SELinux: rename SE_SBLABELSUPP to SBLABEL_MNT

Just a flag rename as we prepare to make it not so special.

Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
Eric Paris 2012-10-09 10:56:25 -04:00
parent af8e50cc7d
commit 12f348b9dc
2 changed files with 15 additions and 15 deletions

View File

@ -387,7 +387,7 @@ static int sb_finish_set_opts(struct super_block *sb)
} }
} }
sbsec->flags |= (SE_SBINITIALIZED | SE_SBLABELSUPP); sbsec->flags |= (SE_SBINITIALIZED | SBLABEL_MNT);
if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n", printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n",
@ -401,18 +401,18 @@ static int sb_finish_set_opts(struct super_block *sb)
sbsec->behavior == SECURITY_FS_USE_MNTPOINT || sbsec->behavior == SECURITY_FS_USE_MNTPOINT ||
sbsec->behavior == SECURITY_FS_USE_NONE || sbsec->behavior == SECURITY_FS_USE_NONE ||
sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
sbsec->flags &= ~SE_SBLABELSUPP; sbsec->flags &= ~SBLABEL_MNT;
/* Special handling for sysfs. Is genfs but also has setxattr handler*/ /* Special handling for sysfs. Is genfs but also has setxattr handler*/
if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0) if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0)
sbsec->flags |= SE_SBLABELSUPP; sbsec->flags |= SBLABEL_MNT;
/* /*
* Special handling for rootfs. Is genfs but supports * Special handling for rootfs. Is genfs but supports
* setting SELinux context on in-core inodes. * setting SELinux context on in-core inodes.
*/ */
if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0) if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0)
sbsec->flags |= SE_SBLABELSUPP; sbsec->flags |= SBLABEL_MNT;
/* Initialize the root inode. */ /* Initialize the root inode. */
rc = inode_doinit_with_dentry(root_inode, root); rc = inode_doinit_with_dentry(root_inode, root);
@ -477,7 +477,7 @@ static int selinux_get_mnt_opts(const struct super_block *sb,
tmp >>= 1; tmp >>= 1;
} }
/* Check if the Label support flag is set */ /* Check if the Label support flag is set */
if (sbsec->flags & SE_SBLABELSUPP) if (sbsec->flags & SBLABEL_MNT)
opts->num_mnt_opts++; opts->num_mnt_opts++;
opts->mnt_opts = kcalloc(opts->num_mnt_opts, sizeof(char *), GFP_ATOMIC); opts->mnt_opts = kcalloc(opts->num_mnt_opts, sizeof(char *), GFP_ATOMIC);
@ -524,9 +524,9 @@ static int selinux_get_mnt_opts(const struct super_block *sb,
opts->mnt_opts[i] = context; opts->mnt_opts[i] = context;
opts->mnt_opts_flags[i++] = ROOTCONTEXT_MNT; opts->mnt_opts_flags[i++] = ROOTCONTEXT_MNT;
} }
if (sbsec->flags & SE_SBLABELSUPP) { if (sbsec->flags & SBLABEL_MNT) {
opts->mnt_opts[i] = NULL; opts->mnt_opts[i] = NULL;
opts->mnt_opts_flags[i++] = SE_SBLABELSUPP; opts->mnt_opts_flags[i++] = SBLABEL_MNT;
} }
BUG_ON(i != opts->num_mnt_opts); BUG_ON(i != opts->num_mnt_opts);
@ -615,7 +615,7 @@ static int selinux_set_mnt_opts(struct super_block *sb,
for (i = 0; i < num_opts; i++) { for (i = 0; i < num_opts; i++) {
u32 sid; u32 sid;
if (flags[i] == SE_SBLABELSUPP) if (flags[i] == SBLABEL_MNT)
continue; continue;
rc = security_context_to_sid(mount_options[i], rc = security_context_to_sid(mount_options[i],
strlen(mount_options[i]), &sid); strlen(mount_options[i]), &sid);
@ -1025,7 +1025,7 @@ static void selinux_write_opts(struct seq_file *m,
case DEFCONTEXT_MNT: case DEFCONTEXT_MNT:
prefix = DEFCONTEXT_STR; prefix = DEFCONTEXT_STR;
break; break;
case SE_SBLABELSUPP: case SBLABEL_MNT:
seq_putc(m, ','); seq_putc(m, ',');
seq_puts(m, LABELSUPP_STR); seq_puts(m, LABELSUPP_STR);
continue; continue;
@ -1624,7 +1624,7 @@ static int may_create(struct inode *dir,
if (rc) if (rc)
return rc; return rc;
if (!newsid || !(sbsec->flags & SE_SBLABELSUPP)) { if (!newsid || !(sbsec->flags & SBLABEL_MNT)) {
rc = security_transition_sid(sid, dsec->sid, tclass, rc = security_transition_sid(sid, dsec->sid, tclass,
&dentry->d_name, &newsid); &dentry->d_name, &newsid);
if (rc) if (rc)
@ -2412,7 +2412,7 @@ static int selinux_sb_remount(struct super_block *sb, void *data)
u32 sid; u32 sid;
size_t len; size_t len;
if (flags[i] == SE_SBLABELSUPP) if (flags[i] == SBLABEL_MNT)
continue; continue;
len = strlen(mount_options[i]); len = strlen(mount_options[i]);
rc = security_context_to_sid(mount_options[i], len, &sid); rc = security_context_to_sid(mount_options[i], len, &sid);
@ -2546,7 +2546,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
if ((sbsec->flags & SE_SBINITIALIZED) && if ((sbsec->flags & SE_SBINITIALIZED) &&
(sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) (sbsec->behavior == SECURITY_FS_USE_MNTPOINT))
newsid = sbsec->mntpoint_sid; newsid = sbsec->mntpoint_sid;
else if (!newsid || !(sbsec->flags & SE_SBLABELSUPP)) { else if (!newsid || !(sbsec->flags & SBLABEL_MNT)) {
rc = security_transition_sid(sid, dsec->sid, rc = security_transition_sid(sid, dsec->sid,
inode_mode_to_security_class(inode->i_mode), inode_mode_to_security_class(inode->i_mode),
qstr, &newsid); qstr, &newsid);
@ -2568,7 +2568,7 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir,
isec->initialized = 1; isec->initialized = 1;
} }
if (!ss_initialized || !(sbsec->flags & SE_SBLABELSUPP)) if (!ss_initialized || !(sbsec->flags & SBLABEL_MNT))
return -EOPNOTSUPP; return -EOPNOTSUPP;
if (name) { if (name) {
@ -2776,7 +2776,7 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
return selinux_inode_setotherxattr(dentry, name); return selinux_inode_setotherxattr(dentry, name);
sbsec = inode->i_sb->s_security; sbsec = inode->i_sb->s_security;
if (!(sbsec->flags & SE_SBLABELSUPP)) if (!(sbsec->flags & SBLABEL_MNT))
return -EOPNOTSUPP; return -EOPNOTSUPP;
if (!inode_owner_or_capable(inode)) if (!inode_owner_or_capable(inode))

View File

@ -52,7 +52,7 @@
/* Non-mount related flags */ /* Non-mount related flags */
#define SE_SBINITIALIZED 0x10 #define SE_SBINITIALIZED 0x10
#define SE_SBPROC 0x20 #define SE_SBPROC 0x20
#define SE_SBLABELSUPP 0x40 #define SBLABEL_MNT 0x40
#define CONTEXT_STR "context=" #define CONTEXT_STR "context="
#define FSCONTEXT_STR "fscontext=" #define FSCONTEXT_STR "fscontext="