diff options
author | Eric Paris <eparis@redhat.com> | 2008-04-09 14:08:35 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-04-10 08:51:01 +1000 |
commit | 5a55261716e838f188598ab3d7a0abf9cf1338f8 (patch) | |
tree | 2acf7f919cb2edd77a4f9ed0a434b6dbec19708e | |
parent | 7180c4c9e09888db0a188f729c96c6d7bd61fa83 (diff) |
SELinux: don't BUG if fs reuses a superblock
I (wrongly) assumed that nfs_xdev_get_sb() would not ever share a superblock
and so cloning mount options would always be correct. Turns out that isn't
the case and we could fall over a BUG_ON() that wasn't a BUG at all. Since
there is little we can do to reconcile different mount options this patch
just leaves the sb alone and the first set of options wins.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/hooks.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 89bb6d36c0a..d39b59cf8a0 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -760,13 +760,13 @@ static void selinux_sb_clone_mnt_opts(const struct super_block *oldsb, * this early in the boot process. */ BUG_ON(!ss_initialized); - /* this might go away sometime down the line if there is a new user - * of clone, but for now, nfs better not get here... */ - BUG_ON(newsbsec->initialized); - /* how can we clone if the old one wasn't set up?? */ BUG_ON(!oldsbsec->initialized); + /* if fs is reusing a sb, just let its options stand... */ + if (newsbsec->initialized) + return; + mutex_lock(&newsbsec->lock); newsbsec->flags = oldsbsec->flags; |