From: Chris Wright <chrisw@sous-sol.org>
Date: Wed, 26 Apr 2006 18:35:12 +0000 (-0700)
Subject: LSM patch for missing compat readv/writev hook, from jamesm
X-Git-Tag: v2.6.16.12~6
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=29c0d882b6908530f010a70d9d1850fe22b9b0af;p=thirdparty%2Fkernel%2Fstable-queue.git

LSM patch for missing compat readv/writev hook, from jamesm
---

diff --git a/queue-2.6.16/lsm-add-missing-hook-to-do_compat_readv_writev.patch b/queue-2.6.16/lsm-add-missing-hook-to-do_compat_readv_writev.patch
new file mode 100644
index 00000000000..95c1c0693e6
--- /dev/null
+++ b/queue-2.6.16/lsm-add-missing-hook-to-do_compat_readv_writev.patch
@@ -0,0 +1,39 @@
+From jmorris@namei.org  Wed Apr 26 10:51:36 2006
+Date: Wed, 26 Apr 2006 02:45:03 -0400 (EDT)
+From: James Morris <jmorris@namei.org>
+To: Linus Torvalds <torvalds@osdl.org>
+cc: Al Viro <viro@ftp.linux.org.uk>, Chris Wright <chrisw@sous-sol.org>,
+        Stephen Smalley <sds@tycho.nsa.gov>, linux-kernel@vger.kernel.org
+Subject: [PATCH] LSM: add missing hook to do_compat_readv_writev()
+
+This patch addresses a flaw in LSM, where there is no mediation of readv() 
+and writev() in for 32-bit compatible apps using a 64-bit kernel.
+
+This bug was discovered and fixed initially in the native readv/writev 
+code [1], but was not fixed in the compat code.  Thanks to Al for spotting 
+this one.
+
+Signed-off-by: James Morris <jmorris@namei.org> 
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+
+[1] http://lwn.net/Articles/154282/
+
+---
+
+ fs/compat.c |    4 ++++
+ 1 files changed, 4 insertions(+)
+
+--- linux-2.6.16.11.orig/fs/compat.c
++++ linux-2.6.16.11/fs/compat.c
+@@ -1215,6 +1215,10 @@ static ssize_t compat_do_readv_writev(in
+ 	if (ret < 0)
+ 		goto out;
+ 
++	ret = security_file_permission(file, type == READ ? MAY_READ:MAY_WRITE);
++	if (ret)
++		goto out;
++
+ 	fnv = NULL;
+ 	if (type == READ) {
+ 		fn = file->f_op->read;
diff --git a/queue-2.6.16/series b/queue-2.6.16/series
index bf26420d3d3..8e39fdf370e 100644
--- a/queue-2.6.16/series
+++ b/queue-2.6.16/series
@@ -15,3 +15,4 @@ simplify-proc-devices-and-fix-early-termination-regression.patch
 fix-reiserfs-deadlock.patch
 altix-snsc-duplicate-kobject-fix.patch
 alpha-strncpy-fix.patch
+lsm-add-missing-hook-to-do_compat_readv_writev.patch