#include <linux/fsnotify.h>
#include <linux/lockdep.h>
#include <linux/user_namespace.h>
+#include <uapi/linux/mount.h>
#include "internal.h"
static int thaw_super_locked(struct super_block *sb);
{
struct dentry *root;
struct super_block *sb;
- char *secdata = NULL;
int error = -ENOMEM;
+ void *sec_opts = NULL;
if (data && !(type->fs_flags & FS_BINARY_MOUNTDATA)) {
- secdata = alloc_secdata();
- if (!secdata)
- goto out;
-
- error = security_sb_copy_data(data, secdata);
+ error = security_sb_eat_lsm_opts(data, &sec_opts);
if (error)
- goto out_free_secdata;
+ return ERR_PTR(error);
}
root = type->mount(type, flags, name, data);
smp_wmb();
sb->s_flags |= SB_BORN;
- error = security_sb_kern_mount(sb, flags, secdata);
+ error = security_sb_set_mnt_opts(sb, sec_opts, 0, NULL);
if (error)
goto out_sb;
+ if (!(flags & (MS_KERNMOUNT|MS_SUBMOUNT))) {
+ error = security_sb_kern_mount(sb);
+ if (error)
+ goto out_sb;
+ }
+
/*
* filesystems should never set s_maxbytes larger than MAX_LFS_FILESIZE
* but s_maxbytes was an unsigned long long for many releases. Throw
"negative value (%lld)\n", type->name, sb->s_maxbytes);
up_write(&sb->s_umount);
- free_secdata(secdata);
+ security_free_mnt_opts(&sec_opts);
return root;
out_sb:
dput(root);
deactivate_locked_super(sb);
out_free_secdata:
- free_secdata(secdata);
-out:
+ security_free_mnt_opts(&sec_opts);
return ERR_PTR(error);
}