diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2009-03-26 14:03:39 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2009-03-26 14:03:39 -0400 |
| commit | 8d80ce80e1d58ba9cd3e3972b112cccd6b4008f4 (patch) | |
| tree | 16d3cca8d260c731d02a4e5e1ea5b9817c9c3626 /mm | |
| parent | 1646df40bb111715a90ce0b86448dabbcc5b3f3d (diff) | |
| parent | 703a3cd72817e99201cef84a8a7aecc60b2b3581 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (71 commits)
SELinux: inode_doinit_with_dentry drop no dentry printk
SELinux: new permission between tty audit and audit socket
SELinux: open perm for sock files
smack: fixes for unlabeled host support
keys: make procfiles per-user-namespace
keys: skip keys from another user namespace
keys: consider user namespace in key_permission
keys: distinguish per-uid keys in different namespaces
integrity: ima iint radix_tree_lookup locking fix
TOMOYO: Do not call tomoyo_realpath_init unless registered.
integrity: ima scatterlist bug fix
smack: fix lots of kernel-doc notation
TOMOYO: Don't create securityfs entries unless registered.
TOMOYO: Fix exception policy read failure.
SELinux: convert the avc cache hash list to an hlist
SELinux: code readability with avc_cache
SELinux: remove unused av.decided field
SELinux: more careful use of avd in avc_has_perm_noaudit
SELinux: remove the unused ae.used
SELinux: check seqno when updating an avc_node
...
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/mmap.c | 4 | ||||
| -rw-r--r-- | mm/shmem.c | 2 |
2 files changed, 6 insertions, 0 deletions
| @@ -20,6 +20,7 @@ | |||
| 20 | #include <linux/fs.h> | 20 | #include <linux/fs.h> |
| 21 | #include <linux/personality.h> | 21 | #include <linux/personality.h> |
| 22 | #include <linux/security.h> | 22 | #include <linux/security.h> |
| 23 | #include <linux/ima.h> | ||
| 23 | #include <linux/hugetlb.h> | 24 | #include <linux/hugetlb.h> |
| 24 | #include <linux/profile.h> | 25 | #include <linux/profile.h> |
| 25 | #include <linux/module.h> | 26 | #include <linux/module.h> |
| @@ -1049,6 +1050,9 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, | |||
| 1049 | error = security_file_mmap(file, reqprot, prot, flags, addr, 0); | 1050 | error = security_file_mmap(file, reqprot, prot, flags, addr, 0); |
| 1050 | if (error) | 1051 | if (error) |
| 1051 | return error; | 1052 | return error; |
| 1053 | error = ima_file_mmap(file, prot); | ||
| 1054 | if (error) | ||
| 1055 | return error; | ||
| 1052 | 1056 | ||
| 1053 | return mmap_region(file, addr, len, flags, vm_flags, pgoff); | 1057 | return mmap_region(file, addr, len, flags, vm_flags, pgoff); |
| 1054 | } | 1058 | } |
diff --git a/mm/shmem.c b/mm/shmem.c index 4103a239ce84..7ec78e24a30d 100644 --- a/mm/shmem.c +++ b/mm/shmem.c | |||
| @@ -28,6 +28,7 @@ | |||
| 28 | #include <linux/mm.h> | 28 | #include <linux/mm.h> |
| 29 | #include <linux/module.h> | 29 | #include <linux/module.h> |
| 30 | #include <linux/swap.h> | 30 | #include <linux/swap.h> |
| 31 | #include <linux/ima.h> | ||
| 31 | 32 | ||
| 32 | static struct vfsmount *shm_mnt; | 33 | static struct vfsmount *shm_mnt; |
| 33 | 34 | ||
| @@ -2665,6 +2666,7 @@ int shmem_zero_setup(struct vm_area_struct *vma) | |||
| 2665 | if (IS_ERR(file)) | 2666 | if (IS_ERR(file)) |
| 2666 | return PTR_ERR(file); | 2667 | return PTR_ERR(file); |
| 2667 | 2668 | ||
| 2669 | ima_shm_check(file); | ||
| 2668 | if (vma->vm_file) | 2670 | if (vma->vm_file) |
| 2669 | fput(vma->vm_file); | 2671 | fput(vma->vm_file); |
| 2670 | vma->vm_file = file; | 2672 | vma->vm_file = file; |