Commit db4c9641 authored by Stephen Smalley's avatar Stephen Smalley Committed by Linus Torvalds
Browse files

[PATCH] selinux: fix and cleanup mprotect checks 



Fix the SELinux mprotect checks on executable mappings so that they are not
re-applied when the mapping is already executable as well as cleaning up
the code.  This avoids a situation where e.g.  an application is prevented
from removing PROT_WRITE on an already executable mapping previously
authorized via execmem permission due to an execmod denial.

Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Acked-by: default avatarJames Morris <jmorris@namei.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent ee13d785

security/selinux/hooks.c

+21 −29
Original line number Diff line number Diff line
@@ -2454,35 +2454,27 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, 
		prot = reqprot;



#ifndef CONFIG_PPC32

	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXECUTABLE) &&

	   (vma->vm_start >= vma->vm_mm->start_brk &&

	    vma->vm_end <= vma->vm_mm->brk)) {

	    	/*

		 * We are making an executable mapping in the brk region.

		 * This has an additional execheap check.

		 */

		rc = task_has_perm(current, current, PROCESS__EXECHEAP);

		if (rc)

			return rc;

	}

	if (vma->vm_file != NULL && vma->anon_vma != NULL && (prot & PROT_EXEC)) {

	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {

		rc = 0;

		if (vma->vm_start >= vma->vm_mm->start_brk &&

		    vma->vm_end <= vma->vm_mm->brk) {

			rc = task_has_perm(current, current,

					   PROCESS__EXECHEAP);

		} else if (!vma->vm_file &&

			   vma->vm_start <= vma->vm_mm->start_stack &&

			   vma->vm_end >= vma->vm_mm->start_stack) {

			rc = task_has_perm(current, current, PROCESS__EXECSTACK);

		} else if (vma->vm_file && vma->anon_vma) {

			/*

			 * We are making executable a file mapping that has

		 * had some COW done. Since pages might have been written,

		 * check ability to execute the possibly modified content.

		 * This typically should only occur for text relocations.

			 * had some COW done. Since pages might have been

			 * written, check ability to execute the possibly

			 * modified content.  This typically should only

			 * occur for text relocations.

			 */

		int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);

		if (rc)

			return rc;

			rc = file_has_perm(current, vma->vm_file,

					   FILE__EXECMOD);

		}

	if (!vma->vm_file && (prot & PROT_EXEC) &&

		vma->vm_start <= vma->vm_mm->start_stack &&

		vma->vm_end >= vma->vm_mm->start_stack) {

		/* Attempt to make the process stack executable.

		 * This has an additional execstack check.

		 */

		rc = task_has_perm(current, current, PROCESS__EXECSTACK);

		if (rc)

			return rc;

	}