On Friday, November 06, 2015 02:07:24 PM Jan Stancek wrote:
> If READ_IMPLIES_EXEC personality is set, mmap-ed area will have
> VM_EXEC vm_flag set, which causes selinux_file_mprotect() to
> skip check for FILE__EXECMOD.
>
> This caused that older (2.6.32) kernels on s390x always allowed
> mprotect to succeed.
>
> Signed-off-by: Jan Stancek <jstancek@xxxxxxxxxx>
> Cc: Paul Moore <paul@xxxxxxxxxxxxxx>
> Cc: Stephen Smalley <sds@xxxxxxxxxxxxx>
> ---
> tests/mmap/mprotect_file_private_execmod.c | 13 +++++++++++++
> 1 file changed, 13 insertions(+)
Merged, thanks.
> diff --git a/tests/mmap/mprotect_file_private_execmod.c
> b/tests/mmap/mprotect_file_private_execmod.c index
> ade19811290a..6d6b995fc03c 100644
> --- a/tests/mmap/mprotect_file_private_execmod.c
> +++ b/tests/mmap/mprotect_file_private_execmod.c
> @@ -4,6 +4,11 @@
> #include <errno.h>
> #include <fcntl.h>
> #include <sys/mman.h>
> +#include <sys/personality.h>
> +
> +#ifndef READ_IMPLIES_EXEC
> +#define READ_IMPLIES_EXEC 0x0400000
> +#endif
>
> int main(int argc, char **argv)
> {
> @@ -16,6 +21,14 @@ int main(int argc, char **argv)
> exit(1);
> }
>
> + /* clear READ_IMPLIES_EXEC if present, because it skips
> + * check for FILE__EXECMOD in selinux_file_mprotect() */
> + rc = personality(0xffffffff);
> + if ((rc != -1) && (rc & READ_IMPLIES_EXEC)) {
> + rc &= ~READ_IMPLIES_EXEC;
> + personality(rc);
> + }
> +
> fd = open(argv[1], O_RDONLY);
> if (fd < 0) {
> perror(argv[1]);
--
paul moore
www.paul-moore.com
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
