LSM: Add flags field to security_sb_set_mnt_opts for in kernel mount data.

There is no way to differentiate if a text mount option is passed from user space or the kernel. A flags field is being added to the security_sb_set_mnt_opts hook to allow for in kernel security flags to be sent to the LSM for processing in addition to the text options received from mount. This patch also updated existing code to fix compilation errors. Acked-by: Eric Paris <eparis@redhat.com> Acked-by: James Morris <james.l.morris@oracle.com> Signed-off-by: David P. Quigley <dpquigl@tycho.nsa.gov> Signed-off-by: Miguel Rodel Felipe <Rodel_FM@dsi.a-star.edu.sg> Signed-off-by: Phua Eu Gene <PHUA_Eu_Gene@dsi.a-star.edu.sg> Signed-off-by: Khin Mi Mi Aung <Mi_Mi_AUNG@dsi.a-star.edu.sg> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
author: David Quigley <dpquigl@davequigley.com> 2013-05-22 12:50:36 -0400
committer: Trond Myklebust <Trond.Myklebust@netapp.com> 2013-06-08 16:20:12 -0400
commit: 649f6e7718891fe7691e5084ce3fa623acba3129 (patch)
tree: 3e3cd7cd832749b88082825dfdf797f1695fed1d /include/linux/security.h
parent: 746df9b59c8a5f162c907796c7295d3c4c0d8995 (diff)
1 files changed, 10 insertions, 3 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index cff3e4fc4281..aa656fbc4308 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1456,7 +1456,9 @@ struct security_operations {
        int (*sb_pivotroot) (struct path *old_path,
                             struct path *new_path);
        int (*sb_set_mnt_opts) (struct super_block *sb,
-                                struct security_mnt_opts *opts);
+                                struct security_mnt_opts *opts,
+                                unsigned long kern_flags,
+                                unsigned long *set_kern_flags);
        int (*sb_clone_mnt_opts) (const struct super_block *oldsb,
                                   struct super_block *newsb);
        int (*sb_parse_opts_str) (char *options, struct security_mnt_opts *opts);
@@ -1747,7 +1749,10 @@ int security_sb_mount(const char *dev_name, struct path *path,
                      const char *type, unsigned long flags, void *data);
 int security_sb_umount(struct vfsmount *mnt, int flags);
 int security_sb_pivotroot(struct path *old_path, struct path *new_path);
-int security_sb_set_mnt_opts(struct super_block *sb, struct security_mnt_opts *opts);
+int security_sb_set_mnt_opts(struct super_block *sb,
+                                struct security_mnt_opts *opts,
+                                unsigned long kern_flags,
+                                unsigned long *set_kern_flags);
 int security_sb_clone_mnt_opts(const struct super_block *oldsb,
                                struct super_block *newsb);
 int security_sb_parse_opts_str(char *options, struct security_mnt_opts *opts);
@@ -2037,7 +2042,9 @@ static inline int security_sb_pivotroot(struct path *old_path,
 }
 static inline int security_sb_set_mnt_opts(struct super_block *sb,
-                                           struct security_mnt_opts *opts)
+                                           struct security_mnt_opts *opts,
+                                           unsigned long kern_flags,
+                                           unsigned long *set_kern_flags)
 {
        return 0;
 }
author	David Quigley <dpquigl@davequigley.com>	2013-05-22 12:50:36 -0400
committer	Trond Myklebust <Trond.Myklebust@netapp.com>	2013-06-08 16:20:12 -0400
commit	649f6e7718891fe7691e5084ce3fa623acba3129 (patch)
tree	3e3cd7cd832749b88082825dfdf797f1695fed1d /include/linux/security.h
parent	746df9b59c8a5f162c907796c7295d3c4c0d8995 (diff)