On Thu, Jan 27, 2022 at 4:54 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > I wonder if we could make this all much simpler by *always* doing the > label parsing in selinux_add_opt() and just returning an error when > !selinux_initialized(&selinux_state). Before the new mount API, mount > options were always passed directly to the mount(2) syscall, so it > wasn't possible to pass any SELinux mount options before the SELinux > policy was loaded. I don't see why we need to jump through hoops here > just to support this pseudo-feature of stashing an unparsed label into > an fs_context before policy is loaded... Userspace should never need > to do that. I could agree with that, although part of my mind is a little nervous about the "userspace should *never* ..." because that always seems to bite us. Although I'm struggling to think of a case where userspace would need to set explicit SELinux mount options without having a policy loaded. -- paul-moore.com
