--- /dev/null
+From git-commits-head-owner@vger.kernel.org Wed Apr 26 08:11:31 2006
+Date: Wed, 26 Apr 2006 15:11:00 GMT
+Message-Id: <200604261511.k3QFB0R8000610@hera.kernel.org>
+From: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
+To: git-commits-head@vger.kernel.org
+Subject: LSM: add missing hook to do_compat_readv_writev()
+
+From: James Morris <jmorris@namei.org>
+
+This patch addresses a flaw in LSM, where there is no mediation of readv()
+and writev() in for 32-bit compatible apps using a 64-bit kernel.
+
+This bug was discovered and fixed initially in the native readv/writev
+code [1], but was not fixed in the compat code. Thanks to Al for spotting
+this one.
+
+ [1] http://lwn.net/Articles/154282/
+
+Signed-off-by: James Morris <jmorris@namei.org>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/compat.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- linux-2.6.16.11.orig/fs/compat.c
++++ linux-2.6.16.11/fs/compat.c
+@@ -1215,6 +1215,10 @@ static ssize_t compat_do_readv_writev(in
+ if (ret < 0)
+ goto out;
+
++ ret = security_file_permission(file, type == READ ? MAY_READ:MAY_WRITE);
++ if (ret)
++ goto out;
++
+ fnv = NULL;
+ if (type == READ) {
+ fn = file->f_op->read;
projects / thirdparty / kernel / stable-queue.git / commitdiff
