diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2018-12-01 22:42:44 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2018-12-21 11:45:30 -0500 |
commit | 6be8750b4cba8c37170f46b29841d112f1be749b (patch) | |
tree | 0b3386c080d73fc666afcdcd1db5290b990af349 /fs/super.c | |
parent | 6466f3d193a99426db067855345e763de2160f1c (diff) |
LSM: lift parsing LSM options into the caller of ->sb_kern_mount()
This paves the way for retaining the LSM options from a common filesystem
mount context during a mount parameter parsing phase to be instituted prior
to actual mount/reconfiguration actions.
Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/super.c')
-rw-r--r-- | fs/super.c | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/fs/super.c b/fs/super.c index 6654de035893..8d9c9199832d 100644 --- a/fs/super.c +++ b/fs/super.c @@ -1246,17 +1246,26 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data) { struct dentry *root; struct super_block *sb; - char *secdata = NULL; int error = -ENOMEM; + struct security_mnt_opts opts; + + security_init_mnt_opts(&opts); if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) { - secdata = alloc_secdata(); + char *secdata = alloc_secdata(); if (!secdata) - goto out; + return ERR_PTR(-ENOMEM); error = security_sb_copy_data(data, secdata); + if (error) { + free_secdata(secdata); + return ERR_PTR(error); + } + + error = security_sb_parse_opts_str(secdata, &opts); + free_secdata(secdata); if (error) - goto out_free_secdata; + return ERR_PTR(error); } root = type->mount(type, flags, name, data); @@ -1277,7 +1286,7 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data) smp_wmb(); sb->s_flags |= SB_BORN; - error = security_sb_kern_mount(sb, flags, secdata); + error = security_sb_kern_mount(sb, flags, &opts); if (error) goto out_sb; @@ -1291,14 +1300,13 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data) "negative value (%lld)\n", type->name, sb->s_maxbytes); up_write(&sb->s_umount); - free_secdata(secdata); + security_free_mnt_opts(&opts); return root; out_sb: dput(root); deactivate_locked_super(sb); out_free_secdata: - free_secdata(secdata); -out: + security_free_mnt_opts(&opts); return ERR_PTR(error); } |