summaryrefslogtreecommitdiffstats
path: root/security/apparmor
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2012-05-30 13:30:51 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2012-05-31 13:11:54 -0400
commite5467859f7f79b69fc49004403009dfdba3bec53 (patch)
tree73b011daf79eeddd61bbcaf65cd197b5e5f6f149 /security/apparmor
parentd007794a182bc072a7b7479909dbd0d67ba341be (diff)
downloadop-kernel-dev-e5467859f7f79b69fc49004403009dfdba3bec53.zip
op-kernel-dev-e5467859f7f79b69fc49004403009dfdba3bec53.tar.gz
split ->file_mmap() into ->mmap_addr()/->mmap_file()
... i.e. file-dependent and address-dependent checks. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/apparmor')
-rw-r--r--security/apparmor/lsm.c15
1 files changed, 4 insertions, 11 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 8430d89..8ea39aa 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -490,17 +490,9 @@ static int common_mmap(int op, struct file *file, unsigned long prot,
return common_file_perm(op, file, mask);
}
-static int apparmor_file_mmap(struct file *file, unsigned long reqprot,
- unsigned long prot, unsigned long flags,
- unsigned long addr, unsigned long addr_only)
+static int apparmor_mmap_file(struct file *file, unsigned long reqprot,
+ unsigned long prot, unsigned long flags)
{
- int rc = 0;
-
- /* do DAC check */
- rc = cap_mmap_addr(addr);
- if (rc || addr_only)
- return rc;
-
return common_mmap(OP_FMMAP, file, prot, flags);
}
@@ -646,7 +638,8 @@ static struct security_operations apparmor_ops = {
.file_permission = apparmor_file_permission,
.file_alloc_security = apparmor_file_alloc_security,
.file_free_security = apparmor_file_free_security,
- .file_mmap = apparmor_file_mmap,
+ .mmap_file = apparmor_mmap_file,
+ .mmap_addr = cap_mmap_addr,
.file_mprotect = apparmor_file_mprotect,
.file_lock = apparmor_file_lock,
OpenPOWER on IntegriCloud