Index: linux-2.6/security/selinux/avc.c =================================================================== RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/avc.c,v retrieving revision 1.47 diff -u -p -r1.47 avc.c --- linux-2.6/security/selinux/avc.c 27 Oct 2004 20:09:53 -0000 1.47 +++ linux-2.6/security/selinux/avc.c 8 Nov 2004 21:20:29 -0000 @@ -576,6 +576,8 @@ void avc_audit(u32 ssid, u32 tsid, vma = vma->vm_next; } up_read(&mm->mmap_sem); + } else { + audit_log_format(ab, " comm=%s", tsk->comm); } if (tsk != current) mmput(mm); Index: linux-2.6/security/selinux/hooks.c =================================================================== RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/hooks.c,v retrieving revision 1.132 diff -u -p -r1.132 hooks.c --- linux-2.6/security/selinux/hooks.c 25 Oct 2004 12:51:44 -0000 1.132 +++ linux-2.6/security/selinux/hooks.c 8 Nov 2004 20:22:41 -0000 @@ -2441,6 +2441,8 @@ static int selinux_file_ioctl(struct fil static int file_map_prot_check(struct file *file, unsigned long prot, int shared) { + int rc; + if (file) { /* read access is always possible with a mapping */ u32 av = FILE__READ; @@ -2448,12 +2450,29 @@ static int file_map_prot_check(struct fi /* write access only matters if the mapping is shared */ if (shared && (prot & PROT_WRITE)) av |= FILE__WRITE; - - if (prot & PROT_EXEC) + + if (prot & PROT_EXEC) { av |= FILE__EXECUTE; + /* + * Check ability to have a writable executable + * mapping. In the shared mapping case, this + * is covered by the file-based checks. + */ + if (!shared && (prot & PROT_WRITE)) { + rc = task_has_perm(current, current, PROCESS__WXPAGE); + if (rc) + return rc; + /* fall through to file-based checks */ + } + } return file_has_perm(current, file, av); + } else { + /* Check ability to have a writable executable mapping. */ + if ((prot & PROT_EXEC) && (prot & PROT_WRITE)) + return task_has_perm(current, current, PROCESS__WXPAGE); } + return 0; } Index: linux-2.6/security/selinux/include/av_perm_to_string.h =================================================================== RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/include/av_perm_to_string.h,v retrieving revision 1.15 diff -u -p -r1.15 av_perm_to_string.h --- linux-2.6/security/selinux/include/av_perm_to_string.h 5 Oct 2004 17:35:29 -0000 1.15 +++ linux-2.6/security/selinux/include/av_perm_to_string.h 8 Nov 2004 20:22:41 -0000 @@ -62,6 +62,7 @@ S_(SECCLASS_PROCESS, PROCESS__SIGINH, "siginh") S_(SECCLASS_PROCESS, PROCESS__SETRLIMIT, "setrlimit") S_(SECCLASS_PROCESS, PROCESS__RLIMITINH, "rlimitinh") + S_(SECCLASS_PROCESS, PROCESS__WXPAGE, "wxpage") S_(SECCLASS_MSGQ, MSGQ__ENQUEUE, "enqueue") S_(SECCLASS_MSG, MSG__SEND, "send") S_(SECCLASS_MSG, MSG__RECEIVE, "receive") Index: linux-2.6/security/selinux/include/av_permissions.h =================================================================== RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/include/av_permissions.h,v retrieving revision 1.14 diff -u -p -r1.14 av_permissions.h --- linux-2.6/security/selinux/include/av_permissions.h 5 Oct 2004 17:35:29 -0000 1.14 +++ linux-2.6/security/selinux/include/av_permissions.h 8 Nov 2004 20:22:41 -0000 @@ -456,6 +456,7 @@ #define PROCESS__SIGINH 0x00100000UL #define PROCESS__SETRLIMIT 0x00200000UL #define PROCESS__RLIMITINH 0x00400000UL +#define PROCESS__WXPAGE 0x00800000UL #define IPC__CREATE 0x00000001UL #define IPC__DESTROY 0x00000002UL