This patch restores the LSM hook calls in sendfile to 2.5.59. The hook was previously added as of 2.5.29 but the hook calls in sendfile were subsequently lost as a result of the sendfile rewrite as of 2.5.30. If anyone has any objections to this change, please let me know. read_write.c | 8 ++++++++ 1 files changed, 8 insertions(+) ----- ===== fs/read_write.c 1.25 vs edited ===== --- 1.25/fs/read_write.c Sat Dec 14 18:19:55 2002 +++ edited/fs/read_write.c Wed Jan 22 15:21:04 2003 @@ -531,6 +531,10 @@ if (retval) goto fput_in; + retval = security_file_permission (in_file, MAY_READ); + if (retval) + goto fput_in; + /* * Get output file, and verify that it is ok.. */ @@ -545,6 +549,10 @@ goto fput_out; out_inode = out_file->f_dentry->d_inode; retval = locks_verify_area(FLOCK_VERIFY_WRITE, out_inode, out_file, out_file->f_pos, count); + if (retval) + goto fput_out; + + retval = security_file_permission (out_file, MAY_WRITE); if (retval) goto fput_out; -- Stephen Smalley, NSA sdsat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 12:43:30 PST