selinux: remove secondary ops call to file_mprotect

Remove secondary ops call to file_mprotect, which is a noop in capabilities. Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
git-mirror · Jan 29, 2009 · d541bbe · d541bbe
1 parent 438add6
commit d541bbe
Showing 1 changed file with 1 addition and 6 deletions.
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
@@ -3056,18 +3056,13 @@ static int selinux_file_mprotect(struct vm_area_struct *vma,
 				 unsigned long prot)
 {
 	const struct cred *cred = current_cred();
-	int rc;
-
-	rc = secondary_ops->file_mprotect(vma, reqprot, prot);
-	if (rc)
-		return rc;
 
 	if (selinux_checkreqprot)
 		prot = reqprot;
 
 #ifndef CONFIG_PPC32
 	if ((prot & PROT_EXEC) && !(vma->vm_flags & VM_EXEC)) {
-		rc = 0;
+		int rc = 0;
 		if (vma->vm_start >= vma->vm_mm->start_brk &&
 		    vma->vm_end <= vma->vm_mm->brk) {
 			rc = cred_has_perm(cred, cred, PROCESS__EXECHEAP);