This patch restores the LSM hook calls in sendfile to 2.5.59. The hook
was previously added as of 2.5.29 but the hook calls in sendfile were
subsequently lost as a result of the sendfile rewrite as of 2.5.30.
If anyone has any objections to this change, please let me know.
read_write.c | 8 ++++++++
1 files changed, 8 insertions(+)
-----
===== fs/read_write.c 1.25 vs edited =====
--- 1.25/fs/read_write.c Sat Dec 14 18:19:55 2002
+++ edited/fs/read_write.c Wed Jan 22 15:21:04 2003
@@ -531,6 +531,10 @@
if (retval)
goto fput_in;
+ retval = security_file_permission (in_file, MAY_READ);
+ if (retval)
+ goto fput_in;
+
/*
* Get output file, and verify that it is ok..
*/
@@ -545,6 +549,10 @@
goto fput_out;
out_inode = out_file->f_dentry->d_inode;
retval = locks_verify_area(FLOCK_VERIFY_WRITE, out_inode, out_file, out_file->f_pos, count);
+ if (retval)
+ goto fput_out;
+
+ retval = security_file_permission (out_file, MAY_WRITE);
if (retval)
goto fput_out;
--
Stephen Smalley, NSA
[email protected]