]> err.no Git - linux-2.6/commit
[PATCH] selinux: fix and cleanup mprotect checks
authorStephen Smalley <sds@tycho.nsa.gov>
Wed, 1 Feb 2006 11:05:54 +0000 (03:05 -0800)
committerLinus Torvalds <torvalds@g5.osdl.org>
Wed, 1 Feb 2006 16:53:18 +0000 (08:53 -0800)
commitdb4c9641def55d36a6f9df79deb8a949292313ca
treef3b786a346f0c987d796784e1e08154338263ad3
parentee13d785eac1fbe7e79ecca77bf7e902734a0b30
[PATCH] selinux: fix and cleanup mprotect checks

Fix the SELinux mprotect checks on executable mappings so that they are not
re-applied when the mapping is already executable as well as cleaning up
the code.  This avoids a situation where e.g.  an application is prevented
from removing PROT_WRITE on an already executable mapping previously
authorized via execmem permission due to an execmod denial.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
security/selinux/hooks.c