summaryrefslogtreecommitdiffstats
path: root/config/kernel-security-inode-init.m4
diff options
context:
space:
mode:
Diffstat (limited to 'config/kernel-security-inode-init.m4')
-rw-r--r--config/kernel-security-inode-init.m439
1 files changed, 38 insertions, 1 deletions
diff --git a/config/kernel-security-inode-init.m4 b/config/kernel-security-inode-init.m4
index a26de9fd6..c21588af7 100644
--- a/config/kernel-security-inode-init.m4
+++ b/config/kernel-security-inode-init.m4
@@ -12,7 +12,14 @@ AC_DEFUN([ZFS_AC_KERNEL_6ARGS_SECURITY_INODE_INIT_SECURITY], [
ZFS_LINUX_TRY_COMPILE([
#include <linux/security.h>
],[
- security_inode_init_security(NULL,NULL,NULL,NULL,NULL,NULL);
+ struct inode *ip __attribute__ ((unused)) = NULL;
+ struct inode *dip __attribute__ ((unused)) = NULL;
+ const struct qstr *str __attribute__ ((unused)) = NULL;
+ char *name __attribute__ ((unused)) = NULL;
+ void *value __attribute__ ((unused)) = NULL;
+ size_t len __attribute__ ((unused)) = 0;
+
+ security_inode_init_security(ip, dip, str, &name, &value, &len);
],[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_6ARGS_SECURITY_INODE_INIT_SECURITY, 1,
@@ -22,3 +29,33 @@ AC_DEFUN([ZFS_AC_KERNEL_6ARGS_SECURITY_INODE_INIT_SECURITY], [
])
EXTRA_KCFLAGS="$tmp_flags"
])
+
+dnl #
+dnl # 3.2 API change
+dnl # The security_inode_init_security() API has been changed to include
+dnl # a filesystem specific callback to write security extended attributes.
+dnl # This was done to support the initialization of multiple LSM xattrs
+dnl # and the EVM xattr.
+dnl #
+AC_DEFUN([ZFS_AC_KERNEL_CALLBACK_SECURITY_INODE_INIT_SECURITY], [
+ AC_MSG_CHECKING([whether security_inode_init_security wants callback])
+ tmp_flags="$EXTRA_KCFLAGS"
+ EXTRA_KCFLAGS="-Werror"
+ ZFS_LINUX_TRY_COMPILE([
+ #include <linux/security.h>
+ ],[
+ struct inode *ip __attribute__ ((unused)) = NULL;
+ struct inode *dip __attribute__ ((unused)) = NULL;
+ const struct qstr *str __attribute__ ((unused)) = NULL;
+ initxattrs func __attribute__ ((unused)) = NULL;
+
+ security_inode_init_security(ip, dip, str, func, NULL);
+ ],[
+ AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE_CALLBACK_SECURITY_INODE_INIT_SECURITY, 1,
+ [security_inode_init_security wants callback])
+ ],[
+ AC_MSG_RESULT(no)
+ ])
+ EXTRA_KCFLAGS="$tmp_flags"
+])