Lines Matching defs:sbsec
323 struct superblock_security_struct *sbsec;
327 sbsec = inode->i_sb->s_security;
339 spin_lock(&sbsec->isec_lock);
341 spin_unlock(&sbsec->isec_lock);
347 struct superblock_security_struct *sbsec = sb->s_security;
349 kfree(sbsec);
412 struct superblock_security_struct *sbsec,
419 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,
431 struct superblock_security_struct *sbsec,
437 tsec->sid, sbsec->sid, SECCLASS_FILESYSTEM,
443 sid, sbsec->sid, SECCLASS_FILESYSTEM,
463 struct superblock_security_struct *sbsec = sb->s_security;
471 switch (sbsec->behavior) {
491 struct superblock_security_struct *sbsec = sb->s_security;
496 if (sbsec->behavior == SECURITY_FS_USE_XATTR) {
523 sbsec->flags |= SE_SBINITIALIZED;
531 sbsec->flags |= SBLABEL_MNT;
533 sbsec->flags &= ~SBLABEL_MNT;
542 spin_lock(&sbsec->isec_lock);
543 while (!list_empty(&sbsec->isec_head)) {
545 list_first_entry(&sbsec->isec_head,
549 spin_unlock(&sbsec->isec_lock);
556 spin_lock(&sbsec->isec_lock);
558 spin_unlock(&sbsec->isec_lock);
563 static int bad_option(struct superblock_security_struct *sbsec, char flag,
566 char mnt_flags = sbsec->flags & SE_MNTMASK;
569 if (sbsec->flags & SE_SBINITIALIZED)
570 if (!(sbsec->flags & flag) ||
577 if (!(sbsec->flags & SE_SBINITIALIZED))
604 struct superblock_security_struct *sbsec = sb->s_security;
605 struct dentry *root = sbsec->sb->s_root;
612 mutex_lock(&sbsec->lock);
644 if ((sbsec->flags & SE_SBINITIALIZED) && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)
660 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid,
663 sbsec->flags |= FSCONTEXT_MNT;
669 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid,
672 sbsec->flags |= CONTEXT_MNT;
678 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid,
681 sbsec->flags |= ROOTCONTEXT_MNT;
687 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid,
690 sbsec->flags |= DEFCONTEXT_MNT;
694 if (sbsec->flags & SE_SBINITIALIZED) {
696 if ((sbsec->flags & SE_MNTMASK) && !opts)
703 sbsec->flags |= SE_SBPROC | SE_SBGENFS;
710 sbsec->flags |= SE_SBGENFS;
715 sbsec->flags |= SE_SBGENFS | SE_SBGENFS_XATTR;
717 if (!sbsec->behavior) {
744 if (sbsec->behavior == SECURITY_FS_USE_XATTR) {
745 sbsec->behavior = SECURITY_FS_USE_MNTPOINT;
750 &sbsec->mntpoint_sid);
759 rc = may_context_mount_sb_relabel(fscontext_sid, sbsec, cred);
763 sbsec->sid = fscontext_sid;
772 sbsec->behavior = SECURITY_FS_USE_NATIVE;
778 rc = may_context_mount_sb_relabel(context_sid, sbsec,
782 sbsec->sid = context_sid;
784 rc = may_context_mount_inode_relabel(context_sid, sbsec,
792 sbsec->mntpoint_sid = context_sid;
793 sbsec->behavior = SECURITY_FS_USE_MNTPOINT;
797 rc = may_context_mount_inode_relabel(rootcontext_sid, sbsec,
807 if (sbsec->behavior != SECURITY_FS_USE_XATTR &&
808 sbsec->behavior != SECURITY_FS_USE_NATIVE) {
815 if (defcontext_sid != sbsec->def_sid) {
817 sbsec, cred);
822 sbsec->def_sid = defcontext_sid;
828 mutex_unlock(&sbsec->lock);
1062 struct superblock_security_struct *sbsec = sb->s_security;
1065 if (!(sbsec->flags & SE_SBINITIALIZED))
1071 if (sbsec->flags & FSCONTEXT_MNT) {
1074 rc = show_sid(m, sbsec->sid);
1078 if (sbsec->flags & CONTEXT_MNT) {
1081 rc = show_sid(m, sbsec->mntpoint_sid);
1085 if (sbsec->flags & DEFCONTEXT_MNT) {
1088 rc = show_sid(m, sbsec->def_sid);
1092 if (sbsec->flags & ROOTCONTEXT_MNT) {
1093 struct dentry *root = sbsec->sb->s_root;
1101 if (sbsec->flags & SBLABEL_MNT) {
1395 struct superblock_security_struct *sbsec = NULL;
1412 sbsec = inode->i_sb->s_security;
1413 if (!(sbsec->flags & SE_SBINITIALIZED)) {
1417 spin_lock(&sbsec->isec_lock);
1419 list_add(&isec->list, &sbsec->isec_head);
1420 spin_unlock(&sbsec->isec_lock);
1430 switch (sbsec->behavior) {
1435 sid = sbsec->def_sid;
1459 * sbsec->isec_head list. No reason to complain as these
1467 rc = inode_doinit_use_xattr(inode, dentry, sbsec->def_sid,
1478 sid = sbsec->sid;
1487 sid = sbsec->mntpoint_sid;
1491 sid = sbsec->sid;
1493 if ((sbsec->flags & SE_SBGENFS) &&
1515 * sbsec->isec_head list. No reason to complain as
1523 sbsec->flags, &sid);
1529 if ((sbsec->flags & SE_SBGENFS_XATTR) &&
1763 const struct superblock_security_struct *sbsec = dir->i_sb->s_security;
1765 if ((sbsec->flags & SE_SBINITIALIZED) &&
1766 (sbsec->behavior == SECURITY_FS_USE_MNTPOINT)) {
1767 *_new_isid = sbsec->mntpoint_sid;
1768 } else if ((sbsec->flags & SBLABEL_MNT) &&
1788 struct superblock_security_struct *sbsec;
1794 sbsec = dir->i_sb->s_security;
1819 newsid, sbsec->sid,
1940 struct superblock_security_struct *sbsec;
1943 sbsec = sb->s_security;
1945 sid, sbsec->sid, SECCLASS_FILESYSTEM, perms, ad);
2566 struct superblock_security_struct *sbsec;
2568 sbsec = kzalloc(sizeof(struct superblock_security_struct), GFP_KERNEL);
2569 if (!sbsec)
2572 mutex_init(&sbsec->lock);
2573 INIT_LIST_HEAD(&sbsec->isec_head);
2574 spin_lock_init(&sbsec->isec_lock);
2575 sbsec->sb = sb;
2576 sbsec->sid = SECINITSID_UNLABELED;
2577 sbsec->def_sid = SECINITSID_FILE;
2578 sbsec->mntpoint_sid = SECINITSID_UNLABELED;
2579 sb->s_security = sbsec;
2667 struct superblock_security_struct *sbsec = sb->s_security;
2671 if (!(sbsec->flags & SE_SBINITIALIZED))
2681 if (bad_option(sbsec, FSCONTEXT_MNT, sbsec->sid, sid))
2688 if (bad_option(sbsec, CONTEXT_MNT, sbsec->mntpoint_sid, sid))
2697 if (bad_option(sbsec, ROOTCONTEXT_MNT, root_isec->sid, sid))
2704 if (bad_option(sbsec, DEFCONTEXT_MNT, sbsec->def_sid, sid))
2899 struct superblock_security_struct *sbsec;
2904 sbsec = dir->i_sb->s_security;
2915 if (sbsec->flags & SE_SBINITIALIZED) {
2923 !(sbsec->flags & SBLABEL_MNT))
3131 struct superblock_security_struct *sbsec;
3149 sbsec = inode->i_sb->s_security;
3150 if (!(sbsec->flags & SBLABEL_MNT))
3212 sbsec->sid,
3391 struct superblock_security_struct *sbsec = inode->i_sb->s_security;
3398 if (!(sbsec->flags & SBLABEL_MNT))