mount: add rootcontext= SELinux mount option

Note, the description in the mount.8 man page is copy & paste from
rootcontext= kernel patch (by James Morris). I didn't found anything
more useful... (patches welcomed:-)

Signed-off-by: Karel Zak <kzak@redhat.com>

2 files changed, 11 insertions, 1 deletions

diff --git a/mount/mount.8 b/mount/mount.8
index 8905599ee..50655f0be 100644
--- a/mount/mount.8
+++ b/mount/mount.8
@@ -678,7 +678,7 @@ Can only be mounted explicitly (i.e., the
 .B \-a
 option will not cause the file system to be mounted).
 .TP
-\fBcontext=\fP\fIcontext\fP, \fBfscontext=\fP\fIcontext\fP and \fBdefcontext=\fP\fIcontext\fP
+\fBcontext=\fP\fIcontext\fP, \fBfscontext=\fP\fIcontext\fP, \fBdefcontext=\fP\fIcontext\fP and \fBrootcontext=\fP\fIcontext\fP
 The
 .BR context=
 option is useful when mounting filesystems that do not support
@@ -719,6 +719,12 @@ You can set the default security context for unlabeled files using
 option. This overrides the value set for unlabeled files in the policy and requires a
 file system that supports xattr labeling.
 
+The
+.BR rootcontext=
+option allows you to explicitly label the root inode of a FS being mounted
+before that FS or inode because visable to userspace. This was found to be
+useful for things like stateless linux.
+
 For more details, see
 .BR selinux (8)
 
diff --git a/mount/mount.c b/mount/mount.c
index e70121ccc..f92b23cba 100644
--- a/mount/mount.c
+++ b/mount/mount.c
@@ -422,6 +422,10 @@ parse_opt(char *opt, int *mask, char **extra_opts) {
 		if (append_context("defcontext=", opt+11, extra_opts) == 0)
 			return;
 	}
+	if (strncmp(opt, "rootcontext=", 12) == 0 && *(opt+12)) {
+		if (append_context("rootcontext=", opt+12, extra_opts) == 0)
+			return;
+	}
 #endif
 	*extra_opts = append_opt(*extra_opts, opt, NULL);
 }