diff options
| author | Al Viro <viro@zeniv.linux.org.uk> | 2012-05-30 17:11:23 -0400 |
|---|---|---|
| committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-06-01 10:37:01 -0400 |
| commit | 8b3ec6814c83d76b85bd13badc48552836c24839 (patch) | |
| tree | 2430a4511c7ea41f67b0d841f4c42eac43828db3 /mm | |
| parent | e5467859f7f79b69fc49004403009dfdba3bec53 (diff) | |
take security_mmap_file() outside of ->mmap_sem
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/mmap.c | 23 | ||||
| -rw-r--r-- | mm/nommu.c | 22 |
2 files changed, 24 insertions, 21 deletions
| @@ -979,7 +979,6 @@ static unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, | |||
| 979 | struct inode *inode; | 979 | struct inode *inode; |
| 980 | vm_flags_t vm_flags; | 980 | vm_flags_t vm_flags; |
| 981 | int error; | 981 | int error; |
| 982 | unsigned long reqprot = prot; | ||
| 983 | 982 | ||
| 984 | /* | 983 | /* |
| 985 | * Does the application expect PROT_READ to imply PROT_EXEC? | 984 | * Does the application expect PROT_READ to imply PROT_EXEC? |
| @@ -1105,10 +1104,6 @@ static unsigned long do_mmap_pgoff(struct file *file, unsigned long addr, | |||
| 1105 | if (error) | 1104 | if (error) |
| 1106 | return error; | 1105 | return error; |
| 1107 | 1106 | ||
| 1108 | error = security_mmap_file(file, reqprot, prot, flags); | ||
| 1109 | if (error) | ||
| 1110 | return error; | ||
| 1111 | |||
| 1112 | return mmap_region(file, addr, len, flags, vm_flags, pgoff); | 1107 | return mmap_region(file, addr, len, flags, vm_flags, pgoff); |
| 1113 | } | 1108 | } |
| 1114 | 1109 | ||
| @@ -1130,9 +1125,12 @@ unsigned long vm_mmap(struct file *file, unsigned long addr, | |||
| 1130 | unsigned long ret; | 1125 | unsigned long ret; |
| 1131 | struct mm_struct *mm = current->mm; | 1126 | struct mm_struct *mm = current->mm; |
| 1132 | 1127 | ||
| 1133 | down_write(&mm->mmap_sem); | 1128 | ret = security_mmap_file(file, prot, flag); |
| 1134 | ret = do_mmap(file, addr, len, prot, flag, offset); | 1129 | if (!ret) { |
| 1135 | up_write(&mm->mmap_sem); | 1130 | down_write(&mm->mmap_sem); |
| 1131 | ret = do_mmap(file, addr, len, prot, flag, offset); | ||
| 1132 | up_write(&mm->mmap_sem); | ||
| 1133 | } | ||
| 1136 | return ret; | 1134 | return ret; |
| 1137 | } | 1135 | } |
| 1138 | EXPORT_SYMBOL(vm_mmap); | 1136 | EXPORT_SYMBOL(vm_mmap); |
| @@ -1168,9 +1166,12 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned long, addr, unsigned long, len, | |||
| 1168 | 1166 | ||
| 1169 | flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE); | 1167 | flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE); |
| 1170 | 1168 | ||
| 1171 | down_write(¤t->mm->mmap_sem); | 1169 | retval = security_mmap_file(file, prot, flags); |
| 1172 | retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff); | 1170 | if (!retval) { |
| 1173 | up_write(¤t->mm->mmap_sem); | 1171 | down_write(¤t->mm->mmap_sem); |
| 1172 | retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff); | ||
| 1173 | up_write(¤t->mm->mmap_sem); | ||
| 1174 | } | ||
| 1174 | 1175 | ||
| 1175 | if (file) | 1176 | if (file) |
| 1176 | fput(file); | 1177 | fput(file); |
diff --git a/mm/nommu.c b/mm/nommu.c index acfe419785db..8cbfd623b04a 100644 --- a/mm/nommu.c +++ b/mm/nommu.c | |||
| @@ -889,7 +889,6 @@ static int validate_mmap_request(struct file *file, | |||
| 889 | unsigned long *_capabilities) | 889 | unsigned long *_capabilities) |
| 890 | { | 890 | { |
| 891 | unsigned long capabilities, rlen; | 891 | unsigned long capabilities, rlen; |
| 892 | unsigned long reqprot = prot; | ||
| 893 | int ret; | 892 | int ret; |
| 894 | 893 | ||
| 895 | /* do the simple checks first */ | 894 | /* do the simple checks first */ |
| @@ -1050,9 +1049,6 @@ static int validate_mmap_request(struct file *file, | |||
| 1050 | ret = security_mmap_addr(addr); | 1049 | ret = security_mmap_addr(addr); |
| 1051 | if (ret < 0) | 1050 | if (ret < 0) |
| 1052 | return ret; | 1051 | return ret; |
| 1053 | ret = security_mmap_file(file, reqprot, prot, flags); | ||
| 1054 | if (ret < 0) | ||
| 1055 | return ret; | ||
| 1056 | 1052 | ||
| 1057 | /* looks okay */ | 1053 | /* looks okay */ |
| 1058 | *_capabilities = capabilities; | 1054 | *_capabilities = capabilities; |
| @@ -1492,9 +1488,12 @@ unsigned long vm_mmap(struct file *file, unsigned long addr, | |||
| 1492 | unsigned long ret; | 1488 | unsigned long ret; |
| 1493 | struct mm_struct *mm = current->mm; | 1489 | struct mm_struct *mm = current->mm; |
| 1494 | 1490 | ||
| 1495 | down_write(&mm->mmap_sem); | 1491 | ret = security_mmap_file(file, prot, flag); |
| 1496 | ret = do_mmap(file, addr, len, prot, flag, offset); | 1492 | if (!ret) { |
| 1497 | up_write(&mm->mmap_sem); | 1493 | down_write(&mm->mmap_sem); |
| 1494 | ret = do_mmap(file, addr, len, prot, flag, offset); | ||
| 1495 | up_write(&mm->mmap_sem); | ||
| 1496 | } | ||
| 1498 | return ret; | 1497 | return ret; |
| 1499 | } | 1498 | } |
| 1500 | EXPORT_SYMBOL(vm_mmap); | 1499 | EXPORT_SYMBOL(vm_mmap); |
| @@ -1515,9 +1514,12 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned long, addr, unsigned long, len, | |||
| 1515 | 1514 | ||
| 1516 | flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE); | 1515 | flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE); |
| 1517 | 1516 | ||
| 1518 | down_write(¤t->mm->mmap_sem); | 1517 | ret = security_mmap_file(file, prot, flags); |
| 1519 | retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff); | 1518 | if (!ret) { |
| 1520 | up_write(¤t->mm->mmap_sem); | 1519 | down_write(¤t->mm->mmap_sem); |
| 1520 | retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff); | ||
| 1521 | up_write(¤t->mm->mmap_sem); | ||
| 1522 | } | ||
| 1521 | 1523 | ||
| 1522 | if (file) | 1524 | if (file) |
| 1523 | fput(file); | 1525 | fput(file); |