initial srpm import

1 files changed, 41 insertions, 0 deletions

diff --git a/linux-2.6-selinux-mprotect-checks.patch b/linux-2.6-selinux-mprotect-checks.patch
new file mode 100644
index 0000000..1752525
--- /dev/null
+++ b/linux-2.6-selinux-mprotect-checks.patch
@@ -0,0 +1,41 @@
+This needs a fixed toolchain, and a userspace rebuild to work.
+For these reasons, it's had difficulty getting upstream.
+
+ie, Fedora has a new enough toolchain, and has been rebuilt, so we don't need
+the ifdefs.  Other distros don't/haven't, and this patch would break them
+if pushed upstream.
+
+--- linux-2.6.26.noarch/security/selinux/hooks.c~	2008-09-25 14:11:17.000000000 -0400
++++ linux-2.6.26.noarch/security/selinux/hooks.c	2008-09-25 14:12:17.000000000 -0400
+@@ -3018,7 +3018,6 @@ static int file_map_prot_check(struct fi
+ 	const struct cred *cred = current_cred();
+ 	int rc = 0;
+ 
+-#ifndef CONFIG_PPC32
+ 	if ((prot & PROT_EXEC) && (!file || (!shared && (prot & PROT_WRITE)))) {
+ 		/*
+ 		 * We are making executable an anonymous mapping or a
+@@ -3029,7 +3028,6 @@ static int file_map_prot_check(struct fi
+ 		if (rc)
+ 			goto error;
+ 	}
+-#endif
+ 
+ 	if (file) {
+ 		/* read access is always possible with a mapping */
+@@ -3024,7 +3022,6 @@ static int selinux_file_mprotect(struct 
+ 	if (selinux_checkreqprot)
+ 		prot = reqprot;
+ 
+-#ifndef CONFIG_PPC32
+ 	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
+ 		rc = 0;
+ 		if (vma->vm_start >= vma->vm_mm->start_brk &&
+@@ -3049,7 +3046,6 @@ static int selinux_file_mprotect(struct 
+ 		if (rc)
+ 			return rc;
+ 	}
+-#endif
+ 
+ 	return file_map_prot_check(vma->vm_file, prot, vma->vm_flags&VM_SHARED);
+ }