1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## 01_vserver_apparmor.dpatch by Julian Andres Klode <jak@jak-linux.org>
4
## DP: Patch aufs to work with vserver and apparmor (Ubuntu) kernels
7
diff -urNad aufs-0+20080129~/fs/aufs/misc.c aufs-0+20080129/fs/aufs/misc.c
8
--- aufs-0+20080129~/fs/aufs/misc.c 2008-01-29 16:43:38.000000000 +0100
9
+++ aufs-0+20080129/fs/aufs/misc.c 2008-01-29 18:41:03.000000000 +0100
11
} while (err == -EAGAIN || err == -EINTR);
13
ia->ia_size = dst->f_pos;
14
+ #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,24) && defined(CONFIG_SECURITY_APPARMOR)
15
+ ia->ia_valid = ATTR_SIZE;
17
ia->ia_valid = ATTR_SIZE | ATTR_FILE;
20
vfsub_i_lock_nested(h_i, AuLsc_I_CHILD2);
21
err = vfsub_notify_change(h_d, ia, &vargs);
23
diff -urNad aufs-0+20080129~/fs/aufs/vfsub.c aufs-0+20080129/fs/aufs/vfsub.c
24
--- aufs-0+20080129~/fs/aufs/vfsub.c 2008-01-29 16:43:38.000000000 +0100
25
+++ aufs-0+20080129/fs/aufs/vfsub.c 2008-01-29 18:41:03.000000000 +0100
26
@@ -1075,7 +1075,11 @@
27
if (!IS_IMMUTABLE(h_inode) && !IS_APPEND(h_inode)) {
28
vfsub_ignore(a->vargs);
30
+ #ifdef CONFIG_SECURITY_APPARMOR
31
+ *a->errp = notify_change(a->h_dentry, NULL, a->ia);
33
*a->errp = notify_change(a->h_dentry, a->ia);
37
au_update_fuse_h_inode(NULL, a->h_dentry); /*ignore*/
38
diff -urNad aufs-0+20080129~/fs/aufs/vfsub.h aufs-0+20080129/fs/aufs/vfsub.h
39
--- aufs-0+20080129~/fs/aufs/vfsub.h 2008-01-29 16:43:38.000000000 +0100
40
+++ aufs-0+20080129/fs/aufs/vfsub.h 2008-01-29 18:41:03.000000000 +0100
42
dir->i_ino, AuDLNPair(dentry), symname, mode);
45
+#ifdef CONFIG_VSERVER
46
+ err = vfs_symlink(dir, dentry, symname, mode, NULL);
47
+#elif defined(CONFIG_SECURITY_APPARMOR)
48
+ err = vfs_symlink(dir, dentry, NULL, symname, mode);
50
err = vfs_symlink(dir, dentry, symname, mode);
53
/* dir inode is locked */
54
au_update_fuse_h_inode(NULL, dentry->d_parent); /*ignore*/
56
LKTRTrace("i%lu, %.*s, 0x%x\n", dir->i_ino, AuDLNPair(dentry), mode);
59
+#ifdef CONFIG_VSERVER
60
+ err = vfs_mknod(dir, dentry, mode, dev, NULL);
61
+#elif defined(CONFIG_SECURITY_APPARMOR)
62
+ err = vfs_mknod(dir, dentry, NULL, mode, dev);
64
err = vfs_mknod(dir, dentry, mode, dev);
67
/* dir inode is locked */
68
au_update_fuse_h_inode(NULL, dentry->d_parent); /*ignore*/
73
+#ifdef CONFIG_VSERVER
74
+ err = vfs_link(src_dentry, dir, dentry, NULL);
75
+#elif defined(CONFIG_SECURITY_APPARMOR)
76
+ err = vfs_link(src_dentry, NULL, dir, dentry, NULL);
78
err = vfs_link(src_dentry, dir, dentry);
82
LKTRTrace("src_i %p, dst_i %p\n",
87
+ #ifdef CONFIG_SECURITY_APPARMOR
88
+ err = vfs_rename(src_dir, src_dentry, NULL, dir, dentry, NULL);
90
err = vfs_rename(src_dir, src_dentry, dir, dentry);
94
/* dir inode is locked */
96
LKTRTrace("i%lu, %.*s, 0x%x\n", dir->i_ino, AuDLNPair(dentry), mode);
99
+#ifdef CONFIG_VSERVER
100
+ err = vfs_mkdir(dir, dentry, mode, NULL);
101
+#elif defined(CONFIG_SECURITY_APPARMOR)
102
+ err = vfs_mkdir(dir, dentry, NULL, mode);
104
err = vfs_mkdir(dir, dentry, mode);
107
/* dir inode is locked */
108
au_update_fuse_h_inode(NULL, dentry->d_parent); /*ignore*/
113
+#if defined(CONFIG_VSERVER) || defined(CONFIG_SECURITY_APPARMOR)
114
+ err = vfs_rmdir(dir, dentry, NULL);
116
err = vfs_rmdir(dir, dentry);
119
/* dir inode is locked */
123
/* vfs_unlink() locks inode */
125
+#if defined(CONFIG_VSERVER) || defined(CONFIG_SECURITY_APPARMOR)
126
+ err = vfs_unlink(dir, dentry, NULL);
128
err = vfs_unlink(dir, dentry);
131
/* dir inode is locked */