summaryrefslogtreecommitdiffstats
path: root/configure
diff options
context:
space:
mode:
authorBrian Behlendorf <[email protected]>2012-01-12 13:59:44 -0800
committerBrian Behlendorf <[email protected]>2012-01-12 15:06:39 -0800
commit166dd49de0272e6f179e5fd6a41eebb4880a1154 (patch)
tree6edeade75ae3a8613b4cdfd2fef9b358041638d2 /configure
parent2932b6a8004df8417036894d7d2e7e151cc95434 (diff)
Linux 3.2 compat, security_inode_init_security()
The security_inode_init_security() API has been changed to include a filesystem specific callback to write security extended attributes. This was done to support the initialization of multiple LSM xattrs and the EVM xattr. This change updates the code to use the new API when it's available. Otherwise it falls back to the previous implementation. In addition, the ZFS_AC_KERNEL_6ARGS_SECURITY_INODE_INIT_SECURITY autoconf test has been made more rigerous by passing the expected types. This is done to ensure we always properly the detect the correct form for the security_inode_init_security() API. Signed-off-by: Brian Behlendorf <[email protected]> Closes #516
Diffstat (limited to 'configure')
-rwxr-xr-xconfigure164
1 files changed, 162 insertions, 2 deletions
diff --git a/configure b/configure
index f30b1ffcb..510673810 100755
--- a/configure
+++ b/configure
@@ -15144,7 +15144,14 @@ int
main (void)
{
- security_inode_init_security(NULL,NULL,NULL,NULL,NULL,NULL);
+ struct inode *ip __attribute__ ((unused)) = NULL;
+ struct inode *dip __attribute__ ((unused)) = NULL;
+ const struct qstr *str __attribute__ ((unused)) = NULL;
+ char *name __attribute__ ((unused)) = NULL;
+ void *value __attribute__ ((unused)) = NULL;
+ size_t len __attribute__ ((unused)) = 0;
+
+ security_inode_init_security(ip, dip, str, &name, &value, &len);
;
return 0;
@@ -15192,6 +15199,79 @@ fi
EXTRA_KCFLAGS="$tmp_flags"
+ { $as_echo "$as_me:$LINENO: checking whether security_inode_init_security wants callback" >&5
+$as_echo_n "checking whether security_inode_init_security wants callback... " >&6; }
+ tmp_flags="$EXTRA_KCFLAGS"
+ EXTRA_KCFLAGS="-Werror"
+
+
+cat confdefs.h - <<_ACEOF >conftest.c
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+
+ #include <linux/security.h>
+
+int
+main (void)
+{
+
+ struct inode *ip __attribute__ ((unused)) = NULL;
+ struct inode *dip __attribute__ ((unused)) = NULL;
+ const struct qstr *str __attribute__ ((unused)) = NULL;
+ initxattrs func __attribute__ ((unused)) = NULL;
+
+ security_inode_init_security(ip, dip, str, func, NULL);
+
+ ;
+ return 0;
+}
+
+_ACEOF
+
+
+ rm -Rf build && mkdir -p build
+ echo "obj-m := conftest.o" >build/Makefile
+ if { ac_try='cp conftest.c build && make modules -C $LINUX_OBJ EXTRA_CFLAGS="-Werror-implicit-function-declaration $EXTRA_KCFLAGS" $ARCH_UM M=$PWD/build'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } >/dev/null && { ac_try='test -s build/conftest.o'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+
+ { $as_echo "$as_me:$LINENO: result: yes" >&5
+$as_echo "yes" >&6; }
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY 1
+_ACEOF
+
+
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ { $as_echo "$as_me:$LINENO: result: no" >&5
+$as_echo "no" >&6; }
+
+
+
+fi
+
+ rm -Rf build
+
+
+ EXTRA_KCFLAGS="$tmp_flags"
+
+
{ $as_echo "$as_me:$LINENO: checking whether symbol mount_nodev is exported" >&5
$as_echo_n "checking whether symbol mount_nodev is exported... " >&6; }
grep -q -E '[[:space:]]mount_nodev[[:space:]]' \
@@ -20191,7 +20271,14 @@ int
main (void)
{
- security_inode_init_security(NULL,NULL,NULL,NULL,NULL,NULL);
+ struct inode *ip __attribute__ ((unused)) = NULL;
+ struct inode *dip __attribute__ ((unused)) = NULL;
+ const struct qstr *str __attribute__ ((unused)) = NULL;
+ char *name __attribute__ ((unused)) = NULL;
+ void *value __attribute__ ((unused)) = NULL;
+ size_t len __attribute__ ((unused)) = 0;
+
+ security_inode_init_security(ip, dip, str, &name, &value, &len);
;
return 0;
@@ -20239,6 +20326,79 @@ fi
EXTRA_KCFLAGS="$tmp_flags"
+ { $as_echo "$as_me:$LINENO: checking whether security_inode_init_security wants callback" >&5
+$as_echo_n "checking whether security_inode_init_security wants callback... " >&6; }
+ tmp_flags="$EXTRA_KCFLAGS"
+ EXTRA_KCFLAGS="-Werror"
+
+
+cat confdefs.h - <<_ACEOF >conftest.c
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+
+ #include <linux/security.h>
+
+int
+main (void)
+{
+
+ struct inode *ip __attribute__ ((unused)) = NULL;
+ struct inode *dip __attribute__ ((unused)) = NULL;
+ const struct qstr *str __attribute__ ((unused)) = NULL;
+ initxattrs func __attribute__ ((unused)) = NULL;
+
+ security_inode_init_security(ip, dip, str, func, NULL);
+
+ ;
+ return 0;
+}
+
+_ACEOF
+
+
+ rm -Rf build && mkdir -p build
+ echo "obj-m := conftest.o" >build/Makefile
+ if { ac_try='cp conftest.c build && make modules -C $LINUX_OBJ EXTRA_CFLAGS="-Werror-implicit-function-declaration $EXTRA_KCFLAGS" $ARCH_UM M=$PWD/build'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } >/dev/null && { ac_try='test -s build/conftest.o'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+
+ { $as_echo "$as_me:$LINENO: result: yes" >&5
+$as_echo "yes" >&6; }
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY 1
+_ACEOF
+
+
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ { $as_echo "$as_me:$LINENO: result: no" >&5
+$as_echo "no" >&6; }
+
+
+
+fi
+
+ rm -Rf build
+
+
+ EXTRA_KCFLAGS="$tmp_flags"
+
+
{ $as_echo "$as_me:$LINENO: checking whether symbol mount_nodev is exported" >&5
$as_echo_n "checking whether symbol mount_nodev is exported... " >&6; }
grep -q -E '[[:space:]]mount_nodev[[:space:]]' \