diff options
author | Eric Paris <eparis@redhat.com> | 2013-08-28 19:32:42 +0200 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2013-08-28 20:45:21 +0200 |
commit | 0b4bdb3573a86a88c829b9e4ad702859eb923e7e (patch) | |
tree | 17494a87030cbb6678c1cb8c904f93ce79ce4b47 /security/selinux | |
parent | selinux: consider filesystem subtype in policies (diff) | |
download | linux-0b4bdb3573a86a88c829b9e4ad702859eb923e7e.tar.xz linux-0b4bdb3573a86a88c829b9e4ad702859eb923e7e.zip |
Revert "SELinux: do not handle seclabel as a special flag"
This reverts commit 308ab70c465d97cf7e3168961dfd365535de21a6.
It breaks my FC6 test box. /dev/pts is not mounted. dmesg says
SELinux: mount invalid. Same superblock, different security settings
for (dev devpts, type devpts)
Cc: Peter Hurley <peter@hurleysoftware.com>
Cc: Greg KH <greg@kroah.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 3 | ||||
-rw-r--r-- | security/selinux/include/security.h | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 0d4408debb45..c156f5eb1aea 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -504,6 +504,9 @@ static int selinux_get_mnt_opts(const struct super_block *sb, opts->num_mnt_opts++; tmp >>= 1; } + /* Check if the Label support flag is set */ + if (sbsec->flags & SBLABEL_MNT) + opts->num_mnt_opts++; opts->mnt_opts = kcalloc(opts->num_mnt_opts, sizeof(char *), GFP_ATOMIC); if (!opts->mnt_opts) { diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 004a2479880f..7aad3a1389d1 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h @@ -43,7 +43,7 @@ #endif /* Mask for just the mount related flags */ -#define SE_MNTMASK 0x1f +#define SE_MNTMASK 0x0f /* Super block security struct flags for mount options */ /* BE CAREFUL, these need to be the low order bits for selinux_get_mnt_opts */ #define CONTEXT_MNT 0x01 |