From: Mark Salyzyn <salyzyn@google.com>
Date: Wed, 7 Jan 2015 17:27:15 +0000 (-0800)
Subject: [PATCH 5/5] pstore: selinux: add security in-core xattr support for pstore and debugfs
X-Git-Tag: firefly_0821_release~4090^2~95
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=2294d499b7969df3838becf5e58bf16b0e3c86c8;p=firefly-linux-kernel-4.4.55.git

[PATCH 5/5] pstore: selinux: add security in-core xattr support for pstore and debugfs

- add "pstore" and "debugfs" to list of in-core exceptions
- change fstype checks to boolean equation
- change from strncmp to strcmp for checking

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 18917345
Bug: 18935184
Change-Id: Ib648f30ce4b5d6c96f11465836d6fee89bec1c72
---

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index a8de30bd733a..0fa3195626a9 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -418,15 +418,11 @@ static int sb_finish_set_opts(struct super_block *sb)
 	    sbsec->behavior > ARRAY_SIZE(labeling_behaviors))
 		sbsec->flags &= ~SE_SBLABELSUPP;
 
-	/* Special handling for sysfs. Is genfs but also has setxattr handler*/
-	if (strncmp(sb->s_type->name, "sysfs", sizeof("sysfs")) == 0)
-		sbsec->flags |= SE_SBLABELSUPP;
-
-	/*
-	 * Special handling for rootfs. Is genfs but supports
-	 * setting SELinux context on in-core inodes.
-	 */
-	if (strncmp(sb->s_type->name, "rootfs", sizeof("rootfs")) == 0)
+	/* Special handling. Is genfs but also has in-core setxattr handler*/
+	if (!strcmp(sb->s_type->name, "sysfs") ||
+	    !strcmp(sb->s_type->name, "pstore") ||
+	    !strcmp(sb->s_type->name, "debugfs") ||
+	    !strcmp(sb->s_type->name, "rootfs"))
 		sbsec->flags |= SE_SBLABELSUPP;
 
 	/* Initialize the root inode. */