diff options
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 1bf2543ea942..308e2cf17d75 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -755,9 +755,18 @@ static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb, | |||
| 755 | int set_context = (oldsbsec->flags & CONTEXT_MNT); | 755 | int set_context = (oldsbsec->flags & CONTEXT_MNT); |
| 756 | int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); | 756 | int set_rootcontext = (oldsbsec->flags & ROOTCONTEXT_MNT); |
| 757 | 757 | ||
| 758 | /* we can't error, we can't save the info, this shouldn't get called | 758 | /* |
| 759 | * this early in the boot process. */ | 759 | * if the parent was able to be mounted it clearly had no special lsm |
| 760 | BUG_ON(!ss_initialized); | 760 | * mount options. thus we can safely put this sb on the list and deal |
| 761 | * with it later | ||
| 762 | */ | ||
| 763 | if (!ss_initialized) { | ||
| 764 | spin_lock(&sb_security_lock); | ||
| 765 | if (list_empty(&newsbsec->list)) | ||
| 766 | list_add(&newsbsec->list, &superblock_security_head); | ||
| 767 | spin_unlock(&sb_security_lock); | ||
| 768 | return; | ||
| 769 | } | ||
| 761 | 770 | ||
| 762 | /* how can we clone if the old one wasn't set up?? */ | 771 | /* how can we clone if the old one wasn't set up?? */ |
| 763 | BUG_ON(!oldsbsec->initialized); | 772 | BUG_ON(!oldsbsec->initialized); |
| @@ -2392,22 +2401,22 @@ static int selinux_sb_statfs(struct dentry *dentry) | |||
| 2392 | } | 2401 | } |
| 2393 | 2402 | ||
| 2394 | static int selinux_mount(char *dev_name, | 2403 | static int selinux_mount(char *dev_name, |
| 2395 | struct nameidata *nd, | 2404 | struct path *path, |
| 2396 | char *type, | 2405 | char *type, |
| 2397 | unsigned long flags, | 2406 | unsigned long flags, |
| 2398 | void *data) | 2407 | void *data) |
| 2399 | { | 2408 | { |
| 2400 | int rc; | 2409 | int rc; |
| 2401 | 2410 | ||
| 2402 | rc = secondary_ops->sb_mount(dev_name, nd, type, flags, data); | 2411 | rc = secondary_ops->sb_mount(dev_name, path, type, flags, data); |
| 2403 | if (rc) | 2412 | if (rc) |
| 2404 | return rc; | 2413 | return rc; |
| 2405 | 2414 | ||
| 2406 | if (flags & MS_REMOUNT) | 2415 | if (flags & MS_REMOUNT) |
| 2407 | return superblock_has_perm(current, nd->path.mnt->mnt_sb, | 2416 | return superblock_has_perm(current, path->mnt->mnt_sb, |
| 2408 | FILESYSTEM__REMOUNT, NULL); | 2417 | FILESYSTEM__REMOUNT, NULL); |
| 2409 | else | 2418 | else |
| 2410 | return dentry_has_perm(current, nd->path.mnt, nd->path.dentry, | 2419 | return dentry_has_perm(current, path->mnt, path->dentry, |
| 2411 | FILE__MOUNTON); | 2420 | FILE__MOUNTON); |
| 2412 | } | 2421 | } |
| 2413 | 2422 | ||