Comment 2 for bug 2012563

The bitflags for the other mount options are defined in `include/uapi/linux/mount.h` of the Linux source tree, and there is no such definitions for 'nofail', so I don't think adding kernel mappings of this form (e.g. MS_RDONLY) is the solution. These options are supported by 'mount' using userspace option mappings of the form MNT_MS_NOFAIL (see: https://github.com/util-linux/util-linux/blob/master/libmount/src/optmap.c). Perhaps a similar approach could be used by apparmor to validate fs-independent userspace mount options such as nofail?

Note, however, that the 'lazytime' option does have a kernel option mapping: `#define MS_LAZYTIME (1<<25)` (in `include/uapi/linux/mount.h`). There is no option mapping for (1<<25) in `parser/mount.h`. Was this option deliberately excluded, or can it be added?

If it can be added, then 'nolazytime' is simply a matter of clearing the 'lazytime' bit.

There already exists a mapping for 'strictatime', so it should be simple enough for me to add a mapping for `nostrictatime` which sets 0 and clears MS_STRICTATIME.