From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Mon, 5 Aug 2013 02:31:06 +0000 (+1000)
Subject: Merge remote-tracking branch 'selinux/master'
X-Git-Tag: next-20130805~44
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=f6fcac5eb29560b6c3fb3be476ccd55ca0467f27;p=karo-tx-linux.git

Merge remote-tracking branch 'selinux/master'

Conflicts:
	security/selinux/hooks.c
---

f6fcac5eb29560b6c3fb3be476ccd55ca0467f27
diff --cc security/selinux/hooks.c
index a5091ec06aa6,4fbf2c5f26ce..cf0f8df7f8ed
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@@ -680,21 -702,14 +712,19 @@@ static int selinux_set_mnt_opts(struct 
  	if (strcmp(sb->s_type->name, "proc") == 0)
  		sbsec->flags |= SE_SBPROC;
  
 -	/* Determine the labeling behavior to use for this filesystem type. */
 -	rc = security_fs_use(sb);
 -	if (rc) {
 -		printk(KERN_WARNING "%s: security_fs_use(%s) returned %d\n",
 -		       __func__, sb->s_type->name, rc);
 -		goto out;
 +	if (!sbsec->behavior) {
 +		/*
 +		 * Determine the labeling behavior to use for this
 +		 * filesystem type.
 +		 */
- 		rc = security_fs_use((sbsec->flags & SE_SBPROC) ?
- 					"proc" : sb->s_type->name,
- 					&sbsec->behavior, &sbsec->sid);
++		rc = security_fs_use(sb);
 +		if (rc) {
 +			printk(KERN_WARNING
 +				"%s: security_fs_use(%s) returned %d\n",
 +					__func__, sb->s_type->name, rc);
 +			goto out;
 +		}
  	}
 -
  	/* sets the context of the superblock for the fs being mounted. */
  	if (fscontext_sid) {
  		rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred);
@@@ -2629,11 -2589,15 +2659,11 @@@ static int selinux_inode_init_security(
  		isec->initialized = 1;
  	}
  
- 	if (!ss_initialized || !(sbsec->flags & SE_SBLABELSUPP))
+ 	if (!ss_initialized || !(sbsec->flags & SBLABEL_MNT))
  		return -EOPNOTSUPP;
  
 -	if (name) {
 -		namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS);
 -		if (!namep)
 -			return -ENOMEM;
 -		*name = namep;
 -	}
 +	if (name)
 +		*name = XATTR_SELINUX_SUFFIX;
  
  	if (value && len) {
  		rc = security_sid_to_context_force(newsid, &context, &clen);
diff --cc security/selinux/include/security.h
index 8fd8e18ea340,004a2479880f..216e53fd6136
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@@ -169,11 -173,8 +173,10 @@@ int security_get_allow_unknown(void)
  #define SECURITY_FS_USE_GENFS		4 /* use the genfs support */
  #define SECURITY_FS_USE_NONE		5 /* no labeling support */
  #define SECURITY_FS_USE_MNTPOINT	6 /* use mountpoint labeling */
 +#define SECURITY_FS_USE_NATIVE		7 /* use native label support */
 +#define SECURITY_FS_USE_MAX		7 /* Highest SECURITY_FS_USE_XXX */
  
- int security_fs_use(const char *fstype, unsigned int *behavior,
- 	u32 *sid);
+ int security_fs_use(struct super_block *sb);
  
  int security_genfs_sid(const char *fstype, char *name, u16 sclass,
  	u32 *sid);