[PATCH 5/5] pstore: selinux: add security in-core xattr support for pstore and debugfs

- add "pstore" and "debugfs" to list of in-core exceptions
- change fstype checks to boolean equation
- change from strncmp to strcmp for checking

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 18917345
Bug: 18935184
Change-Id: Ib648f30ce4b5d6c96f11465836d6fee89bec1c72

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index a8de30bd733a5cc2d2043e234fbf0ba360d7282f..0fa3195626a903a3fb2f310e765ac4e38102ca23 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -418,15 +418,11 @@ static int sb_finish_set_opts(struct super_block *sb)
            sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
                sbsec->flags &= ~SE_SBLABELSUPP;
 
-       /* Special handling for sysfs. Is genfs but also has setxattr handler*/
-       if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0)
-               sbsec->flags |= SE_SBLABELSUPP;
-
-       /*
-        * Special handling for rootfs. Is genfs but supports
-        * setting SELinux context on in-core inodes.
-        */
-       if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0)
+       /* Special handling. Is genfs but also has in-core setxattr handler*/
+       if (!strcmp(sb->s_type->name, "sysfs") ||
+           !strcmp(sb->s_type->name, "pstore") ||
+           !strcmp(sb->s_type->name, "debugfs") ||
+           !strcmp(sb->s_type->name, "rootfs"))
                sbsec->flags |= SE_SBLABELSUPP;
 
        /* Initialize the root inode. */