SELinux: do not handle seclabel as a special flag

[~andy/linux] / security / selinux / hooks.c

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 344f4f99968195b50eb2e8d189b59ebe3a87a69f..5596dc51e21ba22724a68e48629a0be98f7bdb1e 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -387,8 +387,6 @@ static int sb_finish_set_opts(struct super_block *sb)
                }
        }
 
-       sbsec->flags |= (SE_SBINITIALIZED | SBLABEL_MNT);
-
        if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
                printk(KERN_ERR "SELinux: initialized (dev %s, type %s), unknown behavior\n",
                       sb->s_id, sb->s_type->name);
@@ -397,11 +395,11 @@ static int sb_finish_set_opts(struct super_block *sb)
                       sb->s_id, sb->s_type->name,
                       labeling_behaviors[sbsec->behavior-1]);
 
-       if (sbsec->behavior == SECURITY_FS_USE_GENFS ||
-           sbsec->behavior == SECURITY_FS_USE_MNTPOINT ||
-           sbsec->behavior == SECURITY_FS_USE_NONE ||
-           sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
-               sbsec->flags &= ~SBLABEL_MNT;
+       sbsec->flags |= SE_SBINITIALIZED;
+       if (sbsec->behavior == SECURITY_FS_USE_XATTR ||
+           sbsec->behavior == SECURITY_FS_USE_TRANS ||
+           sbsec->behavior == SECURITY_FS_USE_TASK)
+               sbsec->flags |= SBLABEL_MNT;
 
        /* Special handling for sysfs. Is genfs but also has setxattr handler*/
        if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0)
@@ -476,9 +474,6 @@ static int selinux_get_mnt_opts(const struct super_block *sb,
                        opts->num_mnt_opts++;
                tmp >>= 1;
        }
-       /* Check if the Label support flag is set */
-       if (sbsec->flags & SBLABEL_MNT)
-               opts->num_mnt_opts++;
 
        opts->mnt_opts = kcalloc(opts->num_mnt_opts, sizeof(char *), GFP_ATOMIC);
        if (!opts->mnt_opts) {