| Age | Commit message (Collapse) | Author |
|
Add SPDX license identifiers to all Make/Kconfig files which:
- Have no license information of any form
These files fall under the project license, GPL v2 only. The resulting SPDX
license identifier is:
GPL-2.0-only
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
This patch modifies the VFS setxattr, getxattr, and listxattr code to fall
back to the security module for security xattrs if the filesystem does not
support xattrs natively. This allows security modules to export the incore
inode security label information to userspace even if the filesystem does
not provide xattr storage, and eliminates the need to individually patch
various pseudo filesystem types to provide such access. The patch removes
the existing xattr code from devpts and tmpfs as it is then no longer
needed.
The patch restructures the code flow slightly to reduce duplication between
the normal path and the fallback path, but this should only have one
user-visible side effect - a program may get -EACCES rather than
-EOPNOTSUPP if policy denied access but the filesystem didn't support the
operation anyway. Note that the post_setxattr hook call is not needed in
the fallback case, as the inode_setsecurity hook call handles the incore
inode security state update directly. In contrast, we do call fsnotify in
both cases.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
This patch updates the devpts xattr handler code to the generic xattr API,
also adds a GPL notice, author and copyright details.
Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Stephen Smalley <sds@epoch.ncsc.mil>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
|
|
From: "H. Peter Anvin" <hpa@transmeta.com>
Remove the limit of 2048 pty's - allocate them on demand up to the 12:20
dev_t limit: a million.
|
|
Simplify Makefiles in fs/ by utilising the new syntax for composite
objects. The new syntax allowed a couple of ifeq ($(CONFIG_FOO),y)
to be deleted, resulting in more readable Makefiles.
No functional changes introduced.
|
|
From: Stephen Smalley <sds@epoch.ncsc.mil>
This patch against 2.5.69-bk adds an xattr handler for security labels
to devpts and corresponding hooks to the LSM API to support conversion
between xattr values and the security labels stored in the inode
security field by the security module.
This allows userspace to get and set the security labels on devpts
nodes, e.g. so that sshd can set the security label for the pty using
setxattr, just as sshd already sets the ownership using chown.
SELinux uses this support to protect the pty in accordance with the user
process' security label. The changes to the LSM API are general and
should be re-useable by xattr handlers in other pseudo filesystems to
support similar security labeling. The xattr handler for devpts
includes the same generic framework as in ext[23], so handlers for other
kinds of attributes can be added easily in the future.
|
|
Makefiles no longer need to include Rules.make, which is currently an
empty file. This patch removes it from the remaining Makefiles, and
removes the empty Rules.make file.
|
|
* devpts "upcalls" eliminated.
* instead of playing games with revalidation we simply use
ramfs-style tree and kill dentries upon devpts_pty_kill(). That
allows to get rid of a lot of code in fs/devpts/*.c.
* devpts_fs.h cleaned up.
* devpts/root.c and devpts/devpts_i.h removed.
* array of pointers to devpts inodes killed; with ramfs-style tree
it's not needed anymore.
* devpts/inode.c cleaned up.
* devpts_pty_new() used to get mk_kdev() only to convert it to
dev_t (hardly a surprise, since it's mknod() in disguise). Now it gets
dev_t as an argument.
|
|
|
|
|