SELinux: use a helper function to determine seclabel (b43e725d) · Commits · e / devices / android_kernel_xiaomi_markw

security/selinux/hooks.c

+24 −14

Original line number	Diff line number	Diff line
		@@ -354,6 +354,29 @@ static int may_context_mount_inode_relabel(u32 sid,
		return rc;
		}

		static int selinux_is_sblabel_mnt(struct super_block *sb)
		{
		struct superblock_security_struct *sbsec = sb->s_security;

		if (sbsec->behavior == SECURITY_FS_USE_XATTR \|\|
		sbsec->behavior == SECURITY_FS_USE_TRANS \|\|
		sbsec->behavior == SECURITY_FS_USE_TASK)
		return 1;

		/* Special handling for sysfs. Is genfs but also has setxattr handler*/
		if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0)
		return 1;

		/*
		* Special handling for rootfs. Is genfs but supports
		* setting SELinux context on in-core inodes.
		*/
		if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0)
		return 1;

		return 0;
		}

		static int sb_finish_set_opts(struct super_block *sb)
		{
		struct superblock_security_struct *sbsec = sb->s_security;
		@@ -396,20 +419,7 @@ static int sb_finish_set_opts(struct super_block *sb)
		labeling_behaviors[sbsec->behavior-1]);

		sbsec->flags \|= SE_SBINITIALIZED;
		if (sbsec->behavior == SECURITY_FS_USE_XATTR \|\|
		sbsec->behavior == SECURITY_FS_USE_TRANS \|\|
		sbsec->behavior == SECURITY_FS_USE_TASK)
		sbsec->flags \|= SBLABEL_MNT;

		/* Special handling for sysfs. Is genfs but also has setxattr handler*/
		if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0)
		sbsec->flags \|= SBLABEL_MNT;

		/*
		* Special handling for rootfs. Is genfs but supports
		* setting SELinux context on in-core inodes.
		*/
		if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0)
		if (selinux_is_sblabel_mnt(sb))
		sbsec->flags \|= SBLABEL_MNT;

		/* Initialize the root inode. */