diff --git a/fs/read_write.c b/fs/read_write.c index 04904f7fa206e75a34d87368bfd60335f4f68f82..bcdf304115e630739ac9d1b2ece6794d0ed1273f 100644 --- a/fs/read_write.c +++ b/fs/read_write.c @@ -535,6 +535,10 @@ static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos, if (retval) goto fput_in; + retval = security_file_permission (in_file, MAY_READ); + if (retval) + goto fput_in; + /* * Get output file, and verify that it is ok.. */ @@ -556,6 +560,10 @@ static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos, if (retval) goto fput_out; + retval = security_file_permission (out_file, MAY_WRITE); + if (retval) + goto fput_out; + if (!ppos) ppos = &in_file->f_pos;