diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2012-05-30 13:30:51 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-05-31 13:11:54 -0400 |
| commit | e5467859f7f79b69fc49004403009dfdba3bec53 (patch) | |
| tree | 73b011daf79eeddd61bbcaf65cd197b5e5f6f149 /security/apparmor/lsm.c | |
| parent | d007794a182bc072a7b7479909dbd0d67ba341be (diff) | |
split ->file_mmap() into ->mmap_addr()/->mmap_file()
... i.e. file-dependent and address-dependent checks.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/apparmor/lsm.c')
| -rw-r--r-- | security/apparmor/lsm.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 8430d8937af..8ea39aabe94 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c | |||
| @@ -490,17 +490,9 @@ static int common_mmap(int op, struct file *file, unsigned long prot, | |||
| 490 | return common_file_perm(op, file, mask); | 490 | return common_file_perm(op, file, mask); |
| 491 | } | 491 | } |
| 492 | 492 | ||
| 493 | static int apparmor_file_mmap(struct file *file, unsigned long reqprot, | 493 | static int apparmor_mmap_file(struct file *file, unsigned long reqprot, |
| 494 | unsigned long prot, unsigned long flags, | 494 | unsigned long prot, unsigned long flags) |
| 495 | unsigned long addr, unsigned long addr_only) | ||
| 496 | { | 495 | { |
| 497 | int rc = 0; | ||
| 498 | |||
| 499 | /* do DAC check */ | ||
| 500 | rc = cap_mmap_addr(addr); | ||
| 501 | if (rc || addr_only) | ||
| 502 | return rc; | ||
| 503 | |||
| 504 | return common_mmap(OP_FMMAP, file, prot, flags); | 496 | return common_mmap(OP_FMMAP, file, prot, flags); |
| 505 | } | 497 | } |
| 506 | 498 | ||
| @@ -646,7 +638,8 @@ static struct security_operations apparmor_ops = { | |||
| 646 | .file_permission = apparmor_file_permission, | 638 | .file_permission = apparmor_file_permission, |
| 647 | .file_alloc_security = apparmor_file_alloc_security, | 639 | .file_alloc_security = apparmor_file_alloc_security, |
| 648 | .file_free_security = apparmor_file_free_security, | 640 | .file_free_security = apparmor_file_free_security, |
| 649 | .file_mmap = apparmor_file_mmap, | 641 | .mmap_file = apparmor_mmap_file, |
| 642 | .mmap_addr = cap_mmap_addr, | ||
| 650 | .file_mprotect = apparmor_file_mprotect, | 643 | .file_mprotect = apparmor_file_mprotect, |
| 651 | .file_lock = apparmor_file_lock, | 644 | .file_lock = apparmor_file_lock, |
| 652 | 645 | ||