summaryrefslogtreecommitdiff
path: root/mm
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2012-05-30 17:11:23 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2012-06-01 10:37:01 -0400
commit8b3ec6814c83d76b85bd13badc48552836c24839 (patch)
tree2430a4511c7ea41f67b0d841f4c42eac43828db3 /mm
parente5467859f7f79b69fc49004403009dfdba3bec53 (diff)
downloadlwn-8b3ec6814c83d76b85bd13badc48552836c24839.tar.gz
lwn-8b3ec6814c83d76b85bd13badc48552836c24839.zip
take security_mmap_file() outside of ->mmap_sem
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'mm')
-rw-r--r--mm/mmap.c23
-rw-r--r--mm/nommu.c22
2 files changed, 24 insertions, 21 deletions
diff --git a/mm/mmap.c b/mm/mmap.c
index 49283da9a2ae..34b280f4238d 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -979,7 +979,6 @@ static unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
struct inode *inode;
vm_flags_t vm_flags;
int error;
- unsigned long reqprot = prot;
/*
* Does the application expect PROT_READ to imply PROT_EXEC?
@@ -1105,10 +1104,6 @@ static unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
if (error)
return error;
- error = security_mmap_file(file, reqprot, prot, flags);
- if (error)
- return error;
-
return mmap_region(file, addr, len, flags, vm_flags, pgoff);
}
@@ -1130,9 +1125,12 @@ unsigned long vm_mmap(struct file *file, unsigned long addr,
unsigned long ret;
struct mm_struct *mm = current->mm;
- down_write(&mm->mmap_sem);
- ret = do_mmap(file, addr, len, prot, flag, offset);
- up_write(&mm->mmap_sem);
+ ret = security_mmap_file(file, prot, flag);
+ if (!ret) {
+ down_write(&mm->mmap_sem);
+ ret = do_mmap(file, addr, len, prot, flag, offset);
+ up_write(&mm->mmap_sem);
+ }
return ret;
}
EXPORT_SYMBOL(vm_mmap);
@@ -1168,9 +1166,12 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned long, addr, unsigned long, len,
flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE);
- down_write(&current->mm->mmap_sem);
- retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);
- up_write(&current->mm->mmap_sem);
+ retval = security_mmap_file(file, prot, flags);
+ if (!retval) {
+ down_write(&current->mm->mmap_sem);
+ retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);
+ up_write(&current->mm->mmap_sem);
+ }
if (file)
fput(file);
diff --git a/mm/nommu.c b/mm/nommu.c
index acfe419785db..8cbfd623b04a 100644
--- a/mm/nommu.c
+++ b/mm/nommu.c
@@ -889,7 +889,6 @@ static int validate_mmap_request(struct file *file,
unsigned long *_capabilities)
{
unsigned long capabilities, rlen;
- unsigned long reqprot = prot;
int ret;
/* do the simple checks first */
@@ -1050,9 +1049,6 @@ static int validate_mmap_request(struct file *file,
ret = security_mmap_addr(addr);
if (ret < 0)
return ret;
- ret = security_mmap_file(file, reqprot, prot, flags);
- if (ret < 0)
- return ret;
/* looks okay */
*_capabilities = capabilities;
@@ -1492,9 +1488,12 @@ unsigned long vm_mmap(struct file *file, unsigned long addr,
unsigned long ret;
struct mm_struct *mm = current->mm;
- down_write(&mm->mmap_sem);
- ret = do_mmap(file, addr, len, prot, flag, offset);
- up_write(&mm->mmap_sem);
+ ret = security_mmap_file(file, prot, flag);
+ if (!ret) {
+ down_write(&mm->mmap_sem);
+ ret = do_mmap(file, addr, len, prot, flag, offset);
+ up_write(&mm->mmap_sem);
+ }
return ret;
}
EXPORT_SYMBOL(vm_mmap);
@@ -1515,9 +1514,12 @@ SYSCALL_DEFINE6(mmap_pgoff, unsigned long, addr, unsigned long, len,
flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE);
- down_write(&current->mm->mmap_sem);
- retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);
- up_write(&current->mm->mmap_sem);
+ ret = security_mmap_file(file, prot, flags);
+ if (!ret) {
+ down_write(&current->mm->mmap_sem);
+ retval = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);
+ up_write(&current->mm->mmap_sem);
+ }
if (file)
fput(file);