[PATCH] Bug fix for file alloc_security hook call

• Previous message: Seth Arnold: "Re: quotactl hook"
• Next in thread: Chris Wright: "Re: [PATCH] Bug fix for file alloc_security hook call"
• Reply: Chris Wright: "Re: [PATCH] Bug fix for file alloc_security hook call"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The attached patch moves the file_ops->alloc_security call
after the memset that clears the struct file.  Otherwise,
the file security blob is immediately cleared after allocation.

--
Stephen D. Smalley, NAI Labs
ssmalleyat_private




Index: lsm/fs/file_table.c
diff -u lsm/fs/file_table.c:1.3 lsm/fs/file_table.c:1.4
--- lsm/fs/file_table.c:1.3	Wed Jun 13 12:20:28 2001
+++ lsm/fs/file_table.c	Wed Sep  5 16:12:41 2001
@@ -41,13 +41,13 @@
 		list_del(&f->f_list);
 		files_stat.nr_free_files--;
 	new_one:
+		memset(f, 0, sizeof(*f));
 		if (security_ops->file_ops->alloc_security(f)) {
 			list_add(&f->f_list, &free_list);
 			files_stat.nr_free_files++;
 			file_list_unlock();
 			return NULL;
 		}
-		memset(f, 0, sizeof(*f));
 		atomic_set(&f->f_count,1);
 		f->f_version = ++event;
 		f->f_uid = current->fsuid;

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Greg KH: "Re: quotactl hook"
• Previous message: Seth Arnold: "Re: quotactl hook"
• Next in thread: Chris Wright: "Re: [PATCH] Bug fix for file alloc_security hook call"
• Reply: Chris Wright: "Re: [PATCH] Bug fix for file alloc_security hook call"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Sep 05 2001 - 13:27:47 PDT