diff options
author | Lorenzo Hernández García-Hierro <lorenzo@gnu.org> | 2005-06-25 14:54:35 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-06-25 16:24:26 -0700 |
commit | 09ffd94fb15d85fbf9eebb8180f50264b264d6fe (patch) | |
tree | 688a5b60f9718a56a5d4386ef10596e77fb65b7b /security/selinux/hooks.c | |
parent | 6b9921976f0861e04828b3aff66696c1f3fd900d (diff) | |
download | kernel_goldelico_gta04-09ffd94fb15d85fbf9eebb8180f50264b264d6fe.zip kernel_goldelico_gta04-09ffd94fb15d85fbf9eebb8180f50264b264d6fe.tar.gz kernel_goldelico_gta04-09ffd94fb15d85fbf9eebb8180f50264b264d6fe.tar.bz2 |
[PATCH] selinux: add executable heap check
This patch,based on sample code by Roland McGrath, adds an execheap
permission check that controls the ability to make the heap executable so
that this can be prevented in almost all cases (the X server is presently
an exception, but this will hopefully be resolved in the future) so that
even programs with execmem permission will need to have the anonymous
memory mapped in order to make it executable.
The only reason that we use a permission check for such restriction (vs.
making it unconditional) is that the X module loader presently needs it; it
could possibly be made unconditional in the future when X is changed.
The policy patch for the execheap permission is available at:
http://pearls.tuxedo-es.org/patches/selinux/policy-execheap.patch
Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>
Acked-by: James Morris <jmorris@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r-- | security/selinux/hooks.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index ad72521..932eef1 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2477,6 +2477,17 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, prot = reqprot; #ifndef CONFIG_PPC32 + if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXECUTABLE) && + (vma->vm_start >= vma->vm_mm->start_brk && + vma->vm_end <= vma->vm_mm->brk)) { + /* + * We are making an executable mapping in the brk region. + * This has an additional execheap check. + */ + rc = task_has_perm(current, current, PROCESS__EXECHEAP); + if (rc) + return rc; + } if (vma->vm_file != NULL && vma->anon_vma != NULL && (prot & PROT_EXEC)) { /* * We are making executable a file mapping that has |