summaryrefslogtreecommitdiffstats
path: root/fs/namespace.c
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2018-12-02 05:06:57 +0100
committerAl Viro <viro@zeniv.linux.org.uk>2018-12-21 17:45:41 +0100
commitc039bc3c2498724946304a8f964244a9b6af1043 (patch)
treece98ee8e698a28cbaed969460457941e8b34f2e3 /fs/namespace.c
parentLSM: lift parsing LSM options into the caller of ->sb_kern_mount() (diff)
downloadlinux-c039bc3c2498724946304a8f964244a9b6af1043.tar.xz
linux-c039bc3c2498724946304a8f964244a9b6af1043.zip
LSM: lift extracting and parsing LSM options into the caller of ->sb_remount()
This paves the way for retaining the LSM options from a common filesystem mount context during a mount parameter parsing phase to be instituted prior to actual mount/reconfiguration actions. Reviewed-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/namespace.c')
-rw-r--r--fs/namespace.c19
1 files changed, 18 insertions, 1 deletions
diff --git a/fs/namespace.c b/fs/namespace.c
index 08cffdad6665..341793fbd390 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2299,6 +2299,7 @@ static int do_remount(struct path *path, int ms_flags, int sb_flags,
int err;
struct super_block *sb = path->mnt->mnt_sb;
struct mount *mnt = real_mount(path->mnt);
+ struct security_mnt_opts opts;
if (!check_mnt(mnt))
return -EINVAL;
@@ -2309,7 +2310,23 @@ static int do_remount(struct path *path, int ms_flags, int sb_flags,
if (!can_change_locked_flags(mnt, mnt_flags))
return -EPERM;
- err = security_sb_remount(sb, data);
+ security_init_mnt_opts(&opts);
+ if (data && !(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)) {
+ char *secdata = alloc_secdata();
+ if (!secdata)
+ return -ENOMEM;
+ err = security_sb_copy_data(data, secdata);
+ if (err) {
+ free_secdata(secdata);
+ return err;
+ }
+ err = security_sb_parse_opts_str(secdata, &opts);
+ free_secdata(secdata);
+ if (err)
+ return err;
+ }
+ err = security_sb_remount(sb, &opts);
+ security_free_mnt_opts(&opts);
if (err)
return err;