diff options
| -rw-r--r-- | security/selinux/hooks.c | 54 |
1 files changed, 24 insertions, 30 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index f695438d985c..4bd6f9435e2f 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -1202,33 +1202,6 @@ out_err: | |||
| 1202 | kfree(rootcontext); | 1202 | kfree(rootcontext); |
| 1203 | return rc; | 1203 | return rc; |
| 1204 | } | 1204 | } |
| 1205 | /* | ||
| 1206 | * string mount options parsing and call set the sbsec | ||
| 1207 | */ | ||
| 1208 | static int superblock_doinit(struct super_block *sb, void *data) | ||
| 1209 | { | ||
| 1210 | int rc = 0; | ||
| 1211 | char *options = data; | ||
| 1212 | struct security_mnt_opts opts; | ||
| 1213 | |||
| 1214 | security_init_mnt_opts(&opts); | ||
| 1215 | |||
| 1216 | if (!data) | ||
| 1217 | goto out; | ||
| 1218 | |||
| 1219 | BUG_ON(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA); | ||
| 1220 | |||
| 1221 | rc = selinux_parse_opts_str(options, &opts); | ||
| 1222 | if (rc) | ||
| 1223 | goto out_err; | ||
| 1224 | |||
| 1225 | out: | ||
| 1226 | rc = selinux_set_mnt_opts(sb, &opts, 0, NULL); | ||
| 1227 | |||
| 1228 | out_err: | ||
| 1229 | security_free_mnt_opts(&opts); | ||
| 1230 | return rc; | ||
| 1231 | } | ||
| 1232 | 1205 | ||
| 1233 | static void selinux_write_opts(struct seq_file *m, | 1206 | static void selinux_write_opts(struct seq_file *m, |
| 1234 | struct security_mnt_opts *opts) | 1207 | struct security_mnt_opts *opts) |
| @@ -2926,11 +2899,28 @@ out_bad_option: | |||
| 2926 | 2899 | ||
| 2927 | static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) | 2900 | static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) |
| 2928 | { | 2901 | { |
| 2902 | char *options = data; | ||
| 2929 | const struct cred *cred = current_cred(); | 2903 | const struct cred *cred = current_cred(); |
| 2930 | struct common_audit_data ad; | 2904 | struct common_audit_data ad; |
| 2931 | int rc; | 2905 | int rc = 0; |
| 2906 | struct security_mnt_opts opts; | ||
| 2907 | |||
| 2908 | security_init_mnt_opts(&opts); | ||
| 2909 | |||
| 2910 | if (!data) | ||
| 2911 | goto out; | ||
| 2912 | |||
| 2913 | BUG_ON(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA); | ||
| 2914 | |||
| 2915 | rc = selinux_parse_opts_str(options, &opts); | ||
| 2916 | if (rc) | ||
| 2917 | goto out_err; | ||
| 2918 | |||
| 2919 | out: | ||
| 2920 | rc = selinux_set_mnt_opts(sb, &opts, 0, NULL); | ||
| 2932 | 2921 | ||
| 2933 | rc = superblock_doinit(sb, data); | 2922 | out_err: |
| 2923 | security_free_mnt_opts(&opts); | ||
| 2934 | if (rc) | 2924 | if (rc) |
| 2935 | return rc; | 2925 | return rc; |
| 2936 | 2926 | ||
| @@ -7194,7 +7184,11 @@ static __init int selinux_init(void) | |||
| 7194 | 7184 | ||
| 7195 | static void delayed_superblock_init(struct super_block *sb, void *unused) | 7185 | static void delayed_superblock_init(struct super_block *sb, void *unused) |
| 7196 | { | 7186 | { |
| 7197 | superblock_doinit(sb, NULL); | 7187 | struct security_mnt_opts opts; |
| 7188 | |||
| 7189 | security_init_mnt_opts(&opts); | ||
| 7190 | selinux_set_mnt_opts(sb, &opts, 0, NULL); | ||
| 7191 | security_free_mnt_opts(&opts); | ||
| 7198 | } | 7192 | } |
| 7199 | 7193 | ||
| 7200 | void selinux_complete_init(void) | 7194 | void selinux_complete_init(void) |