diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2018-11-11 05:46:07 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2018-12-20 17:32:56 +0100 |
commit | 17f3b556a3e3c9227549c3e7762c5c27a48e5c59 (patch) | |
tree | ad59aa53e1b9aa1113b6d85c913a0a1e82d202ae /security/selinux | |
parent | vfs: Separate changing mount flags full remount (diff) | |
download | linux-17f3b556a3e3c9227549c3e7762c5c27a48e5c59.tar.xz linux-17f3b556a3e3c9227549c3e7762c5c27a48e5c59.zip |
selinux: expand superblock_doinit() calls
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Reviewed-by: David Howells <dhowells@redhat.com>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 54 |
1 files changed, 24 insertions, 30 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f695438d985c..4bd6f9435e2f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -1202,33 +1202,6 @@ out_err: kfree(rootcontext); return rc; } -/* - * string mount options parsing and call set the sbsec - */ -static int superblock_doinit(struct super_block *sb, void *data) -{ - int rc = 0; - char *options = data; - struct security_mnt_opts opts; - - security_init_mnt_opts(&opts); - - if (!data) - goto out; - - BUG_ON(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA); - - rc = selinux_parse_opts_str(options, &opts); - if (rc) - goto out_err; - -out: - rc = selinux_set_mnt_opts(sb, &opts, 0, NULL); - -out_err: - security_free_mnt_opts(&opts); - return rc; -} static void selinux_write_opts(struct seq_file *m, struct security_mnt_opts *opts) @@ -2926,11 +2899,28 @@ out_bad_option: static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) { + char *options = data; const struct cred *cred = current_cred(); struct common_audit_data ad; - int rc; + int rc = 0; + struct security_mnt_opts opts; + + security_init_mnt_opts(&opts); + + if (!data) + goto out; + + BUG_ON(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA); + + rc = selinux_parse_opts_str(options, &opts); + if (rc) + goto out_err; + +out: + rc = selinux_set_mnt_opts(sb, &opts, 0, NULL); - rc = superblock_doinit(sb, data); +out_err: + security_free_mnt_opts(&opts); if (rc) return rc; @@ -7194,7 +7184,11 @@ static __init int selinux_init(void) static void delayed_superblock_init(struct super_block *sb, void *unused) { - superblock_doinit(sb, NULL); + struct security_mnt_opts opts; + + security_init_mnt_opts(&opts); + selinux_set_mnt_opts(sb, &opts, 0, NULL); + security_free_mnt_opts(&opts); } void selinux_complete_init(void) |