368 static int superblock_alloc_security(struct super_block *sb)  in superblock_alloc_security()  argument
379 	sbsec->sb = sb;  in superblock_alloc_security()
383 	sb->s_security = sbsec;  in superblock_alloc_security()
388 static void superblock_free_security(struct super_block *sb)  in superblock_free_security()  argument
390 	struct superblock_security_struct *sbsec = sb->s_security;  in superblock_free_security()
391 	sb->s_security = NULL;  in superblock_free_security()
496 static int selinux_is_genfs_special_handling(struct super_block *sb)  in selinux_is_genfs_special_handling()  argument
499 	return	!strcmp(sb->s_type->name, "sysfs") ||  in selinux_is_genfs_special_handling()
500 		!strcmp(sb->s_type->name, "pstore") ||  in selinux_is_genfs_special_handling()
501 		!strcmp(sb->s_type->name, "debugfs") ||  in selinux_is_genfs_special_handling()
502 		!strcmp(sb->s_type->name, "tracefs") ||  in selinux_is_genfs_special_handling()
503 		!strcmp(sb->s_type->name, "rootfs") ||  in selinux_is_genfs_special_handling()
505 		 (!strcmp(sb->s_type->name, "cgroup") ||  in selinux_is_genfs_special_handling()
506 		  !strcmp(sb->s_type->name, "cgroup2")));  in selinux_is_genfs_special_handling()
509 static int selinux_is_sblabel_mnt(struct super_block *sb)  in selinux_is_sblabel_mnt()  argument
511 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_is_sblabel_mnt()
527 		return selinux_is_genfs_special_handling(sb);  in selinux_is_sblabel_mnt()
537 static int sb_finish_set_opts(struct super_block *sb)  in sb_finish_set_opts()  argument
539 	struct superblock_security_struct *sbsec = sb->s_security;  in sb_finish_set_opts()
540 	struct dentry *root = sb->s_root;  in sb_finish_set_opts()
552 			       "xattr support\n", sb->s_id, sb->s_type->name);  in sb_finish_set_opts()
563 				       sb->s_id, sb->s_type->name);  in sb_finish_set_opts()
566 				       "%s) getxattr errno %d\n", sb->s_id,  in sb_finish_set_opts()
567 				       sb->s_type->name, -rc);  in sb_finish_set_opts()
579 	if (selinux_is_sblabel_mnt(sb))  in sb_finish_set_opts()
632 static int parse_sid(struct super_block *sb, const char *s, u32 *sid)  in parse_sid()  argument
639 		       s, sb->s_id, sb->s_type->name, rc);  in parse_sid()
647 static int selinux_set_mnt_opts(struct super_block *sb,  in selinux_set_mnt_opts()  argument
653 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_set_mnt_opts()
654 	struct dentry *root = sbsec->sb->s_root;  in selinux_set_mnt_opts()
693 	if ((sbsec->flags & SE_SBINITIALIZED) && (sb->s_type->fs_flags & FS_BINARY_MOUNTDATA)  in selinux_set_mnt_opts()
706 			rc = parse_sid(sb, opts->fscontext, &fscontext_sid);  in selinux_set_mnt_opts()
715 			rc = parse_sid(sb, opts->context, &context_sid);  in selinux_set_mnt_opts()
724 			rc = parse_sid(sb, opts->rootcontext, &rootcontext_sid);  in selinux_set_mnt_opts()
733 			rc = parse_sid(sb, opts->defcontext, &defcontext_sid);  in selinux_set_mnt_opts()
751 	if (strcmp(sb->s_type->name, "proc") == 0)  in selinux_set_mnt_opts()
754 	if (!strcmp(sb->s_type->name, "debugfs") ||  in selinux_set_mnt_opts()
755 	    !strcmp(sb->s_type->name, "tracefs") ||  in selinux_set_mnt_opts()
756 	    !strcmp(sb->s_type->name, "binderfs") ||  in selinux_set_mnt_opts()
757 	    !strcmp(sb->s_type->name, "pstore"))  in selinux_set_mnt_opts()
760 	if (!strcmp(sb->s_type->name, "sysfs") ||  in selinux_set_mnt_opts()
761 	    !strcmp(sb->s_type->name, "cgroup") ||  in selinux_set_mnt_opts()
762 	    !strcmp(sb->s_type->name, "cgroup2"))  in selinux_set_mnt_opts()
770 		rc = security_fs_use(&selinux_state, sb);  in selinux_set_mnt_opts()
773 					__func__, sb->s_type->name, rc);  in selinux_set_mnt_opts()
783 	if (sb->s_user_ns != &init_user_ns &&  in selinux_set_mnt_opts()
784 	    strcmp(sb->s_type->name, "tmpfs") &&  in selinux_set_mnt_opts()
785 	    strcmp(sb->s_type->name, "ramfs") &&  in selinux_set_mnt_opts()
786 	    strcmp(sb->s_type->name, "devpts")) {  in selinux_set_mnt_opts()
874 	rc = sb_finish_set_opts(sb);  in selinux_set_mnt_opts()
881 	       "security settings for (dev %s, type %s)\n", sb->s_id,  in selinux_set_mnt_opts()
882 	       sb->s_type->name);  in selinux_set_mnt_opts()
1100 static int selinux_sb_show_options(struct seq_file *m, struct super_block *sb)  in selinux_sb_show_options()  argument
1102 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_sb_show_options()
1133 		struct dentry *root = sbsec->sb->s_root;  in selinux_sb_show_options()
1339 	struct super_block *sb = dentry->d_sb;  in selinux_genfs_get_sid()  local
1359 		rc = security_genfs_sid(&selinux_state, sb->s_type->name,  in selinux_genfs_get_sid()
1968 			       struct super_block *sb,  in superblock_has_perm()  argument
1975 	sbsec = sb->s_security;  in superblock_has_perm()
2185 static int selinux_quotactl(int cmds, int type, int id, struct super_block *sb)  in selinux_quotactl()  argument
2190 	if (!sb)  in selinux_quotactl()
2199 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAMOD, NULL);  in selinux_quotactl()
2204 		rc = superblock_has_perm(cred, sb, FILESYSTEM__QUOTAGET, NULL);  in selinux_quotactl()
2601 static int selinux_sb_alloc_security(struct super_block *sb)  in selinux_sb_alloc_security()  argument
2603 	return superblock_alloc_security(sb);  in selinux_sb_alloc_security()
2606 static void selinux_sb_free_security(struct super_block *sb)  in selinux_sb_free_security()  argument
2608 	superblock_free_security(sb);  in selinux_sb_free_security()
2686 static int selinux_sb_remount(struct super_block *sb, void *mnt_opts)  in selinux_sb_remount()  argument
2689 	struct superblock_security_struct *sbsec = sb->s_security;  in selinux_sb_remount()
2700 		rc = parse_sid(sb, opts->fscontext, &sid);  in selinux_sb_remount()
2707 		rc = parse_sid(sb, opts->context, &sid);  in selinux_sb_remount()
2715 		root_isec = backing_inode_security(sb->s_root);  in selinux_sb_remount()
2716 		rc = parse_sid(sb, opts->rootcontext, &sid);  in selinux_sb_remount()
2723 		rc = parse_sid(sb, opts->defcontext, &sid);  in selinux_sb_remount()
2733 	       "during remount (dev %s, type=%s)\n", sb->s_id,  in selinux_sb_remount()
2734 	       sb->s_type->name);  in selinux_sb_remount()
2738 static int selinux_sb_kern_mount(struct super_block *sb)  in selinux_sb_kern_mount()  argument
2744 	ad.u.dentry = sb->s_root;  in selinux_sb_kern_mount()
2745 	return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);  in selinux_sb_kern_mount()
7149 static void delayed_superblock_init(struct super_block *sb, void *unused)  in delayed_superblock_init()  argument
7151 	selinux_set_mnt_opts(sb, NULL, 0, NULL);  in delayed_superblock_init()