executor: handle old and new selinux mount points

author: Dmitry Vyukov <dvyukov@google.com> 2018-01-23 12:56:00 +0100
committer: Dmitry Vyukov <dvyukov@google.com> 2018-01-23 12:56:00 +0100
commit: a5b7566c4a75cf70b3714f8dd2edc772174f28f9 (patch)
tree: 028fbac2c634c0485227f24fcdf1a3e04965cc74 /executor
parent: 3d76cc40d99e9f984db1ecc9310a8ea2004ec901 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/executor/common_linux.h b/executor/common_linux.h
index 9fe76d6bb..c971801fe 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -879,7 +879,8 @@ static int namespace_sandbox_proc(void* arg)
 		fail("mkdir failed");
 	if (mkdir("./syz-tmp/newroot/dev", 0700))
 		fail("mkdir failed");
-	if (mount("/dev", "./syz-tmp/newroot/dev", NULL, MS_BIND | MS_REC | MS_PRIVATE, NULL))
+	unsigned mount_flags = MS_BIND | MS_REC | MS_PRIVATE;
+	if (mount("/dev", "./syz-tmp/newroot/dev", NULL, mount_flags, NULL))
 		fail("mount(dev) failed");
 	if (mkdir("./syz-tmp/newroot/proc", 0700))
 		fail("mkdir failed");
@@ -887,7 +888,10 @@ static int namespace_sandbox_proc(void* arg)
 		fail("mount(proc) failed");
 	if (mkdir("./syz-tmp/newroot/selinux", 0700))
 		fail("mkdir failed");
-	if (mount("/selinux", "./syz-tmp/newroot/selinux", NULL, MS_BIND | MS_REC | MS_PRIVATE, NULL))
+	// selinux mount used to be at /selinux, but then moved to /sys/fs/selinux.
+	const char* selinux_path = "./syz-tmp/newroot/selinux";
+	if (mount("/selinux", selinux_path, NULL, mount_flags, NULL) &&
+	    mount("/sys/fs/selinux", selinux_path, NULL, mount_flags, NULL))
 		fail("mount(selinuxfs) failed");
 	if (mkdir("./syz-tmp/pivot", 0777))
 		fail("mkdir failed");
author	Dmitry Vyukov <dvyukov@google.com>	2018-01-23 12:56:00 +0100
committer	Dmitry Vyukov <dvyukov@google.com>	2018-01-23 12:56:00 +0100
commit	a5b7566c4a75cf70b3714f8dd2edc772174f28f9 (patch)
tree	028fbac2c634c0485227f24fcdf1a3e04965cc74 /executor
parent	3d76cc40d99e9f984db1ecc9310a8ea2004ec901 (diff)