diff options
author | James Morris <jmorris@namei.org> | 2009-01-29 12:19:51 +1100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-01-30 08:55:11 +1100 |
commit | d541bbee6902d5ffb8a03d63ac8f4b1364c2ff93 (patch) | |
tree | f6b3f9547807d9eb8995885f259e4d5140d70405 | |
parent | 438add6b32d9295db6e3ecd4d9e137086ec5b5d9 (diff) | |
download | op-kernel-dev-d541bbee6902d5ffb8a03d63ac8f4b1364c2ff93.zip op-kernel-dev-d541bbee6902d5ffb8a03d63ac8f4b1364c2ff93.tar.gz |
selinux: remove secondary ops call to file_mprotect
Remove secondary ops call to file_mprotect, which is
a noop in capabilities.
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/hooks.c | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 08b5068..2c98071 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3056,18 +3056,13 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, unsigned long prot) { const struct cred *cred = current_cred(); - int rc; - - rc = secondary_ops->file_mprotect(vma, reqprot, prot); - if (rc) - return rc; if (selinux_checkreqprot) prot = reqprot; #ifndef CONFIG_PPC32 if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { - rc = 0; + int rc = 0; if (vma->vm_start >= vma->vm_mm->start_brk && vma->vm_end <= vma->vm_mm->brk) { rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP); |