summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Morris <jmorris@namei.org>2009-01-29 12:19:51 +1100
committerJames Morris <jmorris@namei.org>2009-01-30 08:55:11 +1100
commitd541bbee6902d5ffb8a03d63ac8f4b1364c2ff93 (patch)
treef6b3f9547807d9eb8995885f259e4d5140d70405
parent438add6b32d9295db6e3ecd4d9e137086ec5b5d9 (diff)
selinux: remove secondary ops call to file_mprotect
Remove secondary ops call to file_mprotect, which is a noop in capabilities. Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/selinux/hooks.c7
1 files changed, 1 insertions, 6 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 08b506846a1f..2c98071fba8b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3056,18 +3056,13 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
unsigned long prot)
{
const struct cred *cred = current_cred();
- int rc;
-
- rc = secondary_ops->file_mprotect(vma, reqprot, prot);
- if (rc)
- return rc;
if (selinux_checkreqprot)
prot = reqprot;
#ifndef CONFIG_PPC32
if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
- rc = 0;
+ int rc = 0;
if (vma->vm_start >= vma->vm_mm->start_brk &&
vma->vm_end <= vma->vm_mm->brk) {
rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP);