Commit db4c9641 authored by Stephen Smalley's avatar Stephen Smalley Committed by Linus Torvalds

[PATCH] selinux: fix and cleanup mprotect checks

Fix the SELinux mprotect checks on executable mappings so that they are not
re-applied when the mapping is already executable as well as cleaning up
the code.  This avoids a situation where e.g.  an application is prevented
from removing PROT_WRITE on an already executable mapping previously
authorized via execmem permission due to an execmod denial.
Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Acked-by: default avatarJames Morris <jmorris@namei.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent ee13d785
...@@ -2454,35 +2454,27 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, ...@@ -2454,35 +2454,27 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
prot = reqprot; prot = reqprot;
#ifndef CONFIG_PPC32 #ifndef CONFIG_PPC32
if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXECUTABLE) && if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
(vma->vm_start >= vma->vm_mm->start_brk && rc = 0;
vma->vm_end <= vma->vm_mm->brk)) { if (vma->vm_start >= vma->vm_mm->start_brk &&
/* vma->vm_end <= vma->vm_mm->brk) {
* We are making an executable mapping in the brk region. rc = task_has_perm(current, current,
* This has an additional execheap check. PROCESS__EXECHEAP);
*/ } else if (!vma->vm_file &&
rc = task_has_perm(current, current, PROCESS__EXECHEAP); vma->vm_start <= vma->vm_mm->start_stack &&
if (rc) vma->vm_end >= vma->vm_mm->start_stack) {
return rc; rc = task_has_perm(current, current, PROCESS__EXECSTACK);
} } else if (vma->vm_file && vma->anon_vma) {
if (vma->vm_file != NULL && vma->anon_vma != NULL && (prot & PROT_EXEC)) {
/* /*
* We are making executable a file mapping that has * We are making executable a file mapping that has
* had some COW done. Since pages might have been written, * had some COW done. Since pages might have been
* check ability to execute the possibly modified content. * written, check ability to execute the possibly
* This typically should only occur for text relocations. * modified content. This typically should only
* occur for text relocations.
*/ */
int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD); rc = file_has_perm(current, vma->vm_file,
if (rc) FILE__EXECMOD);
return rc;
} }
if (!vma->vm_file && (prot & PROT_EXEC) &&
vma->vm_start <= vma->vm_mm->start_stack &&
vma->vm_end >= vma->vm_mm->start_stack) {
/* Attempt to make the process stack executable.
* This has an additional execstack check.
*/
rc = task_has_perm(current, current, PROCESS__EXECSTACK);
if (rc) if (rc)
return rc; return rc;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment