Commit 845ca30f authored by Eric Paris's avatar Eric Paris Committed by James Morris

selinux: implement mmap on /selinux/policy

/selinux/policy allows a user to copy the policy back out of the kernel.
This patch allows userspace to actually mmap that file and use it directly.
Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent cee74f47
...@@ -439,9 +439,53 @@ static ssize_t sel_read_policy(struct file *filp, char __user *buf, ...@@ -439,9 +439,53 @@ static ssize_t sel_read_policy(struct file *filp, char __user *buf,
return ret; return ret;
} }
static int sel_mmap_policy_fault(struct vm_area_struct *vma,
struct vm_fault *vmf)
{
struct policy_load_memory *plm = vma->vm_file->private_data;
unsigned long offset;
struct page *page;
if (vmf->flags & (FAULT_FLAG_MKWRITE | FAULT_FLAG_WRITE))
return VM_FAULT_SIGBUS;
offset = vmf->pgoff << PAGE_SHIFT;
if (offset >= roundup(plm->len, PAGE_SIZE))
return VM_FAULT_SIGBUS;
page = vmalloc_to_page(plm->data + offset);
get_page(page);
vmf->page = page;
return 0;
}
static struct vm_operations_struct sel_mmap_policy_ops = {
.fault = sel_mmap_policy_fault,
.page_mkwrite = sel_mmap_policy_fault,
};
int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma)
{
if (vma->vm_flags & VM_SHARED) {
/* do not allow mprotect to make mapping writable */
vma->vm_flags &= ~VM_MAYWRITE;
if (vma->vm_flags & VM_WRITE)
return -EACCES;
}
vma->vm_flags |= VM_RESERVED;
vma->vm_ops = &sel_mmap_policy_ops;
return 0;
}
static const struct file_operations sel_policy_ops = { static const struct file_operations sel_policy_ops = {
.open = sel_open_policy, .open = sel_open_policy,
.read = sel_read_policy, .read = sel_read_policy,
.mmap = sel_mmap_policy,
.release = sel_release_policy, .release = sel_release_policy,
}; };
......
...@@ -3169,7 +3169,7 @@ int security_read_policy(void **data, ssize_t *len) ...@@ -3169,7 +3169,7 @@ int security_read_policy(void **data, ssize_t *len)
*len = security_policydb_len(); *len = security_policydb_len();
*data = vmalloc(*len); *data = vmalloc_user(*len);
if (!*data) if (!*data)
return -ENOMEM; return -ENOMEM;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment