Re: [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel

[Cory Olmo <colmo@TrustedCS.com>]

On Tue, 15 Aug 2006 15:21:48 -0400
James Morris <jmorris@namei.org> wrote:

> On Tue, 15 Aug 2006, Cory Olmo wrote:
> 
> > This patch modifies selinux_sb_copy_data() so that it will only take
> an 
> > option after seeing a ',' if it hasn't seen a quote or if the quotes
> are 
> > matched. 
> 
> 
> Why?

Sorry the wording was poor on this one.  The goal is to allow the context 
portion of the option data to contain commas.  To do that I went with 
quoting the context.  In order for the quoted context to be taken as a 
single option, selinux_sb_copy_data() needed to know when it had seen an 
opening quote and be able to hold off on taking the option until it had 
seen the closing quote.  

This patch modifies selinux_sb_copy_data() to mark a flag value when it runs 
across a '"'.  This flag value is consulted each time a comma is 
encountered.  If the flag indicates that the current option has an embedded 
quote it will move on to the next character.  If the flag indicates that 
there is either a matched set of quotes or no quotes at all then the option 
can be taken.  If the option happens to be an selinux option then the new 
routine take_selinux_option() is called.  take_selinux_option() will copy the 
option to the previously allocated selinux data page.  While it is doing the 
copying it will skip any quotes present in the option so the data page contains 
only the raw unquoted context.  The previously used comma separator between 
options in the selinux data page is also replaced with a '|' character which 
allows try_context_mount() to properly extract whole context option strings 
as well.

> 
> 
> -- 
> James Morris
> <jmorris@namei.org>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.