From: David P. Quigley <dpquigl@xxxxxxxxxxxxx> Revalidate the write permissions for fallocate(2), in case security policy has changed since the files were opened. Signed-off-by: David P. Quigley <dpquigl@xxxxxxxxxxxxx> fs/open.c | 3 +++ 1 file changed, 3 insertions(+) diff -uprN -X linux-2.6.22/Documentation/dontdiff linux-2.6.22-fallocate/fs/open.c linux-2.6.22-fallocate-selinux/fs/open.c --- linux-2.6.22-fallocate/fs/open.c 2007-07-11 15:51:10.000000000 -0400 +++ linux-2.6.22-fallocate-selinux/fs/open.c 2007-07-11 16:10:43.000000000 -0400 @@ -411,6 +411,9 @@ asmlinkage long sys_fallocate(int fd, in goto out; if (!(file->f_mode & FMODE_WRITE)) goto out_fput; + ret = security_file_permission(file, MAY_WRITE); + if (ret) + goto out_fput; inode = file->f_path.dentry->d_inode; - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
