diff options
Diffstat (limited to 'xlators/mount')
-rw-r--r-- | xlators/mount/fuse/src/fuse-bridge.c | 36 | ||||
-rw-r--r-- | xlators/mount/fuse/src/fuse-bridge.h | 1 | ||||
-rw-r--r-- | xlators/mount/fuse/src/fuse-helpers.c | 26 |
3 files changed, 37 insertions, 26 deletions
diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c index d34e85fb2fd..c6c38f3145b 100644 --- a/xlators/mount/fuse/src/fuse-bridge.c +++ b/xlators/mount/fuse/src/fuse-bridge.c @@ -3236,20 +3236,11 @@ fuse_setxattr (xlator_t *this, fuse_in_header_t *finh, void *msg) } } - if (!priv->selinux) { - if (strcmp (name, "security.selinux") == 0) { - send_fuse_err (this, finh, EOPNOTSUPP); - GF_FREE (finh); - return; - } - } - - if ((!priv->capability) && (!priv->selinux)) { - if (strcmp (name, "security.capability") == 0) { - send_fuse_err (this, finh, EOPNOTSUPP); - GF_FREE (finh); - return; - } + ret = fuse_check_selinux_cap_xattr (priv, name); + if (ret) { + send_fuse_err (this, finh, EOPNOTSUPP); + GF_FREE (finh); + return; } /* Check if the command is for changing the log @@ -3543,6 +3534,7 @@ fuse_getxattr (xlator_t *this, fuse_in_header_t *finh, void *msg) int rv = 0; int op_errno = EINVAL; char *newkey = NULL; + int ret = 0; priv = this->private; GET_STATE (this, finh, state); @@ -3574,18 +3566,10 @@ fuse_getxattr (xlator_t *this, fuse_in_header_t *finh, void *msg) } } - if (!priv->selinux) { - if (strcmp (name, "security.selinux") == 0) { - op_errno = ENODATA; - goto err; - } - } - - if ((!priv->capability) && (!priv->selinux)) { - if (strcmp (name, "security.capability") == 0) { - op_errno = ENODATA; - goto err; - } + ret = fuse_check_selinux_cap_xattr (priv, name); + if (ret) { + op_errno = ENODATA; + goto err; } fuse_resolve_inode_init (state, &state->resolve, finh->nodeid); diff --git a/xlators/mount/fuse/src/fuse-bridge.h b/xlators/mount/fuse/src/fuse-bridge.h index 4f031d03581..40bd17ba6e6 100644 --- a/xlators/mount/fuse/src/fuse-bridge.h +++ b/xlators/mount/fuse/src/fuse-bridge.h @@ -424,4 +424,5 @@ int fuse_resolve_fd_init (fuse_state_t *state, fuse_resolve_t *resolve, int fuse_ignore_xattr_set (fuse_private_t *priv, char *key); void fuse_fop_resume (fuse_state_t *state); int dump_history_fuse (circular_buffer_t *cb, void *data); +int fuse_check_selinux_cap_xattr (fuse_private_t *priv, char *name); #endif /* _GF_FUSE_BRIDGE_H_ */ diff --git a/xlators/mount/fuse/src/fuse-helpers.c b/xlators/mount/fuse/src/fuse-helpers.c index 0f8abf03d32..3ccd46efaeb 100644 --- a/xlators/mount/fuse/src/fuse-helpers.c +++ b/xlators/mount/fuse/src/fuse-helpers.c @@ -652,3 +652,29 @@ fuse_ignore_xattr_set (fuse_private_t *priv, char *key) return ret; } + +int +fuse_check_selinux_cap_xattr (fuse_private_t *priv, char *name) +{ + int ret = -1; + + if (strcmp (name, "security.selinux") && + strcmp (name, "security.capability")) { + /* if xattr name is not of interest, no validations needed */ + ret = 0; + goto out; + } + + if ((strcmp (name, "security.selinux") == 0) && + (priv->selinux)) { + ret = 0; + } + + if ((strcmp (name, "security.capability") == 0) && + ((priv->capability) || (priv->selinux))) { + ret = 0; + } + +out: + return ret; +} |