From: Stephen Smalley <sds@tycho.nsa.gov>

This patch alters the SELinux handling of inodes with invalid security
contexts so that a filesystem with a root inode that has an invalid
security context can still be mounted for administrative recovery without
disabling SELinux altogether.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/security/selinux/hooks.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletion(-)

diff -puN security/selinux/hooks.c~selinux-allow-mounting-of-filesystems-with-invalid-root-inode-context security/selinux/hooks.c
--- 25/security/selinux/hooks.c~selinux-allow-mounting-of-filesystems-with-invalid-root-inode-context	2005-03-21 21:50:12.000000000 -0800
+++ 25-akpm/security/selinux/hooks.c	2005-03-21 21:50:12.000000000 -0800
@@ -829,7 +829,9 @@ static int inode_doinit_with_dentry(stru
 				       __FUNCTION__, context, -rc,
 				       inode->i_sb->s_id, inode->i_ino);
 				kfree(context);
-				goto out;
+				/* Leave with the unlabeled SID */
+				rc = 0;
+				break;
 			}
 		}
 		kfree(context);
_