Patchwork Disable execmem for sparc

login
register
mail settings
Submitter Tom \"spot\" Callaway
Date March 24, 2010, 9:52 p.m.
Message ID <4BAA89B9.2030102@redhat.com>
Download mbox | patch
Permalink /patch/48473/
State Superseded
Delegated to: David Miller
Headers show

Comments

Tom \"spot\" Callaway - March 24, 2010, 9:52 p.m.
Attached is a patch which disables execmem for sparc. Without it,
selinux does not work at all on SPARC64.

This patch should be reasonably non-controversial, because this is
already being done for PPC32.

Tested-by: Tom "spot" Callaway <tcallawa@redhat.com> (Ultra 10, T5220)
           Dennis Gilmore <dgilmore@redhat.com>
Signed-off-by: Tom "spot" Callaway <tcallawa@redhat.com>

Thanks in advance,

~spot

Patch

diff -up linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc linux-2.6.32.noarch/security/selinux/hooks.c
--- linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc	2010-03-10 08:28:20.957571926 -0500
+++ linux-2.6.32.noarch/security/selinux/hooks.c	2010-03-10 08:29:15.732698763 -0500
@@ -3010,7 +3010,7 @@  static int file_map_prot_check(struct fi
 	const struct cred *cred = current_cred();
 	int rc = 0;
 
-#ifndef CONFIG_PPC32
+#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
 	if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
 		/*
 		 * We are making executable an anonymous mapping or a
@@ -3082,7 +3082,7 @@  static int selinux_file_mprotect(struct 
 	if (selinux_checkreqprot)
 		prot = reqprot;
 
-#ifndef CONFIG_PPC32
+#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
 	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
 		int rc = 0;
 		if (vma->vm_start >= vma->vm_mm->start_brk &&