diff options
author | James Morris <jmorris@namei.org> | 2008-07-15 18:32:49 +1000 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-07-15 18:32:49 +1000 |
commit | 089be43e403a78cd6889cde2fba164fefe9dfd89 (patch) | |
tree | de401b27c91c528dbf64c712e6b64d185ded0c54 /security/selinux/ss | |
parent | 50515af207d410c9f228380e529c56f43c3de0bd (diff) |
Revert "SELinux: allow fstype unknown to policy to use xattrs if present"
This reverts commit 811f3799279e567aa354c649ce22688d949ac7a9.
From Eric Paris:
"Please drop this patch for now. It deadlocks on ntfs-3g. I need to
rework it to handle fuse filesystems better. (casey was right)"
Diffstat (limited to 'security/selinux/ss')
-rw-r--r-- | security/selinux/ss/services.c | 27 |
1 files changed, 8 insertions, 19 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index 8e42da12010..b52f923ce68 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1934,8 +1934,7 @@ out: int security_fs_use( const char *fstype, unsigned int *behavior, - u32 *sid, - bool can_xattr) + u32 *sid) { int rc = 0; struct ocontext *c; @@ -1949,7 +1948,6 @@ int security_fs_use( c = c->next; } - /* look for labeling behavior defined in policy */ if (c) { *behavior = c->v.behavior; if (!c->sid[0]) { @@ -1960,23 +1958,14 @@ int security_fs_use( goto out; } *sid = c->sid[0]; - goto out; - } - - /* labeling behavior not in policy, use xattrs if possible */ - if (can_xattr) { - *behavior = SECURITY_FS_USE_XATTR; - *sid = SECINITSID_FS; - goto out; - } - - /* no behavior in policy and can't use xattrs, try GENFS */ - rc = security_genfs_sid(fstype, "/", SECCLASS_DIR, sid); - if (rc) { - *behavior = SECURITY_FS_USE_NONE; - rc = 0; } else { - *behavior = SECURITY_FS_USE_GENFS; + rc = security_genfs_sid(fstype, "/", SECCLASS_DIR, sid); + if (rc) { + *behavior = SECURITY_FS_USE_NONE; + rc = 0; + } else { + *behavior = SECURITY_FS_USE_GENFS; + } } out: |