diff options
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index b5220a266dce..5e755a3f4cae 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -68,6 +68,7 @@ | |||
| 68 | #include <linux/personality.h> | 68 | #include <linux/personality.h> |
| 69 | #include <linux/sysctl.h> | 69 | #include <linux/sysctl.h> |
| 70 | #include <linux/audit.h> | 70 | #include <linux/audit.h> |
| 71 | #include <linux/string.h> | ||
| 71 | 72 | ||
| 72 | #include "avc.h" | 73 | #include "avc.h" |
| 73 | #include "objsec.h" | 74 | #include "objsec.h" |
| @@ -1658,9 +1659,8 @@ static int selinux_bprm_secureexec (struct linux_binprm *bprm) | |||
| 1658 | 1659 | ||
| 1659 | static void selinux_bprm_free_security(struct linux_binprm *bprm) | 1660 | static void selinux_bprm_free_security(struct linux_binprm *bprm) |
| 1660 | { | 1661 | { |
| 1661 | struct bprm_security_struct *bsec = bprm->security; | 1662 | kfree(bprm->security); |
| 1662 | bprm->security = NULL; | 1663 | bprm->security = NULL; |
| 1663 | kfree(bsec); | ||
| 1664 | } | 1664 | } |
| 1665 | 1665 | ||
| 1666 | extern struct vfsmount *selinuxfs_mount; | 1666 | extern struct vfsmount *selinuxfs_mount; |
| @@ -1944,7 +1944,8 @@ static int selinux_sb_copy_data(struct file_system_type *type, void *orig, void | |||
| 1944 | } | 1944 | } |
| 1945 | } while (*in_end++); | 1945 | } while (*in_end++); |
| 1946 | 1946 | ||
| 1947 | copy_page(in_save, nosec_save); | 1947 | strcpy(in_save, nosec_save); |
| 1948 | free_page((unsigned long)nosec_save); | ||
| 1948 | out: | 1949 | out: |
| 1949 | return rc; | 1950 | return rc; |
| 1950 | } | 1951 | } |
| @@ -2476,6 +2477,17 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, | |||
| 2476 | prot = reqprot; | 2477 | prot = reqprot; |
| 2477 | 2478 | ||
| 2478 | #ifndef CONFIG_PPC32 | 2479 | #ifndef CONFIG_PPC32 |
| 2480 | if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXECUTABLE) && | ||
| 2481 | (vma->vm_start >= vma->vm_mm->start_brk && | ||
| 2482 | vma->vm_end <= vma->vm_mm->brk)) { | ||
| 2483 | /* | ||
| 2484 | * We are making an executable mapping in the brk region. | ||
| 2485 | * This has an additional execheap check. | ||
| 2486 | */ | ||
| 2487 | rc = task_has_perm(current, current, PROCESS__EXECHEAP); | ||
| 2488 | if (rc) | ||
| 2489 | return rc; | ||
| 2490 | } | ||
| 2479 | if (vma->vm_file != NULL && vma->anon_vma != NULL && (prot & PROT_EXEC)) { | 2491 | if (vma->vm_file != NULL && vma->anon_vma != NULL && (prot & PROT_EXEC)) { |
| 2480 | /* | 2492 | /* |
| 2481 | * We are making executable a file mapping that has | 2493 | * We are making executable a file mapping that has |
| @@ -2487,6 +2499,16 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, | |||
| 2487 | if (rc) | 2499 | if (rc) |
| 2488 | return rc; | 2500 | return rc; |
| 2489 | } | 2501 | } |
| 2502 | if (!vma->vm_file && (prot & PROT_EXEC) && | ||
| 2503 | vma->vm_start <= vma->vm_mm->start_stack && | ||
| 2504 | vma->vm_end >= vma->vm_mm->start_stack) { | ||
| 2505 | /* Attempt to make the process stack executable. | ||
| 2506 | * This has an additional execstack check. | ||
| 2507 | */ | ||
| 2508 | rc = task_has_perm(current, current, PROCESS__EXECSTACK); | ||
| 2509 | if (rc) | ||
| 2510 | return rc; | ||
| 2511 | } | ||
| 2490 | #endif | 2512 | #endif |
| 2491 | 2513 | ||
| 2492 | return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED); | 2514 | return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED); |