-08-23 at 16:59, Greg KH wrote:
> On Mon, Aug 23, 2004 at 04:26:29PM -0400, Stephen Smalley wrote:
> > On Mon, 2004-08-23 at 16:26, Christoph Hellwig wrote:
> > > On Mon, Aug 23, 2004 at 02:22:20PM -0400, James Morris wrote:
> > > > This patch adds xattr support to tmpfs, and a security xattr handler.
> > > > Original patch from: Chris PeBenito <pebenito@gentoo.org>
> > > 
> > > What's the point on doing this for ramfs?  And if you really want this
> > > the implementation could be shared with tmpfs easily and put into xattr.c
> > 
> > For udev.
> 
> What's wrong with using a tmpfs for udev in such situations that xattrs
> are needed?  udev does not require ramfs at all.  In fact, why not just
> use a ext2 or ext3 partition for /dev instead today, if you really need
> it?

It makes no difference to me whether we use ramfs or tmpfs (I'd favor
tmpfs myself); just trying to get Fedora rawhide working again with
SELinux, and it happens to be using udev with ramfs for reasons unknown
to me.  Whatever filesystem is used, udev has to be able to set the
security attribute on the device nodes in it, so that SELinux can
properly mediate access.  Using ext2 in the short term would likely
work, but is obviously not ideal long term, and having security
attribute support for tmpfs would be useful for other uses of tmpfs
(with SELinux) as well.  Likewise, if ramfs has any significant usage,
then it would be good if we could have security attribute support for it
so that it can be labeled and access controlled properly.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

Re: [PATCH][2/7] xattr consolidation - LSM hook changes

[Andreas Gruenbacher]

On Tue, 2004-08-24 at 04:52, viro@parcelfarce.linux.theplanet.co.uk
wrote:
> On Mon, Aug 23, 2004 at 08:54:14PM -0400, James Morris wrote:
> > On Mon, 23 Aug 2004, Stephen Smalley wrote:
> > 
> > > On Mon, 2004-08-23 at 15:03, Christoph Hellwig wrote:
> > 
> > > > Given that the actual methods take a dentry this sounds like a bad design.
> > > > Can;t you just pass down the dentry through all of the ext2 interfaces?
> > > 
> > > Changing the methods to take an inode would be even better, IMHO, as the
> > > dentry is unnecessary.  That would simplify SELinux as well.
> > 
> > This could work for all in-tree filesystems with xattrs, except CIFS,
> > which passes the dentry to it's own build_path_from_dentry() function.  
> > 
> > (In this case, they probably want to use d_path() and have a vfsmnt added 
> > to the methods?).
> 
> No.  Think for a second and you'll see why - we are doing an operation that
> by definition should not depend on where we have mounted the filesystem in
> question.

Hm. I seem to recall that Al didn't want to change this within the 2.6
series -- is this still the case? I would favor switching from dentries
to inodes in the xattr iops. Steve, can you live with inodes?

Cheers,
-- 
Andreas Gruenbacher <agruen@suse.de>
SUSE Labs, SUSE LINUX AG

Re: [PATCH][0/7] xattr consolidation and support for ramfs & tmpfs

[Andreas Gruenbacher]

On Mon, 2004-08-23 at 20:14, James Morris wrote:
> This series of patches consolidates some common xattr logic into libfs,
> saving significant code duplication and making it easier for filesystem
> writers to implement xattr support.
> 
> The ext3, ext2 and devpts filesytems are then converted to use the new
> API, and xattr support is added to ramfs and tmpfs.

That's a nice improvement.

Re: [PATCH][1/7] xattr consolidation - libfs

[Andreas Gruenbacher]

On Tue, 2004-08-24 at 12:05, Christoph Hellwig wrote:
> On Tue, Aug 24, 2004 at 12:32:13AM -0400, James Morris wrote:
> > > limit on the number of xattrs.
> > 
> > Then you can't dynamically regsiter an xattr handler (e.g. as a module).  
> > Is this really desirable?
> 
> IMHO yes.  This is an integral part of the filesystem, and the handlers are
> really small anyway.  And it makes the code really a lot simpler.

Dynamically handler registration seemed a good idea to me when I wrote
the original code, but there never was a real-world user for all I know,
so I'm fine with removing the rwlock. (The rest of the code can stay the
same.)

> > > Also s/simple_// for most symbols as this stuff isn't simple, in fact it's
> > > quite complex :)
> > 
> > Removing the prefix would imply that this was the 'proper' way to
> > implement xattr support.  Really, these are just helper functions for the 
> > simplest xattr implementations.  I think they should have some prefix, but 
> > don't care too much what it actually is.  Suggestions?
> 
> I'd call them generic_.  I've done some research and they should work very
> well for any xattr implementation in the tree.

I would just remove the simple_ to get xattr_register, xattr_unregister,
xattr_resolve_name, xattr_handler.

simple_xattr_list makes no sense in the general case, so this seems to
fit.

If we decide to remove dynamic handler registration, simple_xattr_list
should go as well, and the listxattr iops can enumerate all existing
handlers explicitly.

> [...]

Cheers,
-- 
Andreas Gruenbacher <agruen@suse.de>
SUSE Labs, SUSE LINUX AG

Re: [PATCH][1/7] xattr consolidation - libfs

[James Morris]

On Tue, 24 Aug 2004, Andreas Gruenbacher wrote:

> If we decide to remove dynamic handler registration, simple_xattr_list
> should go as well, and the listxattr iops can enumerate all existing
> handlers explicitly.

Ok, I should have an updated patch ready within a day or so.


- James
-- 
James Morris
<jmorris@redhat.com>

Re: [PATCH][7/7] add xattr support to ramfs

[Miles Bader]

Stephen Smalley <sds@epoch.ncsc.mil> writes:
> It makes no difference to me whether we use ramfs or tmpfs (I'd favor
> tmpfs myself)

What's the essential difference between ramfs and tmpfs anyway?

I've gotten the impression that ramfs is simpler and lighter-weight than
tmpfs, but doesn't have some features like resource-limiting.

If that's the case, then for something like /dev -- a small in-core
filesystem that won't have arbitrary user files plunked into it -- ramfs
seems an obvious choice.

Also, tmpfs seems to require an MMU, which not all linux systems have
(though I suppose the lack of an MMU makes many security tweaks a bit
pointless :-).

-Miles
-- 
Occam's razor split hairs so well, I bought the whole argument!

Re: [PATCH][7/7] add xattr support to ramfs

[James Morris]

On Wed, 25 Aug 2004, Miles Bader wrote:

> 
> I've gotten the impression that ramfs is simpler and lighter-weight than
> tmpfs, but doesn't have some features like resource-limiting.

tmpfs can also be swapped.


- James
-- 
James Morris
<jmorris@redhat.com>