Techwizz/kernel-fxtec-pro1x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

selinux: remove secondary ops call to file_mprotect

Browse source 
Remove secondary ops call to file_mprotect, which is
a noop in capabilities.

Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
James Morris 2009-01-29 12:19:51 +11:00
parent 438add6b32
commit d541bbee69
1 changed files with 1 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
security/selinux/hooks.c
View file

@ -3056,18 +3056,13 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
unsigned long prot) unsigned long prot)
{ {
const struct cred *cred = current_cred(); const struct cred *cred = current_cred();
int rc;
rc = secondary_ops->file_mprotect(vma, reqprot, prot);
if (rc)
return rc;
if (selinux_checkreqprot) if (selinux_checkreqprot)
prot = reqprot; prot = reqprot;
#ifndef CONFIG_PPC32 #ifndef CONFIG_PPC32
if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
rc = 0; int rc = 0;
if (vma->vm_start >= vma->vm_mm->start_brk && if (vma->vm_start >= vma->vm_mm->start_brk &&
vma->vm_end <= vma->vm_mm->brk) { vma->vm_end <= vma->vm_mm->brk) {
rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP); rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP);