[rsbac] small conflict xfs/rsbac 2.4.20
Amon Ott
rsbac@rsbac.org
Tue Dec 31 12:11:01 2002
On Sunday 29 December 2002 20:00, Tony den Haan wrote:
> i ran into this mprotect.c.rej when applying rsbac patch on 2.4.20 with
> xfs patch:
>
> ***************
> *** 300,305 ****
> goto out;
> }
>
> if (vma->vm_end > end) {
> error = mprotect_fixup(vma, &prev, nstart, end,
> newflags);
> goto out;
> --- 313,357 ----
> goto out;
> }
>
> + #ifdef CONFIG_RSBAC
> <<<the rsbac bit to be added.....>>>
> + #endif
> if (vma->vm_end > end) {
> error = mprotect_fixup(vma, &prev, nstart, end,
> newflags);
> goto out;
>
>
>
> this because xfs patch inserts a test just before "if (vma->vm_end >
> end) {"
The old problem with other additional patches, there are often conflicts
somewhere.
> fixing seems trivial, but made me wonder: why is the rsbac related test,
> which seems more expensive, performed *before* the
> "if (vma->vm_end > end)" test?
>
> it looks like a less expensive sanity check, might even prevent problems?
I wanted to be sure that the RSBAC check is always called, and that no side
effect changes through mprotect_fixup can happen before it.
It does not really matter, where the RSBAC interception happens, because a
failed sanity check is a rare event.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22