1 files changed, 4 insertions, 38 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index ee470a0b5c27..d106733ad987 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2334,50 +2334,16 @@ int security_fs_use(struct super_block *sb)
        struct ocontext *c;
        struct superblock_security_struct *sbsec = sb->s_security;
        const char *fstype = sb->s_type->name;
-        const char *subtype = (sb->s_subtype && sb->s_subtype[0]) ? sb->s_subtype : NULL;
-        struct ocontext *base = NULL;
        read_lock(&policy_rwlock);
-        for (c = policydb.ocontexts[OCON_FSUSE]; c; c = c->next) {
+        c = policydb.ocontexts[OCON_FSUSE];
-                char *sub;
+        while (c) {
-                int baselen;
+                if (strcmp(fstype, c->u.name) == 0)
-                baselen = strlen(fstype);
-                /* if base does not match, this is not the one */
-                if (strncmp(fstype, c->u.name, baselen))
-                        continue;
-                /* if there is no subtype, this is the one! */
-                if (!subtype)
-                        break;
-                /* skip past the base in this entry */
-                sub = c->u.name + baselen;
-                /* entry is only a base. save it. keep looking for subtype */
-                if (sub[0] == '\0') {
-                        base = c;
-                        continue;
-                }
-                /* entry is not followed by a subtype, so it is not a match */
-                if (sub[0] != '.')
-                        continue;
-                /* whew, we found a subtype of this fstype */
-                sub++; /* move past '.' */
-                /* exact match of fstype AND subtype */
-                if (!strcmp(subtype, sub))
                        break;
+                c = c->next;
        }
-        /* in case we had found an fstype match but no subtype match */
-        if (!c)
-                c = base;
        if (c) {
                sbsec->behavior = c->v.behavior;
                if (!c->sid[0]) {

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index ee470a0b5c27..d106733ad987 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c
@@ -2334,50 +2334,16 @@ int security_fs_use(struct super_block *sb)
2334	struct ocontext *c;	2334	struct ocontext *c;
2335	struct superblock_security_struct *sbsec = sb->s_security;	2335	struct superblock_security_struct *sbsec = sb->s_security;
2336	const char *fstype = sb->s_type->name;	2336	const char *fstype = sb->s_type->name;
2337	const char *subtype = (sb->s_subtype && sb->s_subtype[0]) ? sb->s_subtype : NULL;
2338	struct ocontext *base = NULL;
2339		2337
2340	read_lock(&policy_rwlock);	2338	read_lock(&policy_rwlock);
2341		2339
2342	for (c = policydb.ocontexts[OCON_FSUSE]; c; c = c->next) {	2340	c = policydb.ocontexts[OCON_FSUSE];
2343	char *sub;	2341	while (c) {
2344	int baselen;	2342	if (strcmp(fstype, c->u.name) == 0)
2345
2346	baselen = strlen(fstype);
2347
2348	/* if base does not match, this is not the one */
2349	if (strncmp(fstype, c->u.name, baselen))
2350	continue;
2351
2352	/* if there is no subtype, this is the one! */
2353	if (!subtype)
2354	break;
2355
2356	/* skip past the base in this entry */
2357	sub = c->u.name + baselen;
2358
2359	/* entry is only a base. save it. keep looking for subtype */
2360	if (sub[0] == '\0') {
2361	base = c;
2362	continue;
2363	}
2364
2365	/* entry is not followed by a subtype, so it is not a match */
2366	if (sub[0] != '.')
2367	continue;
2368
2369	/* whew, we found a subtype of this fstype */
2370	sub++; /* move past '.' */
2371
2372	/* exact match of fstype AND subtype */
2373	if (!strcmp(subtype, sub))
2374	break;	2343	break;
		2344	c = c->next;
2375	}	2345	}
2376		2346
2377	/* in case we had found an fstype match but no subtype match */
2378	if (!c)
2379	c = base;
2380
2381	if (c) {	2347	if (c) {
2382	sbsec->behavior = c->v.behavior;	2348	sbsec->behavior = c->v.behavior;
2383	if (!c->sid[0]) {	2349	if (!c->sid[0]) {