[patch] Restore file_permission hook to sendfile

From: Stephen D. Smalley (sdsat_private)
Date: Wed Jan 22 2003 - 08:17:44 PST

  • Next message: Chris Wright: "Re: [patch] Restore file_permission hook to sendfile"

    This patch restores the file_permission hook calls in sendfile to the
    lsm-2.5 BitKeeper tree.  The hook calls were dropped from mainline 2.5
    from 2.5.29 to 2.5.30 when sendfile was rewritten.  If there are no
    objections, I'll commit this to the lsm-2.5 BitKeeper tree and then
    post the patch to linux-fsdevel and linux-kernel for consideration in
    mainline 2.5.
    
    Index: lsm-2.5/fs/read_write.c
    ===================================================================
    RCS file: /home/pal/CVS/lsm-2.5/fs/read_write.c,v
    retrieving revision 1.18
    diff -u -r1.18 read_write.c
    --- lsm-2.5/fs/read_write.c	27 Dec 2002 13:44:26 -0000	1.18
    +++ lsm-2.5/fs/read_write.c	22 Jan 2003 15:33:57 -0000
    @@ -531,6 +531,10 @@
     	if (retval)
     		goto fput_in;
     
    +	retval = security_file_permission (in_file, MAY_READ);
    +	if (retval)
    +		goto fput_in;
    +
     	/*
     	 * Get output file, and verify that it is ok..
     	 */
    @@ -545,6 +549,10 @@
     		goto fput_out;
     	out_inode = out_file->f_dentry->d_inode;
     	retval = locks_verify_area(FLOCK_VERIFY_WRITE, out_inode, out_file, out_file->f_pos, count);
    +	if (retval)
    +		goto fput_out;
    +
    +	retval = security_file_permission (out_file, MAY_WRITE);
     	if (retval)
     		goto fput_out;
     
    
    --
    Stephen Smalley, NSA
    sdsat_private
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 08:11:35 PST