Thanks!
On Wed, Apr 6, 2016 at 12:57 PM, Stephen Smalley
<stephen.smalley@xxxxxxxxx> wrote:
> The execstack check was only being applied on the main
> process stack. Thread stacks allocated via mmap were
> only subject to the execmem permission check. Augment
> the check to apply to the current thread stack as well.
> Note that this does NOT prevent making a different thread's
> stack executable.
>
> Suggested-by: Nick Kralevich <nnk@xxxxxxxxxx>
Acked-By: Nick Kralevich <nnk@xxxxxxxxxx>
> Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
> ---
> security/selinux/hooks.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index a9ca5ee..0271be4 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -3465,8 +3465,9 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
> vma->vm_end <= vma->vm_mm->brk) {
> rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP);
> } else if (!vma->vm_file &&
> - vma->vm_start <= vma->vm_mm->start_stack &&
> - vma->vm_end >= vma->vm_mm->start_stack) {
> + ((vma->vm_start <= vma->vm_mm->start_stack &&
> + vma->vm_end >= vma->vm_mm->start_stack) ||
> + vma_is_stack_for_task(vma, current))) {
> rc = current_has_perm(current, PROCESS__EXECSTACK);
> } else if (vma->vm_file && vma->anon_vma) {
> /*
> --
> 2.8.0
>
--
Nick Kralevich | Android Security | nnk@xxxxxxxxxx | 650.214.4037
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
