Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 29ce2058 authored by James Morris's avatar James Morris Committed by Jens Axboe
Browse files

security: revalidate rw permissions for sys_splice and sys_vmsplice 



Revalidate read/write permissions for splice(2) and vmslice(2), in case
security policy has changed since the files were opened.

Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
Signed-off-by: default avatarJens Axboe <jens.axboe@oracle.com>
parent d3f35d98

fs/splice.c

+9 −0
Original line number Diff line number Diff line
@@ -28,6 +28,7 @@ 
#include <linux/module.h>

#include <linux/syscalls.h>

#include <linux/uio.h>

#include <linux/security.h>



/*

 * Attempt to steal a page from a pipe buffer. This should perhaps go into
@@ -961,6 +962,10 @@ static long do_splice_from(struct pipe_inode_info *pipe, struct file *out, 
	if (unlikely(ret < 0))

		return ret;



	ret = security_file_permission(out, MAY_WRITE);

	if (unlikely(ret < 0))

		return ret;



	return out->f_op->splice_write(pipe, out, ppos, len, flags);

}
@@ -983,6 +988,10 @@ static long do_splice_to(struct file *in, loff_t *ppos, 
	if (unlikely(ret < 0))

		return ret;



	ret = security_file_permission(in, MAY_READ);

	if (unlikely(ret < 0))

		return ret;



	return in->f_op->splice_read(in, ppos, pipe, len, flags);

}