]> bbs.cooldavid.org Git - net-next-2.6.git/commitdiff
git://bbs.cooldavid.org / net-next-2.6.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cee74f4)
selinux: implement mmap on /selinux/policy
authorEric Paris <eparis@redhat.com>
Wed, 13 Oct 2010 21:50:31 +0000 (17:50 -0400)
committerJames Morris <jmorris@namei.org>
Wed, 20 Oct 2010 23:12:59 +0000 (10:12 +1100)
/selinux/policy allows a user to copy the policy back out of the kernel.
This patch allows userspace to actually mmap that file and use it directly.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
security/selinux/selinuxfs.c patch | blob | blame | history
security/selinux/ss/services.c patch | blob | blame | history

diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 8eb102c7260672c1e629bcc24e59c22579bdef7f..87e0556bae70ff977ea290b3cdfcc2c308d8edf5 100644 (file)
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -439,9 +439,53 @@ out:
        return ret;
 }
 
+static int sel_mmap_policy_fault(struct vm_area_struct *vma,
+                                struct vm_fault *vmf)
+{
+       struct policy_load_memory *plm = vma->vm_file->private_data;
+       unsigned long offset;
+       struct page *page;
+
+       if (vmf->flags & (FAULT_FLAG_MKWRITE | FAULT_FLAG_WRITE))
+               return VM_FAULT_SIGBUS;
+
+       offset = vmf->pgoff << PAGE_SHIFT;
+       if (offset >= roundup(plm->len, PAGE_SIZE))
+               return VM_FAULT_SIGBUS;
+
+       page = vmalloc_to_page(plm->data + offset);
+       get_page(page);
+
+       vmf->page = page;
+
+       return 0;
+}
+
+static struct vm_operations_struct sel_mmap_policy_ops = {
+       .fault = sel_mmap_policy_fault,
+       .page_mkwrite = sel_mmap_policy_fault,
+};
+
+int sel_mmap_policy(struct file *filp, struct vm_area_struct *vma)
+{
+       if (vma->vm_flags & VM_SHARED) {
+               /* do not allow mprotect to make mapping writable */
+               vma->vm_flags &= ~VM_MAYWRITE;
+
+               if (vma->vm_flags & VM_WRITE)
+                       return -EACCES;
+       }
+
+       vma->vm_flags |= VM_RESERVED;
+       vma->vm_ops = &sel_mmap_policy_ops;
+
+       return 0;
+}
+
 static const struct file_operations sel_policy_ops = {
        .open           = sel_open_policy,
        .read           = sel_read_policy,
+       .mmap           = sel_mmap_policy,
        .release        = sel_release_policy,
 };
 
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 7565d16aac316c045afa4d8576e0fb221e56a49c..3a1739b33b787c0bd93f6b3b88de58d62648e839 100644 (file)
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -3169,7 +3169,7 @@ int security_read_policy(void **data, ssize_t *len)
 
        *len = security_policydb_len();
 
-       *data = vmalloc(*len);
+       *data = vmalloc_user(*len);
        if (!*data)
                return -ENOMEM;
 
Clone of davem's net-next-2.6 tree