aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/selinux/hooks.c35
1 files changed, 30 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index e4d81a42fca4..cac0273ec447 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -398,7 +398,7 @@ static int try_context_mount(struct super_block *sb, void *data)
398 /* Standard string-based options. */ 398 /* Standard string-based options. */
399 char *p, *options = data; 399 char *p, *options = data;
400 400
401 while ((p = strsep(&options, ",")) != NULL) { 401 while ((p = strsep(&options, "|")) != NULL) {
402 int token; 402 int token;
403 substring_t args[MAX_OPT_ARGS]; 403 substring_t args[MAX_OPT_ARGS];
404 404
@@ -1923,18 +1923,40 @@ static inline void take_option(char **to, char *from, int *first, int len)
1923 if (!*first) { 1923 if (!*first) {
1924 **to = ','; 1924 **to = ',';
1925 *to += 1; 1925 *to += 1;
1926 } 1926 } else
1927 else
1928 *first = 0; 1927 *first = 0;
1929 memcpy(*to, from, len); 1928 memcpy(*to, from, len);
1930 *to += len; 1929 *to += len;
1931} 1930}
1932 1931
1932static inline void take_selinux_option(char **to, char *from, int *first,
1933 int len)
1934{
1935 int current_size = 0;
1936
1937 if (!*first) {
1938 **to = '|';
1939 *to += 1;
1940 }
1941 else
1942 *first = 0;
1943
1944 while (current_size < len) {
1945 if (*from != '"') {
1946 **to = *from;
1947 *to += 1;
1948 }
1949 from += 1;
1950 current_size += 1;
1951 }
1952}
1953
1933static int selinux_sb_copy_data(struct file_system_type *type, void *orig, void *copy) 1954static int selinux_sb_copy_data(struct file_system_type *type, void *orig, void *copy)
1934{ 1955{
1935 int fnosec, fsec, rc = 0; 1956 int fnosec, fsec, rc = 0;
1936 char *in_save, *in_curr, *in_end; 1957 char *in_save, *in_curr, *in_end;
1937 char *sec_curr, *nosec_save, *nosec; 1958 char *sec_curr, *nosec_save, *nosec;
1959 int open_quote = 0;
1938 1960
1939 in_curr = orig; 1961 in_curr = orig;
1940 sec_curr = copy; 1962 sec_curr = copy;
@@ -1956,11 +1978,14 @@ static int selinux_sb_copy_data(struct file_system_type *type, void *orig, void
1956 in_save = in_end = orig; 1978 in_save = in_end = orig;
1957 1979
1958 do { 1980 do {
1959 if (*in_end == ',' || *in_end == '\0') { 1981 if (*in_end == '"')
1982 open_quote = !open_quote;
1983 if ((*in_end == ',' && open_quote == 0) ||
1984 *in_end == '\0') {
1960 int len = in_end - in_curr; 1985 int len = in_end - in_curr;
1961 1986
1962 if (selinux_option(in_curr, len)) 1987 if (selinux_option(in_curr, len))
1963 take_option(&sec_curr, in_curr, &fsec, len); 1988 take_selinux_option(&sec_curr, in_curr, &fsec, len);
1964 else 1989 else
1965 take_option(&nosec, in_curr, &fnosec, len); 1990 take_option(&nosec, in_curr, &fnosec, len);
1966 1991