Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
8b3ec681
Commit
8b3ec681
authored
May 30, 2012
by
Al Viro
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
take security_mmap_file() outside of ->mmap_sem
Signed-off-by:
Al Viro
<
viro@zeniv.linux.org.uk
>
parent
e5467859
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
62 additions
and
28 deletions
+62
-28
include/linux/security.h
include/linux/security.h
+3
-4
ipc/shm.c
ipc/shm.c
+5
-0
mm/mmap.c
mm/mmap.c
+12
-11
mm/nommu.c
mm/nommu.c
+12
-10
security/security.c
security/security.c
+30
-3
No files found.
include/linux/security.h
View file @
8b3ec681
...
...
@@ -1745,8 +1745,8 @@ int security_file_permission(struct file *file, int mask);
int
security_file_alloc
(
struct
file
*
file
);
void
security_file_free
(
struct
file
*
file
);
int
security_file_ioctl
(
struct
file
*
file
,
unsigned
int
cmd
,
unsigned
long
arg
);
int
security_mmap_file
(
struct
file
*
file
,
unsigned
long
req
prot
,
unsigned
long
prot
,
unsigned
long
flags
);
int
security_mmap_file
(
struct
file
*
file
,
unsigned
long
prot
,
unsigned
long
flags
);
int
security_mmap_addr
(
unsigned
long
addr
);
int
security_file_mprotect
(
struct
vm_area_struct
*
vma
,
unsigned
long
reqprot
,
unsigned
long
prot
);
...
...
@@ -2183,8 +2183,7 @@ static inline int security_file_ioctl(struct file *file, unsigned int cmd,
return
0
;
}
static
inline
int
security_mmap_file
(
struct
file
*
file
,
unsigned
long
reqprot
,
unsigned
long
prot
,
static
inline
int
security_mmap_file
(
struct
file
*
file
,
unsigned
long
prot
,
unsigned
long
flags
)
{
return
0
;
...
...
ipc/shm.c
View file @
8b3ec681
...
...
@@ -1036,6 +1036,10 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr)
sfd
->
file
=
shp
->
shm_file
;
sfd
->
vm_ops
=
NULL
;
err
=
security_mmap_file
(
file
,
prot
,
flags
);
if
(
err
)
goto
out_fput
;
down_write
(
&
current
->
mm
->
mmap_sem
);
if
(
addr
&&
!
(
shmflg
&
SHM_REMAP
))
{
err
=
-
EINVAL
;
...
...
@@ -1058,6 +1062,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr)
invalid:
up_write
(
&
current
->
mm
->
mmap_sem
);
out_fput:
fput
(
file
);
out_nattch:
...
...
mm/mmap.c
View file @
8b3ec681
...
...
@@ -979,7 +979,6 @@ static unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
struct
inode
*
inode
;
vm_flags_t
vm_flags
;
int
error
;
unsigned
long
reqprot
=
prot
;
/*
* Does the application expect PROT_READ to imply PROT_EXEC?
...
...
@@ -1105,10 +1104,6 @@ static unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
if
(
error
)
return
error
;
error
=
security_mmap_file
(
file
,
reqprot
,
prot
,
flags
);
if
(
error
)
return
error
;
return
mmap_region
(
file
,
addr
,
len
,
flags
,
vm_flags
,
pgoff
);
}
...
...
@@ -1130,9 +1125,12 @@ unsigned long vm_mmap(struct file *file, unsigned long addr,
unsigned
long
ret
;
struct
mm_struct
*
mm
=
current
->
mm
;
ret
=
security_mmap_file
(
file
,
prot
,
flag
);
if
(
!
ret
)
{
down_write
(
&
mm
->
mmap_sem
);
ret
=
do_mmap
(
file
,
addr
,
len
,
prot
,
flag
,
offset
);
up_write
(
&
mm
->
mmap_sem
);
}
return
ret
;
}
EXPORT_SYMBOL
(
vm_mmap
);
...
...
@@ -1168,9 +1166,12 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned long, addr, unsigned long, len,
flags
&=
~
(
MAP_EXECUTABLE
|
MAP_DENYWRITE
);
retval
=
security_mmap_file
(
file
,
prot
,
flags
);
if
(
!
retval
)
{
down_write
(
&
current
->
mm
->
mmap_sem
);
retval
=
do_mmap_pgoff
(
file
,
addr
,
len
,
prot
,
flags
,
pgoff
);
up_write
(
&
current
->
mm
->
mmap_sem
);
}
if
(
file
)
fput
(
file
);
...
...
mm/nommu.c
View file @
8b3ec681
...
...
@@ -889,7 +889,6 @@ static int validate_mmap_request(struct file *file,
unsigned
long
*
_capabilities
)
{
unsigned
long
capabilities
,
rlen
;
unsigned
long
reqprot
=
prot
;
int
ret
;
/* do the simple checks first */
...
...
@@ -1048,9 +1047,6 @@ static int validate_mmap_request(struct file *file,
/* allow the security API to have its say */
ret
=
security_mmap_addr
(
addr
);
if
(
ret
<
0
)
return
ret
;
ret
=
security_mmap_file
(
file
,
reqprot
,
prot
,
flags
);
if
(
ret
<
0
)
return
ret
;
...
...
@@ -1492,9 +1488,12 @@ unsigned long vm_mmap(struct file *file, unsigned long addr,
unsigned
long
ret
;
struct
mm_struct
*
mm
=
current
->
mm
;
ret
=
security_mmap_file
(
file
,
prot
,
flag
);
if
(
!
ret
)
{
down_write
(
&
mm
->
mmap_sem
);
ret
=
do_mmap
(
file
,
addr
,
len
,
prot
,
flag
,
offset
);
up_write
(
&
mm
->
mmap_sem
);
}
return
ret
;
}
EXPORT_SYMBOL
(
vm_mmap
);
...
...
@@ -1515,9 +1514,12 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned long, addr, unsigned long, len,
flags
&=
~
(
MAP_EXECUTABLE
|
MAP_DENYWRITE
);
ret
=
security_mmap_file
(
file
,
prot
,
flags
);
if
(
!
ret
)
{
down_write
(
&
current
->
mm
->
mmap_sem
);
retval
=
do_mmap_pgoff
(
file
,
addr
,
len
,
prot
,
flags
,
pgoff
);
up_write
(
&
current
->
mm
->
mmap_sem
);
}
if
(
file
)
fput
(
file
);
...
...
security/security.c
View file @
8b3ec681
...
...
@@ -20,6 +20,9 @@
#include <linux/ima.h>
#include <linux/evm.h>
#include <linux/fsnotify.h>
#include <linux/mman.h>
#include <linux/mount.h>
#include <linux/personality.h>
#include <net/flow.h>
#define MAX_LSM_EVM_XATTR 2
...
...
@@ -657,11 +660,35 @@ int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
return
security_ops
->
file_ioctl
(
file
,
cmd
,
arg
);
}
int
security_mmap_file
(
struct
file
*
file
,
unsigned
long
req
prot
,
unsigned
long
prot
,
unsigned
long
flags
)
int
security_mmap_file
(
struct
file
*
file
,
unsigned
long
prot
,
unsigned
long
flags
)
{
unsigned
long
reqprot
=
prot
;
int
ret
;
/*
* Does the application expect PROT_READ to imply PROT_EXEC?
*
* (the exception is when the underlying filesystem is noexec
* mounted, in which case we dont add PROT_EXEC.)
*/
if
(
!
(
reqprot
&
PROT_READ
))
goto
out
;
if
(
!
(
current
->
personality
&
READ_IMPLIES_EXEC
))
goto
out
;
if
(
!
file
)
{
prot
|=
PROT_EXEC
;
}
else
if
(
!
(
file
->
f_path
.
mnt
->
mnt_flags
&
MNT_NOEXEC
))
{
#ifndef CONFIG_MMU
unsigned
long
caps
=
0
;
struct
address_space
*
mapping
=
file
->
f_mapping
;
if
(
mapping
&&
mapping
->
backing_dev_info
)
caps
=
mapping
->
backing_dev_info
->
capabilities
;
if
(
!
(
caps
&
BDI_CAP_EXEC_MAP
))
goto
out
;
#endif
prot
|=
PROT_EXEC
;
}
out:
ret
=
security_ops
->
mmap_file
(
file
,
reqprot
,
prot
,
flags
);
if
(
ret
)
return
ret
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment