[Ocfs2-devel] [PATCH 4/4] ocfs2: add init_security in mknod
Tiger Yang
tiger.yang at oracle.com
Mon Oct 27 01:44:05 PDT 2008
we must set security xattr when creating a new inode.
first, calculate and reserve the meta data and clusters
needed by security xattr, then set it before add_entry.
Signed-off-by: Tiger Yang <tiger.yang at oracle.com>
---
fs/ocfs2/namei.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 60 insertions(+), 7 deletions(-)
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
index dd4ee52..30d6441 100644
--- a/fs/ocfs2/namei.c
+++ b/fs/ocfs2/namei.c
@@ -186,6 +186,28 @@ bail:
return ret;
}
+static void ocfs2_calc_xattr_init(struct inode *dir,
+ int security_len,
+ int *want_clusters,
+ struct ocfs2_alloc_context **xattr_ac)
+{
+ struct ocfs2_super *osb = OCFS2_SB(dir->i_sb);
+
+ /*
+ * reserve one metadata block for xattrs if we couldn't get
+ * xattr inline (blocksize = 512).
+ */
+ if (dir->i_sb->s_blocksize == OCFS2_MIN_BLOCKSIZE)
+ ocfs2_reserve_new_metadata_blocks(osb, 1, xattr_ac);
+
+ /* reserve clusters for xattr value which will be set in B tree*/
+ if (security_len > OCFS2_XATTR_INLINE_SIZE)
+ *want_clusters += ocfs2_clusters_for_bytes(dir->i_sb,
+ security_len);
+
+ return;
+}
+
static inline struct inode *ocfs2_make_init_inode(struct inode *dir, int mode)
{
struct inode *inode;
@@ -215,7 +237,12 @@ static int ocfs2_mknod(struct inode *dir,
struct buffer_head *de_bh = NULL;
struct inode *inode = NULL;
struct ocfs2_alloc_context *inode_ac = NULL;
+ struct ocfs2_alloc_context *xattr_ac = NULL;
struct ocfs2_alloc_context *data_ac = NULL;
+ int want_clusters = 0;
+ size_t security_len = 0;
+ void *security_value = NULL;
+ char *security_name = NULL;
mlog_entry("(0x%p, 0x%p, %d, %lu, '%.*s')\n", dir, dentry, mode,
(unsigned long)dev, dentry->d_name.len,
@@ -272,14 +299,26 @@ static int ocfs2_mknod(struct inode *dir,
goto leave;
}
+ /* get security xattr */
+ status = ocfs2_init_security_get(inode, dir, &security_name,
+ &security_value, &security_len);
+ if (status < 0) {
+ mlog_errno(status);
+ goto leave;
+ }
+
+ /* calculate meta data/clusters for setting security xattr */
+ ocfs2_calc_xattr_init(dir, security_len, &want_clusters, &xattr_ac);
+
/* Reserve a cluster if creating an extent based directory. */
- if (S_ISDIR(mode) && !ocfs2_supports_inline_data(osb)) {
- status = ocfs2_reserve_clusters(osb, 1, &data_ac);
- if (status < 0) {
- if (status != -ENOSPC)
- mlog_errno(status);
- goto leave;
- }
+ if (S_ISDIR(mode) && !ocfs2_supports_inline_data(osb))
+ want_clusters += 1;
+
+ status = ocfs2_reserve_clusters(osb, want_clusters, &data_ac);
+ if (status < 0) {
+ if (status != -ENOSPC)
+ mlog_errno(status);
+ goto leave;
}
handle = ocfs2_start_trans(osb, OCFS2_MKNOD_CREDITS);
@@ -322,6 +361,15 @@ static int ocfs2_mknod(struct inode *dir,
inc_nlink(dir);
}
+ status = ocfs2_init_security_set(handle, inode, new_fe_bh,
+ security_name, security_value,
+ security_len,
+ xattr_ac, data_ac);
+ if (status < 0) {
+ mlog_errno(status);
+ goto leave;
+ }
+
status = ocfs2_add_entry(handle, dentry, inode,
OCFS2_I(inode)->ip_blkno, parent_fe_bh,
de_bh);
@@ -353,6 +401,8 @@ leave:
brelse(new_fe_bh);
brelse(de_bh);
brelse(parent_fe_bh);
+ kfree(security_value);
+ kfree(security_name);
if ((status < 0) && inode)
iput(inode);
@@ -360,6 +410,9 @@ leave:
if (inode_ac)
ocfs2_free_alloc_context(inode_ac);
+ if (xattr_ac)
+ ocfs2_free_alloc_context(xattr_ac);
+
if (data_ac)
ocfs2_free_alloc_context(data_ac);
--
1.5.4.1
More information about the Ocfs2-devel
mailing list