* [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code
@ 2005-06-22 22:15 lorenzo
2005-06-23 1:55 ` James Morris
0 siblings, 1 reply; 6+ messages in thread
From: lorenzo @ 2005-06-22 22:15 UTC (permalink / raw)
To: akpm; +Cc: linux-kernel, sds, jmorris, lorenzo
Minor cleanup of the SELinux hooks code (hooks.c) around
some definitions of return values.
Signed-off-by: Lorenzo Hernandez Garcia-Hierro <lorenzo@gnu.org>
---
security/selinux/hooks.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff -puN security/selinux/hooks.c~selinux-kernel-cleanup-1 security/selinux/hooks.c
--- linux-2.6.11/security/selinux/hooks.c~selinux-kernel-cleanup-1 2005-06-21 13:26:23.000000000 +0200
+++ linux-2.6.11-lorenzo/security/selinux/hooks.c 2005-06-23 00:11:23.129839992 +0200
@@ -2419,6 +2419,8 @@ static int selinux_file_ioctl(struct fil
static int file_map_prot_check(struct file *file, unsigned long prot, int shared)
{
+ int rc;
+
#ifndef CONFIG_PPC32
if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
/*
@@ -2426,7 +2428,7 @@ static int file_map_prot_check(struct fi
* private file mapping that will also be writable.
* This has an additional check.
*/
- int rc = task_has_perm(current, current, PROCESS__EXECMEM);
+ rc = task_has_perm(current, current, PROCESS__EXECMEM);
if (rc)
return rc;
}
@@ -2485,7 +2487,7 @@ static int selinux_file_mprotect(struct
* check ability to execute the possibly modified content.
* This typically should only occur for text relocations.
*/
- int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
+ rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
if (rc)
return rc;
}
_
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code
2005-06-22 22:15 [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code lorenzo
@ 2005-06-23 1:55 ` James Morris
2005-06-23 2:03 ` James Morris
2005-06-23 2:04 ` Lorenzo Hernández García-Hierro
0 siblings, 2 replies; 6+ messages in thread
From: James Morris @ 2005-06-23 1:55 UTC (permalink / raw)
To: lorenzo; +Cc: akpm, linux-kernel, sds
On Thu, 23 Jun 2005 lorenzo@gnu.org wrote:
> Minor cleanup of the SELinux hooks code (hooks.c) around
> some definitions of return values.
> static int file_map_prot_check(struct file *file, unsigned long prot, int shared)
> {
> + int rc;
> +
> #ifndef CONFIG_PPC32
> if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
> /*
> @@ -2426,7 +2428,7 @@ static int file_map_prot_check(struct fi
> * private file mapping that will also be writable.
> * This has an additional check.
> */
> - int rc = task_has_perm(current, current, PROCESS__EXECMEM);
> + rc = task_has_perm(current, current, PROCESS__EXECMEM);
> if (rc)
> return rc;
> }
What is the point of this? You're needlessly increasing the scope of rc
and you'll also get a compiler warning on ppc32.
> @@ -2485,7 +2487,7 @@ static int selinux_file_mprotect(struct
> * check ability to execute the possibly modified content.
> * This typically should only occur for text relocations.
> */
> - int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
> + rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
> if (rc)
> return rc;
> }
> _
No, causes ppc32 warning.
Please send SELinux kernel patches via the maintainers.
- James
--
James Morris
<jmorris@redhat.com>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code
2005-06-23 1:55 ` James Morris
@ 2005-06-23 2:03 ` James Morris
2005-06-23 2:48 ` Lorenzo Hernández García-Hierro
2005-06-23 2:04 ` Lorenzo Hernández García-Hierro
1 sibling, 1 reply; 6+ messages in thread
From: James Morris @ 2005-06-23 2:03 UTC (permalink / raw)
To: lorenzo; +Cc: akpm, linux-kernel, sds
On Wed, 22 Jun 2005, James Morris wrote:
> > @@ -2485,7 +2487,7 @@ static int selinux_file_mprotect(struct
> > * check ability to execute the possibly modified content.
> > * This typically should only occur for text relocations.
> > */
> > - int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
> > + rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
> > if (rc)
> > return rc;
> > }
> > _
>
> No, causes ppc32 warning.
Actually, this one's ok.
- James
--
James Morris
<jmorris@redhat.com>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code
2005-06-23 1:55 ` James Morris
2005-06-23 2:03 ` James Morris
@ 2005-06-23 2:04 ` Lorenzo Hernández García-Hierro
2005-06-23 12:31 ` Stephen Smalley
1 sibling, 1 reply; 6+ messages in thread
From: Lorenzo Hernández García-Hierro @ 2005-06-23 2:04 UTC (permalink / raw)
To: James Morris; +Cc: akpm, linux-kernel, sds
[-- Attachment #1: Type: text/plain, Size: 434 bytes --]
El mié, 22-06-2005 a las 21:55 -0400, James Morris escribió:
> Please send SELinux kernel patches via the maintainers.
It was sent to Stephen during the development of the execstack and
execheap permission checks patches, but it's up to him to decide about
it right now.
Stephen, is it OK for you?
Cheers,
--
Lorenzo Hernández García-Hierro <lorenzo@gnu.org>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code
2005-06-23 2:03 ` James Morris
@ 2005-06-23 2:48 ` Lorenzo Hernández García-Hierro
0 siblings, 0 replies; 6+ messages in thread
From: Lorenzo Hernández García-Hierro @ 2005-06-23 2:48 UTC (permalink / raw)
To: James Morris; +Cc: akpm, linux-kernel, sds
[-- Attachment #1: Type: text/plain, Size: 770 bytes --]
El mié, 22-06-2005 a las 22:03 -0400, James Morris escribió:
> On Wed, 22 Jun 2005, James Morris wrote:
>
> > > @@ -2485,7 +2487,7 @@ static int selinux_file_mprotect(struct
> > > * check ability to execute the possibly modified content.
> > > * This typically should only occur for text relocations.
> > > */
> > > - int rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
> > > + rc = file_has_perm(current, vma->vm_file, FILE__EXECMOD);
> > > if (rc)
> > > return rc;
> > > }
> > > _
> >
> Actually, this one's ok.
OK, thanks. I'll wait for Stephen to review it and then decide what to
do.
Cheers,
--
Lorenzo Hernández García-Hierro <lorenzo@gnu.org>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code
2005-06-23 2:04 ` Lorenzo Hernández García-Hierro
@ 2005-06-23 12:31 ` Stephen Smalley
0 siblings, 0 replies; 6+ messages in thread
From: Stephen Smalley @ 2005-06-23 12:31 UTC (permalink / raw)
To: Lorenzo Hernández García-Hierro
Cc: James Morris, akpm, linux-kernel
On Thu, 2005-06-23 at 04:04 +0200, Lorenzo Hernández García-Hierro
wrote:
> El mié, 22-06-2005 a las 21:55 -0400, James Morris escribió:
> > Please send SELinux kernel patches via the maintainers.
>
> It was sent to Stephen during the development of the execstack and
> execheap permission checks patches, but it's up to him to decide about
> it right now.
>
> Stephen, is it OK for you?
James is correct that the first diff isn't useful (and will lead to
warnings on ppc32), whereas the latter diff is a legitimate cleanup. So
I'd suggest resubmitting with just the latter diff. Thanks. Sorry for
any confusion.
--
Stephen Smalley
National Security Agency
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2005-06-23 12:33 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-06-22 22:15 [patch 1/1] selinux: minor cleanup in the hooks.c:file_map_prot_check() code lorenzo
2005-06-23 1:55 ` James Morris
2005-06-23 2:03 ` James Morris
2005-06-23 2:48 ` Lorenzo Hernández García-Hierro
2005-06-23 2:04 ` Lorenzo Hernández García-Hierro
2005-06-23 12:31 ` Stephen Smalley
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.