diff options
| author | jakub <jakub@138bc75d-0d04-0410-961f-82ee72b054a4> | 2007-04-03 09:12:40 +0000 |
|---|---|---|
| committer | jakub <jakub@138bc75d-0d04-0410-961f-82ee72b054a4> | 2007-04-03 09:12:40 +0000 |
| commit | 58606959931c9f33aa13bdbb5908d63c9cedf742 (patch) | |
| tree | b481e68cd487f935394d6e638aa80b70cf61b6da /libffi | |
| parent | 76008ac42aa83a8051d9cf9d9e2106099aec90df (diff) | |
| download | gcc-58606959931c9f33aa13bdbb5908d63c9cedf742.tar.gz | |
* src/closures.c: Include sys/statfs.h.
(_GNU_SOURCE): Define on Linux.
(FFI_MMAP_EXEC_SELINUX): Define.
(selinux_enabled): New variable.
(selinux_enabled_check): New function.
(is_selinux_enabled): Define.
(dlmmap): Use it.
* configure.ac (NO_EXECUTE_PERMISSION): Set by default.
* configure: Rebuilt.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@123457 138bc75d-0d04-0410-961f-82ee72b054a4
Diffstat (limited to 'libffi')
| -rw-r--r-- | libffi/ChangeLog | 10 | ||||
| -rw-r--r-- | libffi/src/closures.c | 64 |
2 files changed, 73 insertions, 1 deletions
diff --git a/libffi/ChangeLog b/libffi/ChangeLog index 23ae5f80a16..f47682e9b5f 100644 --- a/libffi/ChangeLog +++ b/libffi/ChangeLog @@ -1,3 +1,13 @@ +2007-04-03 Jakub Jelinek <jakub@redhat.com> + + * src/closures.c: Include sys/statfs.h. + (_GNU_SOURCE): Define on Linux. + (FFI_MMAP_EXEC_SELINUX): Define. + (selinux_enabled): New variable. + (selinux_enabled_check): New function. + (is_selinux_enabled): Define. + (dlmmap): Use it. + 2007-03-24 Uros Bizjak <ubizjak@gmail.com> * testsuite/libffi.call/return_fl2.c (return_fl): Mark as static. diff --git a/libffi/src/closures.c b/libffi/src/closures.c index 99be5acfd79..ec956d04f26 100644 --- a/libffi/src/closures.c +++ b/libffi/src/closures.c @@ -23,6 +23,10 @@ OTHER DEALINGS IN THE SOFTWARE. ----------------------------------------------------------------------- */ +#if defined __linux__ && !defined _GNU_SOURCE +#define _GNU_SOURCE 1 +#endif + #include <ffi.h> #include <ffi_common.h> @@ -39,6 +43,15 @@ # endif #endif +#if FFI_MMAP_EXEC_WRIT && !defined FFI_MMAP_EXEC_SELINUX +# ifdef __linux__ +/* When defined to 1 check for SELinux and if SELinux is active, + don't attempt PROT_EXEC|PROT_WRITE mapping at all, as that + might cause audit messages. */ +# define FFI_MMAP_EXEC_SELINUX 1 +# endif +#endif + #if FFI_CLOSURES # if FFI_MMAP_EXEC_WRIT @@ -87,6 +100,55 @@ #include <sys/mman.h> #define LACKS_SYS_MMAN_H 1 +#if FFI_MMAP_EXEC_SELINUX +#include <sys/statfs.h> +#include <stdlib.h> + +static int selinux_enabled = -1; + +static int +selinux_enabled_check (void) +{ + struct statfs sfs; + FILE *f; + char *buf = NULL; + size_t len = 0; + + if (statfs ("/selinux", &sfs) >= 0 + && (unsigned int) sfs.f_type == 0xf97cff8cU) + return 1; + f = fopen ("/proc/mounts", "r"); + if (f == NULL) + return 0; + while (getline (&buf, &len, f) >= 0) + { + char *p = strchr (buf, ' '); + if (p == NULL) + break; + p = strchr (p + 1, ' '); + if (p == NULL) + break; + if (strncmp (p + 1, "selinuxfs ", 10) != 0) + { + free (buf); + fclose (f); + return 1; + } + } + free (buf); + fclose (f); + return 0; +} + +#define is_selinux_enabled() (selinux_enabled >= 0 ? selinux_enabled \ + : (selinux_enabled = selinux_enabled_check ())) + +#else + +#define is_selinux_enabled() 0 + +#endif + #define MAYBE_UNUSED __attribute__((__unused__)) /* Declare all functions defined in dlmalloc.c as static. */ @@ -358,7 +420,7 @@ dlmmap (void *start, size_t length, int prot, printf ("mapping in %zi\n", length); #endif - if (execfd == -1) + if (execfd == -1 && !is_selinux_enabled ()) { ptr = mmap (start, length, prot | PROT_EXEC, flags, fd, offset); |