mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-01 10:42:11 +00:00
selinux: use vma_is_initial_stack() and vma_is_initial_heap()
Use the helpers to simplify code. Link: https://lkml.kernel.org/r/20230728050043.59880-4-wangkefeng.wang@huawei.com Signed-off-by: Kefeng Wang <wangkefeng.wang@huawei.com> Acked-by: Paul Moore <paul@paul-moore.com> Reviewed-by: David Hildenbrand <david@redhat.com> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Cc: Stephen Smalley <stephen.smalley.work@gmail.com> Cc: Eric Paris <eparis@parisplace.org> Cc: Alex Deucher <alexander.deucher@amd.com> Cc: Arnaldo Carvalho de Melo <acme@kernel.org> Cc: Christian Göttsche <cgzones@googlemail.com> Cc: "Christian König" <christian.koenig@amd.com> Cc: Daniel Vetter <daniel@ffwll.ch> Cc: David Airlie <airlied@gmail.com> Cc: Felix Kuehling <felix.kuehling@amd.com> Cc: "Pan, Xinhui" <Xinhui.Pan@amd.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
This commit is contained in:
parent
f7992bfaf3
commit
68df1baf15
@ -3762,13 +3762,10 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
|
|||||||
if (default_noexec &&
|
if (default_noexec &&
|
||||||
(prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
|
(prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
|
||||||
int rc = 0;
|
int rc = 0;
|
||||||
if (vma->vm_start >= vma->vm_mm->start_brk &&
|
if (vma_is_initial_heap(vma)) {
|
||||||
vma->vm_end <= vma->vm_mm->brk) {
|
|
||||||
rc = avc_has_perm(sid, sid, SECCLASS_PROCESS,
|
rc = avc_has_perm(sid, sid, SECCLASS_PROCESS,
|
||||||
PROCESS__EXECHEAP, NULL);
|
PROCESS__EXECHEAP, NULL);
|
||||||
} else if (!vma->vm_file &&
|
} else if (!vma->vm_file && (vma_is_initial_stack(vma) ||
|
||||||
((vma->vm_start <= vma->vm_mm->start_stack &&
|
|
||||||
vma->vm_end >= vma->vm_mm->start_stack) ||
|
|
||||||
vma_is_stack_for_current(vma))) {
|
vma_is_stack_for_current(vma))) {
|
||||||
rc = avc_has_perm(sid, sid, SECCLASS_PROCESS,
|
rc = avc_has_perm(sid, sid, SECCLASS_PROCESS,
|
||||||
PROCESS__EXECSTACK, NULL);
|
PROCESS__EXECSTACK, NULL);
|
||||||
|
Loading…
Reference in New Issue
Block a user