aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2018-11-17 12:09:18 -0500
committerAl Viro <viro@zeniv.linux.org.uk>2018-12-21 11:46:00 -0500
commitf5c0c26d9008b355babb6d16f3d7c4de3bada0e7 (patch)
tree27370bd41579aa94dd36056956554e922a4455f9 /fs
parentLSM: lift extracting and parsing LSM options into the caller of ->sb_remount() (diff)
downloadlinux-dev-f5c0c26d9008b355babb6d16f3d7c4de3bada0e7.tar.xz
linux-dev-f5c0c26d9008b355babb6d16f3d7c4de3bada0e7.zip
new helper: security_sb_eat_lsm_opts()
combination of alloc_secdata(), security_sb_copy_data(), security_sb_parse_opt_str() and free_secdata(). Reviewed-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r--fs/btrfs/super.c15
-rw-r--r--fs/namespace.c11
-rw-r--r--fs/nfs/super.c15
-rw-r--r--fs/super.c13
4 files changed, 5 insertions, 49 deletions
diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c
index b362b45dd757..6fc8e963ad44 100644
--- a/fs/btrfs/super.c
+++ b/fs/btrfs/super.c
@@ -1461,20 +1461,7 @@ out:
static int parse_security_options(char *orig_opts,
struct security_mnt_opts *sec_opts)
{
- char *secdata = NULL;
- int ret = 0;
-
- secdata = alloc_secdata();
- if (!secdata)
- return -ENOMEM;
- ret = security_sb_copy_data(orig_opts, secdata);
- if (ret) {
- free_secdata(secdata);
- return ret;
- }
- ret = security_sb_parse_opts_str(secdata, sec_opts);
- free_secdata(secdata);
- return ret;
+ return security_sb_eat_lsm_opts(orig_opts, sec_opts);
}
static int setup_security_options(struct btrfs_fs_info *fs_info,
diff --git a/fs/namespace.c b/fs/namespace.c
index 341793fbd390..39aca7b69c2e 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2312,16 +2312,7 @@ static int do_remount(struct path *path, int ms_flags, int sb_flags,
security_init_mnt_opts(&opts);
if (data && !(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)) {
- char *secdata = alloc_secdata();
- if (!secdata)
- return -ENOMEM;
- err = security_sb_copy_data(data, secdata);
- if (err) {
- free_secdata(secdata);
- return err;
- }
- err = security_sb_parse_opts_str(secdata, &opts);
- free_secdata(secdata);
+ err = security_sb_eat_lsm_opts(data, &opts);
if (err)
return err;
}
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index ac4b2f005778..f9c8847171e8 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -1206,7 +1206,7 @@ static int nfs_get_option_ul_bound(substring_t args[], unsigned long *option,
static int nfs_parse_mount_options(char *raw,
struct nfs_parsed_mount_data *mnt)
{
- char *p, *string, *secdata;
+ char *p, *string;
int rc, sloppy = 0, invalid_option = 0;
unsigned short protofamily = AF_UNSPEC;
unsigned short mountfamily = AF_UNSPEC;
@@ -1217,20 +1217,10 @@ static int nfs_parse_mount_options(char *raw,
}
dfprintk(MOUNT, "NFS: nfs mount opts='%s'\n", raw);
- secdata = alloc_secdata();
- if (!secdata)
- goto out_nomem;
-
- rc = security_sb_copy_data(raw, secdata);
- if (rc)
- goto out_security_failure;
-
- rc = security_sb_parse_opts_str(secdata, &mnt->lsm_opts);
+ rc = security_sb_eat_lsm_opts(raw, &mnt->lsm_opts);
if (rc)
goto out_security_failure;
- free_secdata(secdata);
-
while ((p = strsep(&raw, ",")) != NULL) {
substring_t args[MAX_OPT_ARGS];
unsigned long option;
@@ -1682,7 +1672,6 @@ out_nomem:
printk(KERN_INFO "NFS: not enough memory to parse option\n");
return 0;
out_security_failure:
- free_secdata(secdata);
printk(KERN_INFO "NFS: security options invalid: %d\n", rc);
return 0;
}
diff --git a/fs/super.c b/fs/super.c
index 8d9c9199832d..d571527cb8b8 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -1252,18 +1252,7 @@ mount_fs(struct file_system_type *type, int flags, const char *name, void *data)
security_init_mnt_opts(&opts);
if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) {
- char *secdata = alloc_secdata();
- if (!secdata)
- return ERR_PTR(-ENOMEM);
-
- error = security_sb_copy_data(data, secdata);
- if (error) {
- free_secdata(secdata);
- return ERR_PTR(error);
- }
-
- error = security_sb_parse_opts_str(secdata, &opts);
- free_secdata(secdata);
+ error = security_sb_eat_lsm_opts(data, &opts);
if (error)
return ERR_PTR(error);
}