git.neil.brown.name Git - history.git/commit

author	James Morris <jmorris@redhat.com>
	Wed, 13 Oct 2004 14:28:10 +0000 (07:28 -0700)
committer	Linus Torvalds <torvalds@ppc970.osdl.org>
	Wed, 13 Oct 2004 14:28:10 +0000 (07:28 -0700)
commit	a296caddf16d4dfb66276851f7035ceab6418758
tree	3e899fb23dad6090e7ad4a5be2d0c8b94002126c	tree \| snapshot
parent	5334d6a190f651ce4992ed2923305e15e6345eb4	commit \| diff

[PATCH] SELinux: fix bugs in mprotect hook

The patch below by Roland McGrath fixes two bugs in the implementation of
the selinux_file_mprotect hook:

  It calls selinux_file_mmap, which has two problems.  First, the stacked
  security module will get both mmap and mprotect callbacks for an
  mprotect call, which is wrong.  Secondly, the vm_flags value contains
  VM_* bits, and these do not match the MAP_* bits of the same name or
  function, so it passes bogus flags and causes every mprotect to be
  treated as if MAP_SHARED were in use.

  The patch shares the common code while not having one function call the
  other, and fixes these two bugs.

Signed-off-by: James Morris <jmorris@redhat.com>
Signed-off-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>