fs/9p: xattr: add trusted and security namespaces
Allow requests for security.* and trusted.* xattr name spaces
to pass through to server.
The new files are 99% cut and paste from fs/9p/xattr_user.c with the
namespaces changed. It has the intended effect in superficial testing.
I do not know much detail about how these namespaces are used, but passing
them through to the server, which can decide whether to handle them or not,
seems reasonable.
I want to support a use case where an ext4 file system is mounted via 9P,
then re-exported via samba to windows clients in a cluster. Windows wants
to store xattrs such as security.NTACL. This works when ext4 directly
backs samba, but not when 9P is inserted. This use case is documented here:
http://code.google.com/p/diod/issues/detail?id=95
Signed-off-by: Jim Garlick <garlick@llnl.gov>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
diff --git a/fs/9p/Kconfig b/fs/9p/Kconfig
index 55abfd6..6489e1f 100644
--- a/fs/9p/Kconfig
+++ b/fs/9p/Kconfig
@@ -31,3 +31,16 @@
If you don't know what Access Control Lists are, say N
endif
+
+
+config 9P_FS_SECURITY
+ bool "9P Security Labels"
+ depends on 9P_FS
+ help
+ Security labels support alternative access control models
+ implemented by security modules like SELinux. This option
+ enables an extended attribute handler for file security
+ labels in the 9P filesystem.
+
+ If you are not using a security module that requires using
+ extended attributes for file security labels, say N.