Re: [PATCH] mm/nommu.c: Fix improperly call of security API in mmap

[David Howells]

Eric Paris <eparis@xxxxxxxxxx> wrote:

> That would still call cap_file_mmap() and wouldn't solve your problem.

Hmmm...  I guess I don't see the problem occur because I always run the
programs as root.

I would guess that cap_file_mmap() and selinux_file_mmap() are, perhaps, too
strict.  The hint shouldn't be rejected unless MAP_FIXED is also set, surely,
but should rather be revised upwards.

Certainly, addr==NULL and !MAP_FIXED is a reasonable case to permit, even in
tightly secured MMU and SELinux mode...  After all, the manual page says:

	If addr is NULL, then the kernel chooses the address at which to create
	the mapping; this is the most portable method of creating  a  new  map-
	ping.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/