security: revalidate rw permissions for sys_splice and sys_vmsplice Revalidate read/write permissions for splice(2) and vmslice(2), in case security policy has changed since the files were opened. Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>

commit: 29ce20586be54ceba49c55ae049541398cd2c416 [log] [tgz]
author: James Morris <jmorris@namei.org> Fri Jul 13 11:44:32 2007 +0200
committer: Jens Axboe <jens.axboe@oracle.com> Fri Jul 13 14:14:29 2007 +0200
tree: 5ac0ef4c9debefff4fdacfdebab481985eb7341a
parent: d3f35d98b3b87d2506289320375687c6e9bc53ed [diff] [blame]
diff --git a/fs/splice.c b/fs/splice.c
index ed2ce99..ef80822 100644
--- a/fs/splice.c
+++ b/fs/splice.c

@@ -28,6 +28,7 @@
 #include <linux/module.h>
 #include <linux/syscalls.h>
 #include <linux/uio.h>
+#include <linux/security.h>
 
 /*
  * Attempt to steal a page from a pipe buffer. This should perhaps go into
@@ -961,6 +962,10 @@
 	if (unlikely(ret < 0))
 		return ret;
 
+	ret = security_file_permission(out, MAY_WRITE);
+	if (unlikely(ret < 0))
+		return ret;
+
 	return out->f_op->splice_write(pipe, out, ppos, len, flags);
 }
 
@@ -983,6 +988,10 @@
 	if (unlikely(ret < 0))
 		return ret;
 
+	ret = security_file_permission(in, MAY_READ);
+	if (unlikely(ret < 0))
+		return ret;
+
 	return in->f_op->splice_read(in, ppos, pipe, len, flags);
 }
commit	29ce20586be54ceba49c55ae049541398cd2c416	[log] [tgz]
author	James Morris <jmorris@namei.org>	Fri Jul 13 11:44:32 2007 +0200
committer	Jens Axboe <jens.axboe@oracle.com>	Fri Jul 13 14:14:29 2007 +0200
tree	5ac0ef4c9debefff4fdacfdebab481985eb7341a
parent	d3f35d98b3b87d2506289320375687c6e9bc53ed [diff] [blame]