diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2012-05-30 13:30:51 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-05-31 13:11:54 -0400 |
commit | e5467859f7f79b69fc49004403009dfdba3bec53 (patch) | |
tree | 73b011daf79eeddd61bbcaf65cd197b5e5f6f149 /security/apparmor | |
parent | d007794a182bc072a7b7479909dbd0d67ba341be (diff) | |
download | op-kernel-dev-e5467859f7f79b69fc49004403009dfdba3bec53.zip op-kernel-dev-e5467859f7f79b69fc49004403009dfdba3bec53.tar.gz |
split ->file_mmap() into ->mmap_addr()/->mmap_file()
... i.e. file-dependent and address-dependent checks.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/apparmor')
-rw-r--r-- | security/apparmor/lsm.c | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 8430d89..8ea39aa 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -490,17 +490,9 @@ static int common_mmap(int op, struct file *file, unsigned long prot, return common_file_perm(op, file, mask); } -static int apparmor_file_mmap(struct file *file, unsigned long reqprot, - unsigned long prot, unsigned long flags, - unsigned long addr, unsigned long addr_only) +static int apparmor_mmap_file(struct file *file, unsigned long reqprot, + unsigned long prot, unsigned long flags) { - int rc = 0; - - /* do DAC check */ - rc = cap_mmap_addr(addr); - if (rc || addr_only) - return rc; - return common_mmap(OP_FMMAP, file, prot, flags); } @@ -646,7 +638,8 @@ static struct security_operations apparmor_ops = { .file_permission = apparmor_file_permission, .file_alloc_security = apparmor_file_alloc_security, .file_free_security = apparmor_file_free_security, - .file_mmap = apparmor_file_mmap, + .mmap_file = apparmor_mmap_file, + .mmap_addr = cap_mmap_addr, .file_mprotect = apparmor_file_mprotect, .file_lock = apparmor_file_lock, |