Annotation of /trunk/kernel26-magellan/patches-2.6.16-r12/0118-2.6.16.12-lsm.patch
Parent Directory | Revision Log
Revision 72 -
(hide annotations)
(download)
Mon Jun 5 09:25:38 2006 UTC (18 years, 3 months ago) by niro
File size: 1235 byte(s)
Mon Jun 5 09:25:38 2006 UTC (18 years, 3 months ago) by niro
File size: 1235 byte(s)
ver bump to 2.6.16-r12: - updated to linux-2.6.16.19 - updated to ck11
1 | niro | 72 | From: James Morris <jmorris@namei.org> |
2 | Date: Wed, 26 Apr 2006 15:11:00 +0000 (+0000) | ||
3 | Subject: [PATCH] LSM: add missing hook to do_compat_readv_writev() | ||
4 | X-Git-Url: http://www.kernel.org/git/?p=linux/kernel/git/stable/linux-2.6.16.y.git;a=commitdiff;h=9120b4470e2e57f196a0e470898ae628725fb4c2 | ||
5 | |||
6 | [PATCH] LSM: add missing hook to do_compat_readv_writev() | ||
7 | |||
8 | This patch addresses a flaw in LSM, where there is no mediation of readv() | ||
9 | and writev() in for 32-bit compatible apps using a 64-bit kernel. | ||
10 | |||
11 | This bug was discovered and fixed initially in the native readv/writev | ||
12 | code [1], but was not fixed in the compat code. Thanks to Al for spotting | ||
13 | this one. | ||
14 | |||
15 | [1] http://lwn.net/Articles/154282/ | ||
16 | |||
17 | Signed-off-by: James Morris <jmorris@namei.org> | ||
18 | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> | ||
19 | Signed-off-by: Linus Torvalds <torvalds@osdl.org> | ||
20 | Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | ||
21 | Signed-off-by: Chris Wright <chrisw@sous-sol.org> | ||
22 | --- | ||
23 | |||
24 | --- a/fs/compat.c | ||
25 | +++ b/fs/compat.c | ||
26 | @@ -1215,6 +1215,10 @@ static ssize_t compat_do_readv_writev(in | ||
27 | if (ret < 0) | ||
28 | goto out; | ||
29 | |||
30 | + ret = security_file_permission(file, type == READ ? MAY_READ:MAY_WRITE); | ||
31 | + if (ret) | ||
32 | + goto out; | ||
33 | + | ||
34 | fnv = NULL; | ||
35 | if (type == READ) { | ||
36 | fn = file->f_op->read; |