From 31381702d21a73ec676a6bcd068cea795b3a4433 Mon Sep 17 00:00:00 2001
From: James Morris <jmorris@namei.org>
Date: Fri, 19 Dec 2008 11:41:10 +1100
Subject: [PATCH] --- yaml --- r: 120751 b: refs/heads/master c:
 74192246910ff4fb95309ba1a683215644beeb62 h: refs/heads/master i:   120749:
 84aa18b2a2e0c6a75bc41eac6c43c3038083fe36   120747:
 c777109f46341db2a14ad5fad93afae928f68bde   120743:
 3f5e5cce09ff052c6cf0595a94a4008e6f7152c2   120735:
 7058b98b69a98b4e3da0a3dac9d2fe2ebc8bab1e v: v3

---
 [refs]                         | 2 +-
 trunk/security/selinux/hooks.c | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/[refs] b/[refs]
index 660d81dec208..bf0277810521 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 12204e24b1330428c3062faee10a0d80b8a5cb61
+refs/heads/master: 74192246910ff4fb95309ba1a683215644beeb62
diff --git a/trunk/security/selinux/hooks.c b/trunk/security/selinux/hooks.c
index 7465d713b531..853b58c8b2cb 100644
--- a/trunk/security/selinux/hooks.c
+++ b/trunk/security/selinux/hooks.c
@@ -2484,6 +2484,10 @@ static int selinux_sb_kern_mount(struct super_block *sb, int flags, void *data)
 	if (rc)
 		return rc;
 
+	/* Allow all mounts performed by the kernel */
+	if (flags & MS_KERNMOUNT)
+		return 0;
+
 	AVC_AUDIT_DATA_INIT(&ad, FS);
 	ad.u.fs.path.dentry = sb->s_root;
 	return superblock_has_perm(cred, sb, FILESYSTEM__MOUNT, &ad);