aboutsummaryrefslogtreecommitdiff
path: root/security/selinux/ss
diff options
context:
space:
mode:
authorJames Morris <jmorris@namei.org>2008-07-15 18:32:49 +1000
committerJames Morris <jmorris@namei.org>2008-07-15 18:32:49 +1000
commit089be43e403a78cd6889cde2fba164fefe9dfd89 (patch)
treede401b27c91c528dbf64c712e6b64d185ded0c54 /security/selinux/ss
parent50515af207d410c9f228380e529c56f43c3de0bd (diff)
Revert "SELinux: allow fstype unknown to policy to use xattrs if present"
This reverts commit 811f3799279e567aa354c649ce22688d949ac7a9. From Eric Paris: "Please drop this patch for now. It deadlocks on ntfs-3g. I need to rework it to handle fuse filesystems better. (casey was right)"
Diffstat (limited to 'security/selinux/ss')
-rw-r--r--security/selinux/ss/services.c27
1 files changed, 8 insertions, 19 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 8e42da12010..b52f923ce68 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1934,8 +1934,7 @@ out:
int security_fs_use(
const char *fstype,
unsigned int *behavior,
- u32 *sid,
- bool can_xattr)
+ u32 *sid)
{
int rc = 0;
struct ocontext *c;
@@ -1949,7 +1948,6 @@ int security_fs_use(
c = c->next;
}
- /* look for labeling behavior defined in policy */
if (c) {
*behavior = c->v.behavior;
if (!c->sid[0]) {
@@ -1960,23 +1958,14 @@ int security_fs_use(
goto out;
}
*sid = c->sid[0];
- goto out;
- }
-
- /* labeling behavior not in policy, use xattrs if possible */
- if (can_xattr) {
- *behavior = SECURITY_FS_USE_XATTR;
- *sid = SECINITSID_FS;
- goto out;
- }
-
- /* no behavior in policy and can't use xattrs, try GENFS */
- rc = security_genfs_sid(fstype, "/", SECCLASS_DIR, sid);
- if (rc) {
- *behavior = SECURITY_FS_USE_NONE;
- rc = 0;
} else {
- *behavior = SECURITY_FS_USE_GENFS;
+ rc = security_genfs_sid(fstype, "/", SECCLASS_DIR, sid);
+ if (rc) {
+ *behavior = SECURITY_FS_USE_NONE;
+ rc = 0;
+ } else {
+ *behavior = SECURITY_FS_USE_GENFS;
+ }
}
out: