[PATCH] selinux: fix and cleanup mprotect checks
Fix the SELinux mprotect checks on executable mappings so that they are not re-applied when the mapping is already executable as well as cleaning up the code. This avoids a situation where e.g. an application is prevented from removing PROT_WRITE on an already executable mapping previously authorized via execmem permission due to an execmod denial. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This commit is contained in:
parent
ee13d785ea
commit
db4c9641de
1 changed files with 21 additions and 29 deletions
|
@ -2454,35 +2454,27 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
|
||||||
prot = reqprot;
|
prot = reqprot;
|
||||||
|
|
||||||
#ifndef CONFIG_PPC32
|
#ifndef CONFIG_PPC32
|
||||||
if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXECUTABLE) &&
|
if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
|
||||||
(vma->vm_start >= vma->vm_mm->start_brk &&
|
rc = 0;
|
||||||
vma->vm_end <= vma->vm_mm->brk)) {
|
if (vma->vm_start >= vma->vm_mm->start_brk &&
|
||||||
/*
|
vma->vm_end <= vma->vm_mm->brk) {
|
||||||
* We are making an executable mapping in the brk region.
|
rc = task_has_perm(current, current,
|
||||||
* This has an additional execheap check.
|
PROCESS__EXECHEAP);
|
||||||
*/
|
} else if (!vma->vm_file &&
|
||||||
rc = task_has_perm(current, current, PROCESS__EXECHEAP);
|
vma->vm_start <= vma->vm_mm->start_stack &&
|
||||||
if (rc)
|
vma->vm_end >= vma->vm_mm->start_stack) {
|
||||||
return rc;
|
rc = task_has_perm(current, current, PROCESS__EXECSTACK);
|
||||||
}
|
} else if (vma->vm_file && vma->anon_vma) {
|
||||||
if (vma->vm_file != NULL && vma->anon_vma != NULL && (prot & PROT_EXEC)) {
|
/*
|
||||||
/*
|
* We are making executable a file mapping that has
|
||||||
* We are making executable a file mapping that has
|
* had some COW done. Since pages might have been
|
||||||
* had some COW done. Since pages might have been written,
|
* written, check ability to execute the possibly
|
||||||
* check ability to execute the possibly modified content.
|
* modified content. This typically should only
|
||||||
* This typically should only occur for text relocations.
|
* occur for text relocations.
|
||||||
*/
|
*/
|
||||||
int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
|
rc = file_has_perm(current, vma->vm_file,
|
||||||
if (rc)
|
FILE__EXECMOD);
|
||||||
return rc;
|
}
|
||||||
}
|
|
||||||
if (!vma->vm_file && (prot & PROT_EXEC) &&
|
|
||||||
vma->vm_start <= vma->vm_mm->start_stack &&
|
|
||||||
vma->vm_end >= vma->vm_mm->start_stack) {
|
|
||||||
/* Attempt to make the process stack executable.
|
|
||||||
* This has an additional execstack check.
|
|
||||||
*/
|
|
||||||
rc = task_has_perm(current, current, PROCESS__EXECSTACK);
|
|
||||||
if (rc)
|
if (rc)
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue