diff options
| author | Eric Paris <eparis@redhat.com> | 2012-10-09 16:20:08 -0400 |
|---|---|---|
| committer | Eric Paris <eparis@redhat.com> | 2013-07-25 13:03:06 -0400 |
| commit | cfca0303da0e2c3f570cb5cfc7c373828e6c13a2 (patch) | |
| tree | 205d93f1d114c1c91e3640cb16720dbc5e6c1288 /security/selinux | |
| parent | eadcabc697e904e0d93d10070a324d8855740b91 (diff) | |
SELinux: renumber the superblock options
Just to make it clear that we have mount time options and flags,
separate them. Since I decided to move the non-mount options above
above 0x10, we need a short instead of a char. (x86 padding says
this takes up no additional space as we have a 3byte whole in the
structure)
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux')
| -rw-r--r-- | security/selinux/include/objsec.h | 2 | ||||
| -rw-r--r-- | security/selinux/include/security.h | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index aa47bcabb5f6..fe99f64a1d54 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h | |||
| @@ -59,7 +59,7 @@ struct superblock_security_struct { | |||
| 59 | u32 def_sid; /* default SID for labeling */ | 59 | u32 def_sid; /* default SID for labeling */ |
| 60 | u32 mntpoint_sid; /* SECURITY_FS_USE_MNTPOINT context for files */ | 60 | u32 mntpoint_sid; /* SECURITY_FS_USE_MNTPOINT context for files */ |
| 61 | unsigned int behavior; /* labeling behavior */ | 61 | unsigned int behavior; /* labeling behavior */ |
| 62 | unsigned char flags; /* which mount options were specified */ | 62 | unsigned short flags; /* which mount options were specified */ |
| 63 | struct mutex lock; | 63 | struct mutex lock; |
| 64 | struct list_head isec_head; | 64 | struct list_head isec_head; |
| 65 | spinlock_t isec_lock; | 65 | spinlock_t isec_lock; |
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index 7ec750609cca..9c424d8bd2e0 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
| @@ -45,14 +45,15 @@ | |||
| 45 | /* Mask for just the mount related flags */ | 45 | /* Mask for just the mount related flags */ |
| 46 | #define SE_MNTMASK 0x0f | 46 | #define SE_MNTMASK 0x0f |
| 47 | /* Super block security struct flags for mount options */ | 47 | /* Super block security struct flags for mount options */ |
| 48 | /* BE CAREFUL, these need to be the low order bits for selinux_get_mnt_opts */ | ||
| 48 | #define CONTEXT_MNT 0x01 | 49 | #define CONTEXT_MNT 0x01 |
| 49 | #define FSCONTEXT_MNT 0x02 | 50 | #define FSCONTEXT_MNT 0x02 |
| 50 | #define ROOTCONTEXT_MNT 0x04 | 51 | #define ROOTCONTEXT_MNT 0x04 |
| 51 | #define DEFCONTEXT_MNT 0x08 | 52 | #define DEFCONTEXT_MNT 0x08 |
| 53 | #define SBLABEL_MNT 0x10 | ||
| 52 | /* Non-mount related flags */ | 54 | /* Non-mount related flags */ |
| 53 | #define SE_SBINITIALIZED 0x10 | 55 | #define SE_SBINITIALIZED 0x0100 |
| 54 | #define SE_SBPROC 0x20 | 56 | #define SE_SBPROC 0x0200 |
| 55 | #define SBLABEL_MNT 0x40 | ||
| 56 | 57 | ||
| 57 | #define CONTEXT_STR "context=" | 58 | #define CONTEXT_STR "context=" |
| 58 | #define FSCONTEXT_STR "fscontext=" | 59 | #define FSCONTEXT_STR "fscontext=" |