[Mesa-dev] [Bug 80185] New: Please do not hardcode SELinux identifiers in the code

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Wed Jun 18 05:26:24 PDT 2014


          Priority: medium
            Bug ID: 80185
          Assignee: mesa-dev at lists.freedesktop.org
           Summary: Please do not hardcode SELinux identifiers in the code
          Severity: normal
    Classification: Unclassified
                OS: All
          Reporter: l.bigonville at edpnet.be
          Hardware: Other
            Status: NEW
           Version: 10.2
         Component: Mesa core
           Product: Mesa


Currently the mesa code is checking for SELinux booleans ("allow_execmem") to
check whether SELinux will allow mapped memory to be executed and otherwise
turns the function in a noop.

Hardcoding such booleans (and other identifiers) is probably a bad habit, since
custom policies might be written and may perfectly omit these identifiers.
Fedora policy for example doesn't have this boolean anymore.

You should probably to try to mmap() in all cases and react accordingly in case
of failure when SELinux is enabled (by checking errno maybe?)

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20140618/c7f3fb28/attachment.html>

More information about the mesa-dev mailing list