rpms/kernel/F-12 kernel.spec, 1.2030, 1.2031 linux-2.6-sparc-selinux-mprotect-checks.patch, 1.2, 1.3

Tom Callaway spot at fedoraproject.org
Wed Mar 10 13:37:10 UTC 2010 

Author: spot

Update of /cvs/pkgs/rpms/kernel/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18125

Modified Files:
	kernel.spec linux-2.6-sparc-selinux-mprotect-checks.patch 
Log Message:
cleanup and re-enable selinux sparc mprotect fix


Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-12/kernel.spec,v
retrieving revision 1.2030
retrieving revision 1.2031
diff -u -p -r1.2030 -r1.2031
--- kernel.spec	3 Mar 2010 03:26:09 -0000	1.2030
+++ kernel.spec	10 Mar 2010 13:37:09 -0000	1.2031
@@ -1325,9 +1325,9 @@ ApplyPatch linux-2.6-silence-fbcon-logo.
 ApplyPatch viafb-neuter-device-table.patch
 
 # Fix the SELinux mprotect checks on executable mappings
-#ApplyPatch linux-2.6-selinux-mprotect-checks.patch
+# ApplyPatch linux-2.6-selinux-mprotect-checks.patch
 # Fix SELinux for sparc
-#ApplyPatch linux-2.6-sparc-selinux-mprotect-checks.patch
+ApplyPatch linux-2.6-sparc-selinux-mprotect-checks.patch
 
 # Changes to upstream defaults.
 
@@ -2077,6 +2077,9 @@ fi
 # and build.
 
 %changelog
+* Wed Mar 10 2010 Tom "spot" Callaway <tcallawa at redhat.com>
+- cleanup and re-enable sparc selinux mprotect fix
+
 * Wed Mar 03 2010 Dave Airlie <airlied at redhat.com> 2.6.32.9-70
 - drm-upgrayed-fixes: backport a bunch of fixes from upstream
 - should fix AGP slowdowns + rv740 hw.

linux-2.6-sparc-selinux-mprotect-checks.patch:
 hooks.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: linux-2.6-sparc-selinux-mprotect-checks.patch
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-12/linux-2.6-sparc-selinux-mprotect-checks.patch,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- linux-2.6-sparc-selinux-mprotect-checks.patch	29 Dec 2008 02:48:00 -0000	1.2
+++ linux-2.6-sparc-selinux-mprotect-checks.patch	10 Mar 2010 13:37:09 -0000	1.3
@@ -1,35 +1,21 @@
-diff -up linux-2.6.24.sparc64/security/selinux/hooks.c.BAD linux-2.6.24.sparc64/security/selinux/hooks.c
---- linux-2.6.24.sparc64/security/selinux/hooks.c.BAD	2008-03-21 14:28:06.000000000 -0400
-+++ linux-2.6.24.sparc64/security/selinux/hooks.c	2008-03-21 14:29:10.000000000 -0400
-@@ -3018,6 +3018,7 @@ static int file_map_prot_check(struct fi
+diff -up linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc linux-2.6.32.noarch/security/selinux/hooks.c
+--- linux-2.6.32.noarch/security/selinux/hooks.c.mprotect-sparc	2010-03-10 08:28:20.957571926 -0500
++++ linux-2.6.32.noarch/security/selinux/hooks.c	2010-03-10 08:29:15.732698763 -0500
+@@ -3010,7 +3010,7 @@ static int file_map_prot_check(struct fi
  	const struct cred *cred = current_cred();
  	int rc = 0;
  
-+#ifndef CONFIG_SPARC
+-#ifndef CONFIG_PPC32
++#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
  	if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
  		/*
  		 * We are making executable an anonymous mapping or a
-@@ -3028,6 +3029,7 @@ static int file_map_prot_check(struct fi
- 		if (rc)
- 			goto error;
- 	}
-+#endif
- 
- 	if (file) {
- 		/* read access is always possible with a mapping */
-@@ -3081,6 +3081,7 @@ static int selinux_file_mprotect(struct 
+@@ -3082,7 +3082,7 @@ static int selinux_file_mprotect(struct 
  	if (selinux_checkreqprot)
  		prot = reqprot;
  
-+#ifndef CONFIG_SPARC
+-#ifndef CONFIG_PPC32
++#if !defined(CONFIG_PPC32) && !defined(CONFIG_SPARC)
  	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
- 		rc = 0;
+ 		int rc = 0;
  		if (vma->vm_start >= vma->vm_mm->start_brk &&
-@@ -3103,6 +3103,7 @@ static int selinux_file_mprotect(struct 
- 		if (rc)
- 			return rc;
- 	}
-+#endif
- 
- 	return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED);
- }

More information about the scm-commits mailing list