release-2.6.22.y/2.6.22.22-op1/security-revalidate-rw-permissions-for-sys_splice-and-sys_vmsplice.patch

   1 From 8860dc8de1871c4478903b30e700ecf48e264a0e Mon Sep 17 00:00:00 2001
   2 From: James Morris <jmorris@namei.org>
   3 Date: Fri, 13 Jul 2007 11:44:32 +0200
   4 Subject: [PATCH] security: revalidate rw permissions for sys_splice and sys_vmsplice
   5
   6 git id: 29ce20586be54ceba49c55ae049541398cd2c416
   7
   8 Revalidate read/write permissions for splice(2) and vmslice(2), in case
   9 security policy has changed since the files were opened.
  10
  11 Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
  12 Signed-off-by: James Morris <jmorris@namei.org>
  13 Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
  14 Backported-by: Oliver Pinter <oliver.pntr@gmail.com>
  15 Signed-off-by: Oliver Pinter <oliver.pntr@gmail.com>
  16
  17 diff --git a/fs/splice.c b/fs/splice.c
  18 index 9aa7acb..3da87fe 100644
  19 --- a/fs/splice.c
  20 +++ b/fs/splice.c
  21 @@ -28,6 +28,7 @@
  22  #include <linux/module.h>
  23  #include <linux/syscalls.h>
  24  #include <linux/uio.h>
  25 +#include <linux/security.h>
  26
  27  struct partial_page {
  28         unsigned int offset;
  29 @@ -932,6 +933,10 @@ static long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
  30         if (unlikely(ret < 0))
  31                 return ret;
  32
  33 +       ret = security_file_permission(out, MAY_WRITE);
  34 +       if (unlikely(ret < 0))
  35 +               return ret;
  36 +
  37         return out->f_op->splice_write(pipe, out, ppos, len, flags);
  38  }
  39
  40 @@ -954,6 +959,10 @@ static long do_splice_to(struct file *in, loff_t *ppos,
  41         if (unlikely(ret < 0))
  42                 return ret;
  43
  44 +       ret = security_file_permission(in, MAY_READ);
  45 +       if (unlikely(ret < 0))
  46 +               return ret;
  47 +
  48         return in->f_op->splice_read(in, ppos, pipe, len, flags);
  49  }
  50