From: Greg Kroah-Hartman <gregkh@suse.de>
Date: Wed, 26 Apr 2006 17:31:14 +0000 (-0700)
Subject: add lsm patch
X-Git-Tag: v2.6.16.12~5^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=48b9bb6be4e97890a9c69ce4c11c7309dcbab18e;p=thirdparty%2Fkernel%2Fstable-queue.git

add lsm patch
---

diff --git a/queue-2.6.16/lsm-add-missing-hook-to-do_compat_readv_writev.patch b/queue-2.6.16/lsm-add-missing-hook-to-do_compat_readv_writev.patch
new file mode 100644
index 00000000000..00d0da26359
--- /dev/null
+++ b/queue-2.6.16/lsm-add-missing-hook-to-do_compat_readv_writev.patch
@@ -0,0 +1,40 @@
+From git-commits-head-owner@vger.kernel.org Wed Apr 26 08:11:31 2006
+Date: Wed, 26 Apr 2006 15:11:00 GMT
+Message-Id: <200604261511.k3QFB0R8000610@hera.kernel.org>
+From: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
+To: git-commits-head@vger.kernel.org
+Subject: LSM: add missing hook to do_compat_readv_writev()
+
+From: James Morris <jmorris@namei.org>
+
+This patch addresses a flaw in LSM, where there is no mediation of readv()
+and writev() in for 32-bit compatible apps using a 64-bit kernel.
+
+This bug was discovered and fixed initially in the native readv/writev
+code [1], but was not fixed in the compat code.  Thanks to Al for spotting
+this one.
+
+  [1] http://lwn.net/Articles/154282/
+
+Signed-off-by: James Morris <jmorris@namei.org>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/compat.c |    4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- linux-2.6.16.11.orig/fs/compat.c
++++ linux-2.6.16.11/fs/compat.c
+@@ -1215,6 +1215,10 @@ static ssize_t compat_do_readv_writev(in
+ 	if (ret < 0)
+ 		goto out;
+ 
++	ret = security_file_permission(file, type == READ ? MAY_READ:MAY_WRITE);
++	if (ret)
++		goto out;
++
+ 	fnv = NULL;
+ 	if (type == READ) {
+ 		fn = file->f_op->read;
diff --git a/queue-2.6.16/series b/queue-2.6.16/series
index bf26420d3d3..8e39fdf370e 100644
--- a/queue-2.6.16/series
+++ b/queue-2.6.16/series
@@ -15,3 +15,4 @@ simplify-proc-devices-and-fix-early-termination-regression.patch
 fix-reiserfs-deadlock.patch
 altix-snsc-duplicate-kobject-fix.patch
 alpha-strncpy-fix.patch
+lsm-add-missing-hook-to-do_compat_readv_writev.patch