[PATCH][SELINUX] Allow mounting of filesystems with invalid rootinode context

From: Stephen Smalley
Date: Mon Mar 21 2005 - 10:59:37 EST

Next message: Jan Engelhardt: "Re: [PATCH] cifs: MODULE_PARM_DESC"
Previous message: Magnus Damm: "[PATCH] cifs: MODULE_PARM_DESC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This patch alters the SELinux handling of inodes with invalid security
contexts so that a filesystem with a root inode that has an invalid
security context can still be mounted for administrative recovery
without disabling SELinux altogether. Please apply.

Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
Signed-off-by: James Morris <jmorris@xxxxxxxxxx>

security/selinux/hooks.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletion(-)

Index: linux-2.6/security/selinux/hooks.c
===================================================================
RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/hooks.c,v
retrieving revision 1.157
diff -u -p -r1.157 hooks.c
--- linux-2.6/security/selinux/hooks.c 14 Mar 2005 19:56:52 -0000 1.157
+++ linux-2.6/security/selinux/hooks.c 18 Mar 2005 20:39:03 -0000
@@ -828,7 +828,9 @@ static int inode_doinit_with_dentry(stru
__FUNCTION__, context, -rc,
inode->i_sb->s_id, inode->i_ino);
kfree(context);
- goto out;
+ /* Leave with the unlabeled SID */
+ rc = 0;
+ break;
}
}
kfree(context);

--
Stephen Smalley <sds@xxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jan Engelhardt: "Re: [PATCH] cifs: MODULE_PARM_DESC"
Previous message: Magnus Damm: "[PATCH] cifs: MODULE_PARM_DESC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]