From d541bbee6902d5ffb8a03d63ac8f4b1364c2ff93 Mon Sep 17 00:00:00 2001 From: James Morris Date: Thu, 29 Jan 2009 12:19:51 +1100 Subject: [PATCH] selinux: remove secondary ops call to file_mprotect Remove secondary ops call to file_mprotect, which is a noop in capabilities. Acked-by: Serge Hallyn Acked-by: Eric Paris Signed-off-by: James Morris --- security/selinux/hooks.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 08b506846a1f..2c98071fba8b 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3056,18 +3056,13 @@ static int selinux_file_mprotect(struct vm_area_struct *vma, unsigned long prot) { const struct cred *cred = current_cred(); - int rc; - - rc = secondary_ops->file_mprotect(vma, reqprot, prot); - if (rc) - return rc; if (selinux_checkreqprot) prot = reqprot; #ifndef CONFIG_PPC32 if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) { - rc = 0; + int rc = 0; if (vma->vm_start >= vma->vm_mm->start_brk && vma->vm_end <= vma->vm_mm->brk) { rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP); -- 2.20.1