xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

split ->file_mmap() into ->mmap_addr()/->mmap_file()

Browse Source 
... i.e. file-dependent and address-dependent checks.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
Al Viro
2012-05-30 13:30:51 -04:00
parent d007794a18
commit e5467859f7
11 changed files with 64 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
security/selinux/hooks.c
View File

@@ -3083,9 +3083,7 @@ error:
return rc;
}
static int selinux_file_mmap(struct file *file, unsigned long reqprot,
unsigned long prot, unsigned long flags,
unsigned long addr, unsigned long addr_only)
static int selinux_mmap_addr(unsigned long addr)
{
int rc = 0;
u32 sid = current_sid();
@@ -3104,10 +3102,12 @@ static int selinux_file_mmap(struct file *file, unsigned long reqprot,
}
/* do DAC check on address space usage */
rc = cap_mmap_addr(addr);
if (rc || addr_only)
return rc;
return cap_mmap_addr(addr);
}
static int selinux_mmap_file(struct file *file, unsigned long reqprot,
unsigned long prot, unsigned long flags)
{
if (selinux_checkreqprot)
prot = reqprot;
@@ -5570,7 +5570,8 @@ static struct security_operations selinux_ops = {
.file_alloc_security = selinux_file_alloc_security,
.file_free_security = selinux_file_free_security,
.file_ioctl = selinux_file_ioctl,
.file_mmap = selinux_file_mmap,
.mmap_file = selinux_mmap_file,
.mmap_addr = selinux_mmap_addr,
.file_mprotect = selinux_file_mprotect,
.file_lock = selinux_file_lock,
.file_fcntl = selinux_file_fcntl,