Message ID | 1368038420-19879-1-git-send-email-jlayton@redhat.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 5c6f2cd..348f069 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -745,7 +745,7 @@ out: mutex_unlock(&sbsec->lock); return rc; out_double_mount: - rc = -EINVAL; + rc = -EBUSY; printk(KERN_WARNING "SELinux: mount invalid. Same superblock, different " "security settings for (dev %s, type %s)\n", sb->s_id, name); goto out;
Commit 094f7b69ea73 adds a new check to ensure that when we clone an existing superblock that the contexts match properly. We do however have another place where you can hit similar problems in selinux_set_mnt_opts. That function returns -EINVAL, whereas selinux_sb_clone_mnt_opts returns -EBUSY in this situation. I think -EBUSY is probably more descriptive of the situation here. The context= option would have worked had the superblock not already been in use. Fix selinux_set_mnt_opts to return -EBUSY instead of -EINVAL in this situation. Signed-off-by: Jeff Layton <jlayton@redhat.com> --- security/selinux/hooks.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)