Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

SELinux: pass a superblock to security_fs_use

Rather than passing pointers to memory locations, strings, and other
stuff just give up on the separation and give security_fs_use the
superblock.  It just makes the code easier to read (even if not easier to
reuse on some other OS)

Signed-off-by: Eric Paris <eparis@redhat.com>
Eric Paris 13 years ago
parent
308ab70c46
commit
a64c54cf08
3 changed files with 11 additions and 15 deletions
Split View Show Diff Stats
  1. 1 1
      security/selinux/hooks.c
  2. 1 2
      security/selinux/include/security.h
  3. 9 12
      security/selinux/ss/services.c

+ 1 - 1
security/selinux/hooks.c
View File 

@@ -677,7 +677,7 @@ static int selinux_set_mnt_opts(struct super_block *sb,
 
 		sbsec->flags |= SE_SBPROC;
 
 
 	/* Determine the labeling behavior to use for this filesystem type. */
 
-	rc = security_fs_use(sb->s_type->name, &sbsec->behavior, &sbsec->sid);
 
+	rc = security_fs_use(sb);
 
 	if (rc) {
 
 		printk(KERN_WARNING "%s: security_fs_use(%s) returned %d\n",
 
 		       __func__, sb->s_type->name, rc);

+ 1 - 2
security/selinux/include/security.h
View File 

@@ -171,8 +171,7 @@ int security_get_allow_unknown(void);
 
 #define SECURITY_FS_USE_NONE		5 /* no labeling support */
 
 #define SECURITY_FS_USE_MNTPOINT	6 /* use mountpoint labeling */
 
 
-int security_fs_use(const char *fstype, short unsigned int *behavior,
 
-	u32 *sid);
 
+int security_fs_use(struct super_block *sb);
 
 
 int security_genfs_sid(const char *fstype, char *name, u16 sclass,
 
 	u32 *sid);

+ 9 - 12
security/selinux/ss/services.c
View File 

@@ -2323,17 +2323,14 @@ out:
 
 
 /**
 
  * security_fs_use - Determine how to handle labeling for a filesystem.
 
- * @fstype: filesystem type
 
- * @behavior: labeling behavior
 
- * @sid: SID for filesystem (superblock)
 
+ * @sb: superblock in question
 
  */
 
-int security_fs_use(
 
-	const char *fstype,
 
-	short unsigned int *behavior,
 
-	u32 *sid)
 
+int security_fs_use(struct super_block *sb)
 
 {
 
 	int rc = 0;
 
 	struct ocontext *c;
 
+	struct superblock_security_struct *sbsec = sb->s_security;
 
+	const char *fstype = sb->s_type->name;
 
 
 	read_lock(&policy_rwlock);
 
 
@@ -2345,21 +2342,21 @@ int security_fs_use(
 
 	}
 
 
 	if (c) {
 
-		*behavior = c->v.behavior;
 
+		sbsec->behavior = c->v.behavior;
 
 		if (!c->sid[0]) {
 
 			rc = sidtab_context_to_sid(&sidtab, &c->context[0],
 
 						   &c->sid[0]);
 
 			if (rc)
 
 				goto out;
 
 		}
 
-		*sid = c->sid[0];
 
+		sbsec->sid = c->sid[0];
 
 	} else {
 
-		rc = security_genfs_sid(fstype, "/", SECCLASS_DIR, sid);
 
+		rc = security_genfs_sid(fstype, "/", SECCLASS_DIR, &sbsec->sid);
 
 		if (rc) {
 
-			*behavior = SECURITY_FS_USE_NONE;
 
+			sbsec->behavior = SECURITY_FS_USE_NONE;
 
 			rc = 0;
 
 		} else {
 
-			*behavior = SECURITY_FS_USE_GENFS;
 
+			sbsec->behavior = SECURITY_FS_USE_GENFS;
 
 		}
 
 	}