summaryrefslogtreecommitdiffstats
path: root/xlators/mount
diff options
context:
space:
mode:
Diffstat (limited to 'xlators/mount')
-rw-r--r--xlators/mount/fuse/src/fuse-bridge.c36
-rw-r--r--xlators/mount/fuse/src/fuse-bridge.h1
-rw-r--r--xlators/mount/fuse/src/fuse-helpers.c26
3 files changed, 37 insertions, 26 deletions
diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c
index d34e85fb2fd..c6c38f3145b 100644
--- a/xlators/mount/fuse/src/fuse-bridge.c
+++ b/xlators/mount/fuse/src/fuse-bridge.c
@@ -3236,20 +3236,11 @@ fuse_setxattr (xlator_t *this, fuse_in_header_t *finh, void *msg)
}
}
- if (!priv->selinux) {
- if (strcmp (name, "security.selinux") == 0) {
- send_fuse_err (this, finh, EOPNOTSUPP);
- GF_FREE (finh);
- return;
- }
- }
-
- if ((!priv->capability) && (!priv->selinux)) {
- if (strcmp (name, "security.capability") == 0) {
- send_fuse_err (this, finh, EOPNOTSUPP);
- GF_FREE (finh);
- return;
- }
+ ret = fuse_check_selinux_cap_xattr (priv, name);
+ if (ret) {
+ send_fuse_err (this, finh, EOPNOTSUPP);
+ GF_FREE (finh);
+ return;
}
/* Check if the command is for changing the log
@@ -3543,6 +3534,7 @@ fuse_getxattr (xlator_t *this, fuse_in_header_t *finh, void *msg)
int rv = 0;
int op_errno = EINVAL;
char *newkey = NULL;
+ int ret = 0;
priv = this->private;
GET_STATE (this, finh, state);
@@ -3574,18 +3566,10 @@ fuse_getxattr (xlator_t *this, fuse_in_header_t *finh, void *msg)
}
}
- if (!priv->selinux) {
- if (strcmp (name, "security.selinux") == 0) {
- op_errno = ENODATA;
- goto err;
- }
- }
-
- if ((!priv->capability) && (!priv->selinux)) {
- if (strcmp (name, "security.capability") == 0) {
- op_errno = ENODATA;
- goto err;
- }
+ ret = fuse_check_selinux_cap_xattr (priv, name);
+ if (ret) {
+ op_errno = ENODATA;
+ goto err;
}
fuse_resolve_inode_init (state, &state->resolve, finh->nodeid);
diff --git a/xlators/mount/fuse/src/fuse-bridge.h b/xlators/mount/fuse/src/fuse-bridge.h
index 4f031d03581..40bd17ba6e6 100644
--- a/xlators/mount/fuse/src/fuse-bridge.h
+++ b/xlators/mount/fuse/src/fuse-bridge.h
@@ -424,4 +424,5 @@ int fuse_resolve_fd_init (fuse_state_t *state, fuse_resolve_t *resolve,
int fuse_ignore_xattr_set (fuse_private_t *priv, char *key);
void fuse_fop_resume (fuse_state_t *state);
int dump_history_fuse (circular_buffer_t *cb, void *data);
+int fuse_check_selinux_cap_xattr (fuse_private_t *priv, char *name);
#endif /* _GF_FUSE_BRIDGE_H_ */
diff --git a/xlators/mount/fuse/src/fuse-helpers.c b/xlators/mount/fuse/src/fuse-helpers.c
index 0f8abf03d32..3ccd46efaeb 100644
--- a/xlators/mount/fuse/src/fuse-helpers.c
+++ b/xlators/mount/fuse/src/fuse-helpers.c
@@ -652,3 +652,29 @@ fuse_ignore_xattr_set (fuse_private_t *priv, char *key)
return ret;
}
+
+int
+fuse_check_selinux_cap_xattr (fuse_private_t *priv, char *name)
+{
+ int ret = -1;
+
+ if (strcmp (name, "security.selinux") &&
+ strcmp (name, "security.capability")) {
+ /* if xattr name is not of interest, no validations needed */
+ ret = 0;
+ goto out;
+ }
+
+ if ((strcmp (name, "security.selinux") == 0) &&
+ (priv->selinux)) {
+ ret = 0;
+ }
+
+ if ((strcmp (name, "security.capability") == 0) &&
+ ((priv->capability) || (priv->selinux))) {
+ ret = 0;
+ }
+
+out:
+ return ret;
+}