aboutsummaryrefslogtreecommitdiff
path: root/security/commoncap.c
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2012-05-30 13:11:37 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2012-05-31 13:10:54 -0400
commitd007794a182bc072a7b7479909dbd0d67ba341be (patch)
tree75aa7ccd563a0fe8b60391824c92f64098674dda /security/commoncap.c
parentcf74d14c4fbce9bcc9eb62f52d721d3399a2b87f (diff)
split cap_mmap_addr() out of cap_file_mmap()
... switch callers. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/commoncap.c')
-rw-r--r--security/commoncap.c32
1 files changed, 23 insertions, 9 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index e771cb1b2d7..ebac3618896 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -958,22 +958,15 @@ int cap_vm_enough_memory(struct mm_struct *mm, long pages)
}
/*
- * cap_file_mmap - check if able to map given addr
- * @file: unused
- * @reqprot: unused
- * @prot: unused
- * @flags: unused
+ * cap_mmap_addr - check if able to map given addr
* @addr: address attempting to be mapped
- * @addr_only: unused
*
* If the process is attempting to map memory below dac_mmap_min_addr they need
* CAP_SYS_RAWIO. The other parameters to this function are unused by the
* capability security module. Returns 0 if this mapping should be allowed
* -EPERM if not.
*/
-int cap_file_mmap(struct file *file, unsigned long reqprot,
- unsigned long prot, unsigned long flags,
- unsigned long addr, unsigned long addr_only)
+int cap_mmap_addr(unsigned long addr)
{
int ret = 0;
@@ -986,3 +979,24 @@ int cap_file_mmap(struct file *file, unsigned long reqprot,
}
return ret;
}
+
+/*
+ * cap_file_mmap - check if able to map given addr
+ * @file: unused
+ * @reqprot: unused
+ * @prot: unused
+ * @flags: unused
+ * @addr: address attempting to be mapped
+ * @addr_only: unused
+ *
+ * If the process is attempting to map memory below dac_mmap_min_addr they need
+ * CAP_SYS_RAWIO. The other parameters to this function are unused by the
+ * capability security module. Returns 0 if this mapping should be allowed
+ * -EPERM if not.
+ */
+int cap_file_mmap(struct file *file, unsigned long reqprot,
+ unsigned long prot, unsigned long flags,
+ unsigned long addr, unsigned long addr_only)
+{
+ return cap_mmap_addr(addr);
+}