linux-next: manual merge of the selinux tree with Linus' tree

Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> · Fri, 26 Jul 2013 13:48:23 +1000

Hi Eric,

Today's linux-next merge of the selinux tree got a conflict in
security/selinux/hooks.c between commit eb9ae686507b ("SELinux: Add new
labeling type native labels") from Linus' tree and commits 40d3d0b85fa2
("SELinux: remove crazy contortions around proc") and a64c54cf0811
("SELinux: pass a superblock to security_fs_use") from the selinux tree.

I fixed it up (see below) and can carry the fix as necessary (no action
is required).

P.S. Unusually, that commit from Linus' tree has no Signed-off-by from
its purported author (David Quigley).
-- 
Cheers,
Stephen Rothwell                    sfr@xxxxxxxxxxxxxxxx
diff --cc security/selinux/hooks.c
index a5091ec,4fbf2c5..0000000

--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@@ -680,21 -702,14 +712,19 @@@ static int selinux_set_mnt_opts(struct 
  	if (strcmp(sb->s_type->name, "proc") == 0)
  		sbsec->flags |= SE_SBPROC;
  
 -	/* Determine the labeling behavior to use for this filesystem type. */
 -	rc = security_fs_use(sb);
 -	if (rc) {
 -		printk(KERN_WARNING "%s: security_fs_use(%s) returned %d\n",
 -		       __func__, sb->s_type->name, rc);
 -		goto out;
 +	if (!sbsec->behavior) {
 +		/*
 +		 * Determine the labeling behavior to use for this
 +		 * filesystem type.
 +		 */
- 		rc = security_fs_use((sbsec->flags & SE_SBPROC) ?
- 					"proc" : sb->s_type->name,
- 					&sbsec->behavior, &sbsec->sid);
++		rc = security_fs_use(sb);
 +		if (rc) {
 +			printk(KERN_WARNING
 +				"%s: security_fs_use(%s) returned %d\n",
 +					__func__, sb->s_type->name, rc);
 +			goto out;
 +		}
  	}
 -
  	/* sets the context of the superblock for the fs being mounted. */
  	if (fscontext_sid) {
  		rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred);
@@@ -2629,11 -2589,15 +2659,11 @@@ static int selinux_inode_init_security(
  		isec->initialized = 1;
  	}
  
- 	if (!ss_initialized || !(sbsec->flags & SE_SBLABELSUPP))
+ 	if (!ss_initialized || !(sbsec->flags & SBLABEL_MNT))
  		return -EOPNOTSUPP;
  
 -	if (name) {
 -		namep = kstrdup(XATTR_SELINUX_SUFFIX, GFP_NOFS);
 -		if (!namep)
 -			return -ENOMEM;
 -		*name = namep;
 -	}
 +	if (name)
 +		*name = XATTR_SELINUX_SUFFIX;
  
  	if (value && len) {
  		rc = security_sid_to_context_force(newsid, &context, &clen);
Attachment:
pgp_ZXfO7R5fp.pgp

Description: PGP signature




