[RFC][PATCH] Restore LSM hook calls to sendfile

From: Stephen D. Smalley (sdsat_private)
Date: Wed Jan 22 2003 - 12:50:22 PST

  • Next message: ¶«·½ ó»Î: "How to attach some config info permanently to a object?"

    This patch restores the LSM hook calls in sendfile to 2.5.59.  The hook
    was previously added as of 2.5.29 but the hook calls in sendfile were
    subsequently lost as a result of the sendfile rewrite as of 2.5.30.
    
    If anyone has any objections to this change, please let me know.
    
     read_write.c |    8 ++++++++
     1 files changed, 8 insertions(+)
    -----
    
    ===== fs/read_write.c 1.25 vs edited =====
    --- 1.25/fs/read_write.c	Sat Dec 14 18:19:55 2002
    +++ edited/fs/read_write.c	Wed Jan 22 15:21:04 2003
    @@ -531,6 +531,10 @@
     	if (retval)
     		goto fput_in;
     
    +	retval = security_file_permission (in_file, MAY_READ);
    +	if (retval)
    +		goto fput_in;
    +
     	/*
     	 * Get output file, and verify that it is ok..
     	 */
    @@ -545,6 +549,10 @@
     		goto fput_out;
     	out_inode = out_file->f_dentry->d_inode;
     	retval = locks_verify_area(FLOCK_VERIFY_WRITE, out_inode, out_file, out_file->f_pos, count);
    +	if (retval)
    +		goto fput_out;
    +
    +	retval = security_file_permission (out_file, MAY_WRITE);
     	if (retval)
     		goto fput_out;
     
    
    
    --
    Stephen Smalley, NSA
    sdsat_private
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 12:43:30 PST