Loading...
1/*
2 * fs/kernfs/inode.c - kernfs inode implementation
3 *
4 * Copyright (c) 2001-3 Patrick Mochel
5 * Copyright (c) 2007 SUSE Linux Products GmbH
6 * Copyright (c) 2007, 2013 Tejun Heo <tj@kernel.org>
7 *
8 * This file is released under the GPLv2.
9 */
10
11#include <linux/pagemap.h>
12#include <linux/backing-dev.h>
13#include <linux/capability.h>
14#include <linux/errno.h>
15#include <linux/slab.h>
16#include <linux/xattr.h>
17#include <linux/security.h>
18
19#include "kernfs-internal.h"
20
21static const struct address_space_operations kernfs_aops = {
22 .readpage = simple_readpage,
23 .write_begin = simple_write_begin,
24 .write_end = simple_write_end,
25};
26
27static const struct inode_operations kernfs_iops = {
28 .permission = kernfs_iop_permission,
29 .setattr = kernfs_iop_setattr,
30 .getattr = kernfs_iop_getattr,
31 .listxattr = kernfs_iop_listxattr,
32};
33
34static struct kernfs_iattrs *kernfs_iattrs(struct kernfs_node *kn)
35{
36 static DEFINE_MUTEX(iattr_mutex);
37 struct kernfs_iattrs *ret;
38 struct iattr *iattrs;
39
40 mutex_lock(&iattr_mutex);
41
42 if (kn->iattr)
43 goto out_unlock;
44
45 kn->iattr = kzalloc(sizeof(struct kernfs_iattrs), GFP_KERNEL);
46 if (!kn->iattr)
47 goto out_unlock;
48 iattrs = &kn->iattr->ia_iattr;
49
50 /* assign default attributes */
51 iattrs->ia_mode = kn->mode;
52 iattrs->ia_uid = GLOBAL_ROOT_UID;
53 iattrs->ia_gid = GLOBAL_ROOT_GID;
54
55 ktime_get_real_ts(&iattrs->ia_atime);
56 iattrs->ia_mtime = iattrs->ia_atime;
57 iattrs->ia_ctime = iattrs->ia_atime;
58
59 simple_xattrs_init(&kn->iattr->xattrs);
60out_unlock:
61 ret = kn->iattr;
62 mutex_unlock(&iattr_mutex);
63 return ret;
64}
65
66static int __kernfs_setattr(struct kernfs_node *kn, const struct iattr *iattr)
67{
68 struct kernfs_iattrs *attrs;
69 struct iattr *iattrs;
70 unsigned int ia_valid = iattr->ia_valid;
71
72 attrs = kernfs_iattrs(kn);
73 if (!attrs)
74 return -ENOMEM;
75
76 iattrs = &attrs->ia_iattr;
77
78 if (ia_valid & ATTR_UID)
79 iattrs->ia_uid = iattr->ia_uid;
80 if (ia_valid & ATTR_GID)
81 iattrs->ia_gid = iattr->ia_gid;
82 if (ia_valid & ATTR_ATIME)
83 iattrs->ia_atime = iattr->ia_atime;
84 if (ia_valid & ATTR_MTIME)
85 iattrs->ia_mtime = iattr->ia_mtime;
86 if (ia_valid & ATTR_CTIME)
87 iattrs->ia_ctime = iattr->ia_ctime;
88 if (ia_valid & ATTR_MODE) {
89 umode_t mode = iattr->ia_mode;
90 iattrs->ia_mode = kn->mode = mode;
91 }
92 return 0;
93}
94
95/**
96 * kernfs_setattr - set iattr on a node
97 * @kn: target node
98 * @iattr: iattr to set
99 *
100 * Returns 0 on success, -errno on failure.
101 */
102int kernfs_setattr(struct kernfs_node *kn, const struct iattr *iattr)
103{
104 int ret;
105
106 mutex_lock(&kernfs_mutex);
107 ret = __kernfs_setattr(kn, iattr);
108 mutex_unlock(&kernfs_mutex);
109 return ret;
110}
111
112int kernfs_iop_setattr(struct dentry *dentry, struct iattr *iattr)
113{
114 struct inode *inode = d_inode(dentry);
115 struct kernfs_node *kn = inode->i_private;
116 int error;
117
118 if (!kn)
119 return -EINVAL;
120
121 mutex_lock(&kernfs_mutex);
122 error = setattr_prepare(dentry, iattr);
123 if (error)
124 goto out;
125
126 error = __kernfs_setattr(kn, iattr);
127 if (error)
128 goto out;
129
130 /* this ignores size changes */
131 setattr_copy(inode, iattr);
132
133out:
134 mutex_unlock(&kernfs_mutex);
135 return error;
136}
137
138static int kernfs_node_setsecdata(struct kernfs_iattrs *attrs, void **secdata,
139 u32 *secdata_len)
140{
141 void *old_secdata;
142 size_t old_secdata_len;
143
144 old_secdata = attrs->ia_secdata;
145 old_secdata_len = attrs->ia_secdata_len;
146
147 attrs->ia_secdata = *secdata;
148 attrs->ia_secdata_len = *secdata_len;
149
150 *secdata = old_secdata;
151 *secdata_len = old_secdata_len;
152 return 0;
153}
154
155ssize_t kernfs_iop_listxattr(struct dentry *dentry, char *buf, size_t size)
156{
157 struct kernfs_node *kn = kernfs_dentry_node(dentry);
158 struct kernfs_iattrs *attrs;
159
160 attrs = kernfs_iattrs(kn);
161 if (!attrs)
162 return -ENOMEM;
163
164 return simple_xattr_list(d_inode(dentry), &attrs->xattrs, buf, size);
165}
166
167static inline void set_default_inode_attr(struct inode *inode, umode_t mode)
168{
169 inode->i_mode = mode;
170 inode->i_atime = inode->i_mtime =
171 inode->i_ctime = current_time(inode);
172}
173
174static inline void set_inode_attr(struct inode *inode, struct iattr *iattr)
175{
176 struct super_block *sb = inode->i_sb;
177 inode->i_uid = iattr->ia_uid;
178 inode->i_gid = iattr->ia_gid;
179 inode->i_atime = timespec_trunc(iattr->ia_atime, sb->s_time_gran);
180 inode->i_mtime = timespec_trunc(iattr->ia_mtime, sb->s_time_gran);
181 inode->i_ctime = timespec_trunc(iattr->ia_ctime, sb->s_time_gran);
182}
183
184static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode)
185{
186 struct kernfs_iattrs *attrs = kn->iattr;
187
188 inode->i_mode = kn->mode;
189 if (attrs) {
190 /*
191 * kernfs_node has non-default attributes get them from
192 * persistent copy in kernfs_node.
193 */
194 set_inode_attr(inode, &attrs->ia_iattr);
195 security_inode_notifysecctx(inode, attrs->ia_secdata,
196 attrs->ia_secdata_len);
197 }
198
199 if (kernfs_type(kn) == KERNFS_DIR)
200 set_nlink(inode, kn->dir.subdirs + 2);
201}
202
203int kernfs_iop_getattr(const struct path *path, struct kstat *stat,
204 u32 request_mask, unsigned int query_flags)
205{
206 struct inode *inode = d_inode(path->dentry);
207 struct kernfs_node *kn = inode->i_private;
208
209 mutex_lock(&kernfs_mutex);
210 kernfs_refresh_inode(kn, inode);
211 mutex_unlock(&kernfs_mutex);
212
213 generic_fillattr(inode, stat);
214 return 0;
215}
216
217static void kernfs_init_inode(struct kernfs_node *kn, struct inode *inode)
218{
219 kernfs_get(kn);
220 inode->i_private = kn;
221 inode->i_mapping->a_ops = &kernfs_aops;
222 inode->i_op = &kernfs_iops;
223 inode->i_generation = kn->id.generation;
224
225 set_default_inode_attr(inode, kn->mode);
226 kernfs_refresh_inode(kn, inode);
227
228 /* initialize inode according to type */
229 switch (kernfs_type(kn)) {
230 case KERNFS_DIR:
231 inode->i_op = &kernfs_dir_iops;
232 inode->i_fop = &kernfs_dir_fops;
233 if (kn->flags & KERNFS_EMPTY_DIR)
234 make_empty_dir_inode(inode);
235 break;
236 case KERNFS_FILE:
237 inode->i_size = kn->attr.size;
238 inode->i_fop = &kernfs_file_fops;
239 break;
240 case KERNFS_LINK:
241 inode->i_op = &kernfs_symlink_iops;
242 break;
243 default:
244 BUG();
245 }
246
247 unlock_new_inode(inode);
248}
249
250/**
251 * kernfs_get_inode - get inode for kernfs_node
252 * @sb: super block
253 * @kn: kernfs_node to allocate inode for
254 *
255 * Get inode for @kn. If such inode doesn't exist, a new inode is
256 * allocated and basics are initialized. New inode is returned
257 * locked.
258 *
259 * LOCKING:
260 * Kernel thread context (may sleep).
261 *
262 * RETURNS:
263 * Pointer to allocated inode on success, NULL on failure.
264 */
265struct inode *kernfs_get_inode(struct super_block *sb, struct kernfs_node *kn)
266{
267 struct inode *inode;
268
269 inode = iget_locked(sb, kn->id.ino);
270 if (inode && (inode->i_state & I_NEW))
271 kernfs_init_inode(kn, inode);
272
273 return inode;
274}
275
276/*
277 * The kernfs_node serves as both an inode and a directory entry for
278 * kernfs. To prevent the kernfs inode numbers from being freed
279 * prematurely we take a reference to kernfs_node from the kernfs inode. A
280 * super_operations.evict_inode() implementation is needed to drop that
281 * reference upon inode destruction.
282 */
283void kernfs_evict_inode(struct inode *inode)
284{
285 struct kernfs_node *kn = inode->i_private;
286
287 truncate_inode_pages_final(&inode->i_data);
288 clear_inode(inode);
289 kernfs_put(kn);
290}
291
292int kernfs_iop_permission(struct inode *inode, int mask)
293{
294 struct kernfs_node *kn;
295
296 if (mask & MAY_NOT_BLOCK)
297 return -ECHILD;
298
299 kn = inode->i_private;
300
301 mutex_lock(&kernfs_mutex);
302 kernfs_refresh_inode(kn, inode);
303 mutex_unlock(&kernfs_mutex);
304
305 return generic_permission(inode, mask);
306}
307
308static int kernfs_xattr_get(const struct xattr_handler *handler,
309 struct dentry *unused, struct inode *inode,
310 const char *suffix, void *value, size_t size)
311{
312 const char *name = xattr_full_name(handler, suffix);
313 struct kernfs_node *kn = inode->i_private;
314 struct kernfs_iattrs *attrs;
315
316 attrs = kernfs_iattrs(kn);
317 if (!attrs)
318 return -ENOMEM;
319
320 return simple_xattr_get(&attrs->xattrs, name, value, size);
321}
322
323static int kernfs_xattr_set(const struct xattr_handler *handler,
324 struct dentry *unused, struct inode *inode,
325 const char *suffix, const void *value,
326 size_t size, int flags)
327{
328 const char *name = xattr_full_name(handler, suffix);
329 struct kernfs_node *kn = inode->i_private;
330 struct kernfs_iattrs *attrs;
331
332 attrs = kernfs_iattrs(kn);
333 if (!attrs)
334 return -ENOMEM;
335
336 return simple_xattr_set(&attrs->xattrs, name, value, size, flags);
337}
338
339static const struct xattr_handler kernfs_trusted_xattr_handler = {
340 .prefix = XATTR_TRUSTED_PREFIX,
341 .get = kernfs_xattr_get,
342 .set = kernfs_xattr_set,
343};
344
345static int kernfs_security_xattr_set(const struct xattr_handler *handler,
346 struct dentry *unused, struct inode *inode,
347 const char *suffix, const void *value,
348 size_t size, int flags)
349{
350 struct kernfs_node *kn = inode->i_private;
351 struct kernfs_iattrs *attrs;
352 void *secdata;
353 u32 secdata_len = 0;
354 int error;
355
356 attrs = kernfs_iattrs(kn);
357 if (!attrs)
358 return -ENOMEM;
359
360 error = security_inode_setsecurity(inode, suffix, value, size, flags);
361 if (error)
362 return error;
363 error = security_inode_getsecctx(inode, &secdata, &secdata_len);
364 if (error)
365 return error;
366
367 mutex_lock(&kernfs_mutex);
368 error = kernfs_node_setsecdata(attrs, &secdata, &secdata_len);
369 mutex_unlock(&kernfs_mutex);
370
371 if (secdata)
372 security_release_secctx(secdata, secdata_len);
373 return error;
374}
375
376static const struct xattr_handler kernfs_security_xattr_handler = {
377 .prefix = XATTR_SECURITY_PREFIX,
378 .get = kernfs_xattr_get,
379 .set = kernfs_security_xattr_set,
380};
381
382const struct xattr_handler *kernfs_xattr_handlers[] = {
383 &kernfs_trusted_xattr_handler,
384 &kernfs_security_xattr_handler,
385 NULL
386};
1/*
2 * fs/kernfs/inode.c - kernfs inode implementation
3 *
4 * Copyright (c) 2001-3 Patrick Mochel
5 * Copyright (c) 2007 SUSE Linux Products GmbH
6 * Copyright (c) 2007, 2013 Tejun Heo <tj@kernel.org>
7 *
8 * This file is released under the GPLv2.
9 */
10
11#include <linux/pagemap.h>
12#include <linux/backing-dev.h>
13#include <linux/capability.h>
14#include <linux/errno.h>
15#include <linux/slab.h>
16#include <linux/xattr.h>
17#include <linux/security.h>
18
19#include "kernfs-internal.h"
20
21static const struct address_space_operations kernfs_aops = {
22 .readpage = simple_readpage,
23 .write_begin = simple_write_begin,
24 .write_end = simple_write_end,
25};
26
27static const struct inode_operations kernfs_iops = {
28 .permission = kernfs_iop_permission,
29 .setattr = kernfs_iop_setattr,
30 .getattr = kernfs_iop_getattr,
31 .listxattr = kernfs_iop_listxattr,
32};
33
34static struct kernfs_iattrs *kernfs_iattrs(struct kernfs_node *kn)
35{
36 static DEFINE_MUTEX(iattr_mutex);
37 struct kernfs_iattrs *ret;
38 struct iattr *iattrs;
39
40 mutex_lock(&iattr_mutex);
41
42 if (kn->iattr)
43 goto out_unlock;
44
45 kn->iattr = kzalloc(sizeof(struct kernfs_iattrs), GFP_KERNEL);
46 if (!kn->iattr)
47 goto out_unlock;
48 iattrs = &kn->iattr->ia_iattr;
49
50 /* assign default attributes */
51 iattrs->ia_mode = kn->mode;
52 iattrs->ia_uid = GLOBAL_ROOT_UID;
53 iattrs->ia_gid = GLOBAL_ROOT_GID;
54
55 ktime_get_real_ts(&iattrs->ia_atime);
56 iattrs->ia_mtime = iattrs->ia_atime;
57 iattrs->ia_ctime = iattrs->ia_atime;
58
59 simple_xattrs_init(&kn->iattr->xattrs);
60out_unlock:
61 ret = kn->iattr;
62 mutex_unlock(&iattr_mutex);
63 return ret;
64}
65
66static int __kernfs_setattr(struct kernfs_node *kn, const struct iattr *iattr)
67{
68 struct kernfs_iattrs *attrs;
69 struct iattr *iattrs;
70 unsigned int ia_valid = iattr->ia_valid;
71
72 attrs = kernfs_iattrs(kn);
73 if (!attrs)
74 return -ENOMEM;
75
76 iattrs = &attrs->ia_iattr;
77
78 if (ia_valid & ATTR_UID)
79 iattrs->ia_uid = iattr->ia_uid;
80 if (ia_valid & ATTR_GID)
81 iattrs->ia_gid = iattr->ia_gid;
82 if (ia_valid & ATTR_ATIME)
83 iattrs->ia_atime = iattr->ia_atime;
84 if (ia_valid & ATTR_MTIME)
85 iattrs->ia_mtime = iattr->ia_mtime;
86 if (ia_valid & ATTR_CTIME)
87 iattrs->ia_ctime = iattr->ia_ctime;
88 if (ia_valid & ATTR_MODE) {
89 umode_t mode = iattr->ia_mode;
90 iattrs->ia_mode = kn->mode = mode;
91 }
92 return 0;
93}
94
95/**
96 * kernfs_setattr - set iattr on a node
97 * @kn: target node
98 * @iattr: iattr to set
99 *
100 * Returns 0 on success, -errno on failure.
101 */
102int kernfs_setattr(struct kernfs_node *kn, const struct iattr *iattr)
103{
104 int ret;
105
106 mutex_lock(&kernfs_mutex);
107 ret = __kernfs_setattr(kn, iattr);
108 mutex_unlock(&kernfs_mutex);
109 return ret;
110}
111
112int kernfs_iop_setattr(struct dentry *dentry, struct iattr *iattr)
113{
114 struct inode *inode = d_inode(dentry);
115 struct kernfs_node *kn = dentry->d_fsdata;
116 int error;
117
118 if (!kn)
119 return -EINVAL;
120
121 mutex_lock(&kernfs_mutex);
122 error = setattr_prepare(dentry, iattr);
123 if (error)
124 goto out;
125
126 error = __kernfs_setattr(kn, iattr);
127 if (error)
128 goto out;
129
130 /* this ignores size changes */
131 setattr_copy(inode, iattr);
132
133out:
134 mutex_unlock(&kernfs_mutex);
135 return error;
136}
137
138static int kernfs_node_setsecdata(struct kernfs_iattrs *attrs, void **secdata,
139 u32 *secdata_len)
140{
141 void *old_secdata;
142 size_t old_secdata_len;
143
144 old_secdata = attrs->ia_secdata;
145 old_secdata_len = attrs->ia_secdata_len;
146
147 attrs->ia_secdata = *secdata;
148 attrs->ia_secdata_len = *secdata_len;
149
150 *secdata = old_secdata;
151 *secdata_len = old_secdata_len;
152 return 0;
153}
154
155ssize_t kernfs_iop_listxattr(struct dentry *dentry, char *buf, size_t size)
156{
157 struct kernfs_node *kn = dentry->d_fsdata;
158 struct kernfs_iattrs *attrs;
159
160 attrs = kernfs_iattrs(kn);
161 if (!attrs)
162 return -ENOMEM;
163
164 return simple_xattr_list(d_inode(dentry), &attrs->xattrs, buf, size);
165}
166
167static inline void set_default_inode_attr(struct inode *inode, umode_t mode)
168{
169 inode->i_mode = mode;
170 inode->i_atime = inode->i_mtime =
171 inode->i_ctime = current_time(inode);
172}
173
174static inline void set_inode_attr(struct inode *inode, struct iattr *iattr)
175{
176 struct super_block *sb = inode->i_sb;
177 inode->i_uid = iattr->ia_uid;
178 inode->i_gid = iattr->ia_gid;
179 inode->i_atime = timespec_trunc(iattr->ia_atime, sb->s_time_gran);
180 inode->i_mtime = timespec_trunc(iattr->ia_mtime, sb->s_time_gran);
181 inode->i_ctime = timespec_trunc(iattr->ia_ctime, sb->s_time_gran);
182}
183
184static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode)
185{
186 struct kernfs_iattrs *attrs = kn->iattr;
187
188 inode->i_mode = kn->mode;
189 if (attrs) {
190 /*
191 * kernfs_node has non-default attributes get them from
192 * persistent copy in kernfs_node.
193 */
194 set_inode_attr(inode, &attrs->ia_iattr);
195 security_inode_notifysecctx(inode, attrs->ia_secdata,
196 attrs->ia_secdata_len);
197 }
198
199 if (kernfs_type(kn) == KERNFS_DIR)
200 set_nlink(inode, kn->dir.subdirs + 2);
201}
202
203int kernfs_iop_getattr(struct vfsmount *mnt, struct dentry *dentry,
204 struct kstat *stat)
205{
206 struct kernfs_node *kn = dentry->d_fsdata;
207 struct inode *inode = d_inode(dentry);
208
209 mutex_lock(&kernfs_mutex);
210 kernfs_refresh_inode(kn, inode);
211 mutex_unlock(&kernfs_mutex);
212
213 generic_fillattr(inode, stat);
214 return 0;
215}
216
217static void kernfs_init_inode(struct kernfs_node *kn, struct inode *inode)
218{
219 kernfs_get(kn);
220 inode->i_private = kn;
221 inode->i_mapping->a_ops = &kernfs_aops;
222 inode->i_op = &kernfs_iops;
223
224 set_default_inode_attr(inode, kn->mode);
225 kernfs_refresh_inode(kn, inode);
226
227 /* initialize inode according to type */
228 switch (kernfs_type(kn)) {
229 case KERNFS_DIR:
230 inode->i_op = &kernfs_dir_iops;
231 inode->i_fop = &kernfs_dir_fops;
232 if (kn->flags & KERNFS_EMPTY_DIR)
233 make_empty_dir_inode(inode);
234 break;
235 case KERNFS_FILE:
236 inode->i_size = kn->attr.size;
237 inode->i_fop = &kernfs_file_fops;
238 break;
239 case KERNFS_LINK:
240 inode->i_op = &kernfs_symlink_iops;
241 break;
242 default:
243 BUG();
244 }
245
246 unlock_new_inode(inode);
247}
248
249/**
250 * kernfs_get_inode - get inode for kernfs_node
251 * @sb: super block
252 * @kn: kernfs_node to allocate inode for
253 *
254 * Get inode for @kn. If such inode doesn't exist, a new inode is
255 * allocated and basics are initialized. New inode is returned
256 * locked.
257 *
258 * LOCKING:
259 * Kernel thread context (may sleep).
260 *
261 * RETURNS:
262 * Pointer to allocated inode on success, NULL on failure.
263 */
264struct inode *kernfs_get_inode(struct super_block *sb, struct kernfs_node *kn)
265{
266 struct inode *inode;
267
268 inode = iget_locked(sb, kn->ino);
269 if (inode && (inode->i_state & I_NEW))
270 kernfs_init_inode(kn, inode);
271
272 return inode;
273}
274
275/*
276 * The kernfs_node serves as both an inode and a directory entry for
277 * kernfs. To prevent the kernfs inode numbers from being freed
278 * prematurely we take a reference to kernfs_node from the kernfs inode. A
279 * super_operations.evict_inode() implementation is needed to drop that
280 * reference upon inode destruction.
281 */
282void kernfs_evict_inode(struct inode *inode)
283{
284 struct kernfs_node *kn = inode->i_private;
285
286 truncate_inode_pages_final(&inode->i_data);
287 clear_inode(inode);
288 kernfs_put(kn);
289}
290
291int kernfs_iop_permission(struct inode *inode, int mask)
292{
293 struct kernfs_node *kn;
294
295 if (mask & MAY_NOT_BLOCK)
296 return -ECHILD;
297
298 kn = inode->i_private;
299
300 mutex_lock(&kernfs_mutex);
301 kernfs_refresh_inode(kn, inode);
302 mutex_unlock(&kernfs_mutex);
303
304 return generic_permission(inode, mask);
305}
306
307static int kernfs_xattr_get(const struct xattr_handler *handler,
308 struct dentry *unused, struct inode *inode,
309 const char *suffix, void *value, size_t size)
310{
311 const char *name = xattr_full_name(handler, suffix);
312 struct kernfs_node *kn = inode->i_private;
313 struct kernfs_iattrs *attrs;
314
315 attrs = kernfs_iattrs(kn);
316 if (!attrs)
317 return -ENOMEM;
318
319 return simple_xattr_get(&attrs->xattrs, name, value, size);
320}
321
322static int kernfs_xattr_set(const struct xattr_handler *handler,
323 struct dentry *unused, struct inode *inode,
324 const char *suffix, const void *value,
325 size_t size, int flags)
326{
327 const char *name = xattr_full_name(handler, suffix);
328 struct kernfs_node *kn = inode->i_private;
329 struct kernfs_iattrs *attrs;
330
331 attrs = kernfs_iattrs(kn);
332 if (!attrs)
333 return -ENOMEM;
334
335 return simple_xattr_set(&attrs->xattrs, name, value, size, flags);
336}
337
338static const struct xattr_handler kernfs_trusted_xattr_handler = {
339 .prefix = XATTR_TRUSTED_PREFIX,
340 .get = kernfs_xattr_get,
341 .set = kernfs_xattr_set,
342};
343
344static int kernfs_security_xattr_set(const struct xattr_handler *handler,
345 struct dentry *unused, struct inode *inode,
346 const char *suffix, const void *value,
347 size_t size, int flags)
348{
349 struct kernfs_node *kn = inode->i_private;
350 struct kernfs_iattrs *attrs;
351 void *secdata;
352 u32 secdata_len = 0;
353 int error;
354
355 attrs = kernfs_iattrs(kn);
356 if (!attrs)
357 return -ENOMEM;
358
359 error = security_inode_setsecurity(inode, suffix, value, size, flags);
360 if (error)
361 return error;
362 error = security_inode_getsecctx(inode, &secdata, &secdata_len);
363 if (error)
364 return error;
365
366 mutex_lock(&kernfs_mutex);
367 error = kernfs_node_setsecdata(attrs, &secdata, &secdata_len);
368 mutex_unlock(&kernfs_mutex);
369
370 if (secdata)
371 security_release_secctx(secdata, secdata_len);
372 return error;
373}
374
375static const struct xattr_handler kernfs_security_xattr_handler = {
376 .prefix = XATTR_SECURITY_PREFIX,
377 .get = kernfs_xattr_get,
378 .set = kernfs_security_xattr_set,
379};
380
381const struct xattr_handler *kernfs_xattr_handlers[] = {
382 &kernfs_trusted_xattr_handler,
383 &kernfs_security_xattr_handler,
384 NULL
385};