diff options
author | Andrew Morton <akpm@osdl.org> | 2004-03-11 16:14:32 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2004-03-11 16:14:32 -0800 |
commit | 5289ba41a0a403270bee9da9e08990831d769cb7 (patch) | |
tree | 5750064a878ba82f7d0f13537acb2242f5b76a89 /security | |
parent | ef01bd3f7cc37c3d79b3d075304aa9faaf95b190 (diff) | |
download | history-5289ba41a0a403270bee9da9e08990831d769cb7.tar.gz |
[PATCH] selinux: clean up binary mount data
From: James Morris <jmorris@redhat.com>
selinux is currently inspecting the filesystem name ("nfs" vs "coda" vs
watever) to work out whether it needs to hanbdle binary mount data.
Eliminate all that by adding a flag to file_system_type.fs_flags.
Diffstat (limited to 'security')
-rw-r--r-- | security/dummy.c | 3 | ||||
-rw-r--r-- | security/selinux/hooks.c | 32 |
2 files changed, 17 insertions, 18 deletions
diff --git a/security/dummy.c b/security/dummy.c index 32d43ccd06624c..35c29b1124ffaa 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -194,7 +194,8 @@ static void dummy_sb_free_security (struct super_block *sb) return; } -static int dummy_sb_copy_data (const char *fstype, void *orig, void *copy) +static int dummy_sb_copy_data (struct file_system_type *type, + void *orig, void *copy) { return 0; } diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 302f86be2fa6f0..7c41be689898de 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -331,25 +331,24 @@ static int try_context_mount(struct super_block *sb, void *data) name = sb->s_type->name; - /* Ignore these fileystems with binary mount option data. */ - if (!strcmp(name, "coda") || - !strcmp(name, "afs") || !strcmp(name, "smbfs")) - goto out; + if (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA) { - /* NFS we understand. */ - if (!strcmp(name, "nfs")) { - struct nfs_mount_data *d = data; + /* NFS we understand. */ + if (!strcmp(name, "nfs")) { + struct nfs_mount_data *d = data; - if (d->version < NFS_MOUNT_VERSION) - goto out; + if (d->version < NFS_MOUNT_VERSION) + goto out; - if (d->context[0]) { - context = d->context; - seen |= Opt_context; - } + if (d->context[0]) { + context = d->context; + seen |= Opt_context; + } + } else + goto out; - /* Standard string-based options. */ } else { + /* Standard string-based options. */ char *p, *options = data; while ((p = strsep(&options, ",")) != NULL) { @@ -1885,7 +1884,7 @@ static inline void take_option(char **to, char *from, int *first, int len) *to += len; } -static int selinux_sb_copy_data(const char *fstype, void *orig, void *copy) +static int selinux_sb_copy_data(struct file_system_type *type, void *orig, void *copy) { int fnosec, fsec, rc = 0; char *in_save, *in_curr, *in_end; @@ -1895,8 +1894,7 @@ static int selinux_sb_copy_data(const char *fstype, void *orig, void *copy) sec_curr = copy; /* Binary mount data: just copy */ - if (!strcmp(fstype, "nfs") || !strcmp(fstype, "coda") || - !strcmp(fstype, "smbfs") || !strcmp(fstype, "afs")) { + if (type->fs_flags & FS_BINARY_MOUNTDATA) { copy_page(sec_curr, in_curr); goto out; } |