vfs: Put security flags into the fs_context struct

Put security flags, such as SECURITY_LSM_NATIVE_LABELS, into the filesystem
context so that the filesystem can communicate them to the LSM more easily.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/include/linux/fs_context.h b/include/linux/fs_context.h
index 899027c947887f0bf5f867d82107eb5caf0b6357..d5ff3b0bc28d9c4069f49a51724216f125af322a 100644 (file)
--- a/include/linux/fs_context.h
+++ b/include/linux/fs_context.h
@@ -85,6 +85,7 @@ struct fs_context {
        void                    *security;      /* Linux S&M options */
        unsigned int            sb_flags;       /* Proposed superblock flags (SB_*) */
        unsigned int            sb_flags_mask;  /* Superblock flags that were changed */
+       unsigned int            lsm_flags;      /* Information flags from the fs to the LSM */
        enum fs_context_purpose purpose:8;
        bool                    need_free:1;    /* Need to call ops->free() */
 };

diff --git a/include/linux/security.h b/include/linux/security.h
index 1cc4d7a3d6fa0dc5ed83c65c63f141763552a84d..2da9336a987ec13449a518be959031e8b40e5d16 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -61,7 +61,7 @@ enum fs_value_type;
 #define SECURITY_CAP_NOAUDIT 0
 #define SECURITY_CAP_AUDIT 1
 
-/* LSM Agnostic defines for sb_set_mnt_opts */
+/* LSM Agnostic defines for fs_context::lsm_flags */
 #define SECURITY_LSM_NATIVE_LABELS     1
 
 struct ctl_table;