387 static int superblock_alloc_security(struct super_block *sb)  in superblock_alloc_security()  argument
398 	sbsec->sb = sb;  in superblock_alloc_security()
402 	sb->s_security = sbsec;  in superblock_alloc_security()
407 static void superblock_free_security(struct super_block *sb)  in superblock_free_security()  argument
409 	struct superblock_security_struct *sbsec = sb->s_security;  in superblock_free_security()
410 	sb->s_security = NULL;  in superblock_free_security()
475 static int selinux_is_genfs_special_handling(struct super_block *sb)  in selinux_is_genfs_special_handling()  argument
478 	return	!strcmp(sb->s_type->name, "sysfs") ||  in selinux_is_genfs_special_handling()
479 		!strcmp(sb->s_type->name, "pstore") ||  in selinux_is_genfs_special_handling()
480 		!strcmp(sb->s_type->name, "debugfs") ||  in selinux_is_genfs_special_handling()
481 		!strcmp(sb->s_type->name, "tracefs") ||  in selinux_is_genfs_special_handling()
482 		!strcmp(sb->s_type->name, "rootfs") ||  in selinux_is_genfs_special_handling()
484 		 (!strcmp(sb->s_type->name, "cgroup") ||  in selinux_is_genfs_special_handling()
485 		  !strcmp(sb->s_type->name, "cgroup2")));  in selinux_is_genfs_special_handling()
488 static int selinux_is_sblabel_mnt(struct super_block *sb)  in selinux_is_sblabel_mnt()  argument
490 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_is_sblabel_mnt()
506 		return selinux_is_genfs_special_handling(sb);  in selinux_is_sblabel_mnt()
516 static int sb_finish_set_opts(struct super_block *sb)  in sb_finish_set_opts()  argument
518 	struct superblock_security_struct *sbsec = sb->s_security;  in sb_finish_set_opts()
519 	struct dentry *root = sb->s_root;  in sb_finish_set_opts()
531 			       "xattr support\n", sb->s_id, sb->s_type->name);  in sb_finish_set_opts()
541 				       sb->s_id, sb->s_type->name);  in sb_finish_set_opts()
544 				       "%s) getxattr errno %d\n", sb->s_id,  in sb_finish_set_opts()
545 				       sb->s_type->name, -rc);  in sb_finish_set_opts()
557 	if (selinux_is_sblabel_mnt(sb))  in sb_finish_set_opts()
597 static int selinux_get_mnt_opts(const struct super_block *sb,  in selinux_get_mnt_opts()  argument
601 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_get_mnt_opts()
663 		struct dentry *root = sbsec->sb->s_root;  in selinux_get_mnt_opts()
710 static int selinux_set_mnt_opts(struct super_block *sb,  in selinux_set_mnt_opts()  argument
717 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_set_mnt_opts()
718 	const char *name = sb->s_type->name;  in selinux_set_mnt_opts()
719 	struct dentry *root = sbsec->sb->s_root;  in selinux_set_mnt_opts()
759 	if ((sbsec->flags & SE_SBINITIALIZED) && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)  in selinux_set_mnt_opts()
779 			       mount_options[i], sb->s_id, name, rc);  in selinux_set_mnt_opts()
835 	if (strcmp(sb->s_type->name, "proc") == 0)  in selinux_set_mnt_opts()
838 	if (!strcmp(sb->s_type->name, "debugfs") ||  in selinux_set_mnt_opts()
839 	    !strcmp(sb->s_type->name, "tracefs") ||  in selinux_set_mnt_opts()
840 	    !strcmp(sb->s_type->name, "sysfs") ||  in selinux_set_mnt_opts()
841 	    !strcmp(sb->s_type->name, "pstore") ||  in selinux_set_mnt_opts()
842 	    !strcmp(sb->s_type->name, "cgroup") ||  in selinux_set_mnt_opts()
843 	    !strcmp(sb->s_type->name, "cgroup2"))  in selinux_set_mnt_opts()
851 		rc = security_fs_use(sb);  in selinux_set_mnt_opts()
855 					__func__, sb->s_type->name, rc);  in selinux_set_mnt_opts()
865 	if (sb->s_user_ns != &init_user_ns &&  in selinux_set_mnt_opts()
866 	    strcmp(sb->s_type->name, "tmpfs") &&  in selinux_set_mnt_opts()
867 	    strcmp(sb->s_type->name, "ramfs") &&  in selinux_set_mnt_opts()
868 	    strcmp(sb->s_type->name, "devpts")) {  in selinux_set_mnt_opts()
954 	rc = sb_finish_set_opts(sb);  in selinux_set_mnt_opts()
961 	       "security settings for (dev %s, type %s)\n", sb->s_id, name);  in selinux_set_mnt_opts()
1199 static int superblock_doinit(struct super_block *sb, void *data)  in superblock_doinit()  argument
1210 	BUG_ON(sb->s_type->fs_flags & FS_BINARY_MOUNTDATA);  in superblock_doinit()
1217 	rc = selinux_set_mnt_opts(sb, &opts, 0, NULL);  in superblock_doinit()
1270 static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb)  in selinux_sb_show_options()  argument
1275 	rc = selinux_get_mnt_opts(sb, &opts);  in selinux_sb_show_options()
1479 	struct super_block *sb = dentry->d_sb;  in selinux_genfs_get_sid()  local
1499 		rc = security_genfs_sid(sb->s_type->name, path, tclass, sid);  in selinux_genfs_get_sid()
2063 			       struct super_block *sb,  in superblock_has_perm()  argument
2070 	sbsec = sb->s_security;  in superblock_has_perm()
2267 static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb)  in selinux_quotactl()  argument
2272 	if (!sb)  in selinux_quotactl()
2281 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL);  in selinux_quotactl()
2286 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL);  in selinux_quotactl()
2670 static int selinux_sb_alloc_security(struct super_block *sb)  in selinux_sb_alloc_security()  argument
2672 	return superblock_alloc_security(sb);  in selinux_sb_alloc_security()
2675 static void selinux_sb_free_security(struct super_block *sb)  in selinux_sb_free_security()  argument
2677 	superblock_free_security(sb);  in selinux_sb_free_security()
2771 static int selinux_sb_remount(struct super_block *sb, void *data)  in selinux_sb_remount()  argument
2776 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_sb_remount()
2784 	if (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)  in selinux_sb_remount()
2811 			       mount_options[i], sb->s_id, sb->s_type->name, rc);  in selinux_sb_remount()
2826 			root_isec = backing_inode_security(sb->s_root);  in selinux_sb_remount()
2849 	       "during remount (dev %s, type=%s)\n", sb->s_id,  in selinux_sb_remount()
2850 	       sb->s_type->name);  in selinux_sb_remount()
2854 static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data)  in selinux_sb_kern_mount()  argument
2860 	rc = superblock_doinit(sb, data);  in selinux_sb_kern_mount()
2869 	ad.u.dentry = sb->s_root;  in selinux_sb_kern_mount()
2870 	return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);  in selinux_sb_kern_mount()
6711 static void delayed_superblock_init(struct super_block *sb, void *unused)  in delayed_superblock_init()  argument
6713 	superblock_doinit(sb, NULL);  in delayed_superblock_init()