gfs2: Invalid security labels of inodes when they go invalid

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

When gfs2 releases the glock of an inode, it must invalidate all
information cached for that inode, including the page cache and acls.
Use the new security_inode_invalidate_secctx hook to also invalidate
security labels in that case. These items will be reread from disk
when needed after reacquiring the glock.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Acked-by: Bob Peterson <rpeterso@redhat.com>
Acked-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: cluster-devel@redhat.com
[PM: fixed spelling errors and description line lengths]
Signed-off-by: Paul Moore <pmoore@redhat.com>

authored by

Andreas Gruenbacher and committed by

Paul Moore 10 years ago f39814f6 5d226df4

1 changed file

expand all

gfs2

glops.c

fs/gfs2/glops.c

··· 13 13 #include <linux/gfs2_ondisk.h> 14 14 #include <linux/bio.h> 15 15 #include <linux/posix_acl.h> 16 + #include <linux/security.h> 16 17 17 18 #include "gfs2.h" 18 19 #include "incore.h" ··· 263 262 if (ip) { 264 263 set_bit(GIF_INVALID, &ip->i_flags); 265 264 forget_all_cached_acls(&ip->i_inode); 265 + security_inode_invalidate_secctx(&ip->i_inode); 266 266 gfs2_dir_hash_inval(ip); 267 267 } 268 268 }