diff options
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7465d713b53..853b58c8b2c 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2484,6 +2484,10 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data) | |||
| 2484 | if (rc) | 2484 | if (rc) |
| 2485 | return rc; | 2485 | return rc; |
| 2486 | 2486 | ||
| 2487 | /* Allow all mounts performed by the kernel */ | ||
| 2488 | if (flags & MS_KERNMOUNT) | ||
| 2489 | return 0; | ||
| 2490 | |||
| 2487 | AVC_AUDIT_DATA_INIT(&ad, FS); | 2491 | AVC_AUDIT_DATA_INIT(&ad, FS); |
| 2488 | ad.u.fs.path.dentry = sb->s_root; | 2492 | ad.u.fs.path.dentry = sb->s_root; |
| 2489 | return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad); | 2493 | return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad); |