diff -up mesa-20071127/src/mesa/main/execmem.c.selinux-awareness mesa-20071127/src/mesa/main/execmem.c
--- mesa-20071127/src/mesa/main/execmem.c.selinux-awareness	2007-11-27 14:33:54.000000000 -0500
+++ mesa-20071127/src/mesa/main/execmem.c	2007-11-27 14:34:34.000000000 -0500
@@ -46,6 +46,7 @@
 #include <unistd.h>
 #include <sys/mman.h>
 #include "mm.h"
+#include <selinux/selinux.h>
 
 #define EXEC_HEAP_SIZE (10*1024*1024)
 
@@ -55,9 +56,16 @@ static struct mem_block *exec_heap = NUL
 static unsigned char *exec_mem = NULL;
 
 
-static void
+static int
 init_heap(void)
 {
+
+   if (is_selinux_enabled()) {
+      if (!security_get_boolean_active("allow_execmem") ||
+	  !security_get_boolean_pending("allow_execmem"))
+      return 0;
+   }
+
    if (!exec_heap)
       exec_heap = mmInit( 0, EXEC_HEAP_SIZE );
    
@@ -65,6 +73,8 @@ init_heap(void)
       exec_mem = (unsigned char *) mmap(0, EXEC_HEAP_SIZE, 
 					PROT_EXEC | PROT_READ | PROT_WRITE, 
 					MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
+
+   return (exec_mem != NULL);
 }
 
 
@@ -76,7 +86,8 @@ _mesa_exec_malloc(GLuint size)
 
    _glthread_LOCK_MUTEX(exec_mutex);
 
-   init_heap();
+   if (!init_heap())
+      goto bail;
 
    if (exec_heap) {
       size = (size + 31) & ~31;
@@ -87,7 +98,8 @@ _mesa_exec_malloc(GLuint size)
       addr = exec_mem + block->ofs;
    else 
       _mesa_printf("_mesa_exec_malloc failed\n");
-   
+
+bail: 
    _glthread_UNLOCK_MUTEX(exec_mutex);
    
    return addr;
diff -up mesa-20071127/src/mesa/x86/rtasm/x86sse.c.selinux-awareness mesa-20071127/src/mesa/x86/rtasm/x86sse.c
diff -up mesa-20071127/src/mesa/x86/rtasm/x86sse.h.selinux-awareness mesa-20071127/src/mesa/x86/rtasm/x86sse.h
diff -up mesa-20071127/src/mesa/tnl/t_vertex_sse.c.selinux-awareness mesa-20071127/src/mesa/tnl/t_vertex_sse.c
diff -up mesa-20071127/configs/linux-osmesa.selinux-awareness mesa-20071127/configs/linux-osmesa
--- mesa-20071127/configs/linux-osmesa.selinux-awareness	2007-11-27 14:33:53.000000000 -0500
+++ mesa-20071127/configs/linux-osmesa	2007-11-27 14:34:34.000000000 -0500
@@ -23,6 +23,6 @@ PROGRAM_DIRS = osdemos
 
 
 # Dependencies
-OSMESA_LIB_DEPS = -lm -lpthread
+OSMESA_LIB_DEPS = -lm -lpthread -lselinux
 GLU_LIB_DEPS = -L$(TOP)/$(LIB_DIR) -l$(OSMESA_LIB)
 APP_LIB_DEPS = -lOSMesa -lGLU
diff -up mesa-20071127/configs/linux-osmesa32.selinux-awareness mesa-20071127/configs/linux-osmesa32
--- mesa-20071127/configs/linux-osmesa32.selinux-awareness	2007-11-27 14:33:53.000000000 -0500
+++ mesa-20071127/configs/linux-osmesa32	2007-11-27 14:34:34.000000000 -0500
@@ -26,6 +26,6 @@ PROGRAM_DIRS = 
 
 
 # Dependencies
-OSMESA_LIB_DEPS = -lm -lpthread
+OSMESA_LIB_DEPS = -lm -lpthread -lselinux
 GLU_LIB_DEPS = -L$(TOP)/$(LIB_DIR) -l$(OSMESA_LIB)
 APP_LIB_DEPS = -lOSMesa32
diff -up mesa-20071127/configs/linux-osmesa16.selinux-awareness mesa-20071127/configs/linux-osmesa16
--- mesa-20071127/configs/linux-osmesa16.selinux-awareness	2007-11-27 14:33:53.000000000 -0500
+++ mesa-20071127/configs/linux-osmesa16	2007-11-27 14:34:34.000000000 -0500
@@ -26,6 +26,6 @@ PROGRAM_DIRS = 
 
 
 # Dependencies
-OSMESA_LIB_DEPS = -lm -lpthread
+OSMESA_LIB_DEPS = -lm -lpthread -lselinux
 GLU_LIB_DEPS = -L$(TOP)/$(LIB_DIR) -l$(OSMESA_LIB)
 APP_LIB_DEPS = -lOSMesa16
diff -up mesa-20071127/configs/linux-dri.selinux-awareness mesa-20071127/configs/linux-dri
--- mesa-20071127/configs/linux-dri.selinux-awareness	2007-11-27 14:34:34.000000000 -0500
+++ mesa-20071127/configs/linux-dri	2007-11-27 14:34:34.000000000 -0500
@@ -45,7 +45,8 @@ EXTRA_LIB_PATH=-L/usr/X11R6/lib
 
 LIBDRM_CFLAGS = `pkg-config --cflags libdrm`
 LIBDRM_LIB = `pkg-config --libs libdrm`
-DRI_LIB_DEPS  = $(EXTRA_LIB_PATH) -lm -lpthread -lexpat -ldl $(LIBDRM_LIB)
+DRI_LIB_DEPS  = $(EXTRA_LIB_PATH) -lm -lpthread -lexpat -ldl $(LIBDRM_LIB) \
+		-lselinux
 GL_LIB_DEPS   = $(EXTRA_LIB_PATH) -lX11 -lXext -lXxf86vm -lXdamage -lXfixes \
 		-lm -lpthread -ldl \
                 $(LIBDRM_LIB)