From patchwork Wed Mar 24 21:52:57 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Tom \\\"spot\\\" Callaway" X-Patchwork-Id: 48473 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 099E6B7C7E for ; Thu, 25 Mar 2010 08:55:14 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752710Ab0CXVzL (ORCPT ); Wed, 24 Mar 2010 17:55:11 -0400 Received: from mx1.redhat.com ([209.132.183.28]:40701 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752486Ab0CXVzK (ORCPT ); Wed, 24 Mar 2010 17:55:10 -0400 Received: from int-mx05.intmail.prod.int.phx2.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.18]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o2OLt9Vx028351 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 24 Mar 2010 17:55:10 -0400 Received: from [10.16.2.83] (dhcp-100-2-83.bos.redhat.com [10.16.2.83]) by int-mx05.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o2OLt8sI002659; Wed, 24 Mar 2010 17:55:09 -0400 Message-ID: <4BAA89B9.2030102@redhat.com> Date: Wed, 24 Mar 2010 17:52:57 -0400 From: "Tom \"spot\" Callaway" User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.7) Gecko/20100120 Fedora/3.0.1-1.fc13 Lightning/1.0b2pre Thunderbird/3.0.1 MIME-Version: 1.0 To: sparclinux@vger.kernel.org CC: Dennis Gilmore Subject: [PATCH] Disable execmem for sparc X-Scanned-By: MIMEDefang 2.67 on 10.5.11.18 Sender: sparclinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: sparclinux@vger.kernel.org Attached is a patch which disables execmem for sparc. Without it, selinux does not work at all on SPARC64. This patch should be reasonably non-controversial, because this is already being done for PPC32. Tested-by: Tom "spot" Callaway (Ultra 10, T5220) Dennis Gilmore Signed-off-by: Tom "spot" Callaway Thanks in advance, ~spot diff -up linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc linux-2.6.32.noarch/security/selinux/hooks.c --- linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc 2010-03-10 08:28:20.957571926 -0500 +++ linux-2.6.32.noarch/security/selinux/hooks.c 2010-03-10 08:29:15.732698763 -0500 @@ -3010,7 +3010,7 @@ static int file_map_prot_check(struct fi const struct cred *cred = current_cred(); int rc = 0; -#ifndef CONFIG_PPC32 +#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC) if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) { /* * We are making executable an anonymous mapping or a @@ -3082,7 +3082,7 @@ static int selinux_file_mprotect(struct if (selinux_checkreqprot) prot = reqprot; -#ifndef CONFIG_PPC32 +#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC) if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { int rc = 0; if (vma->vm_start >= vma->vm_mm->start_brk &&