diff --git a/fs/read_write.c b/fs/read_write.c
index 04904f7fa206e75a34d87368bfd60335f4f68f82..bcdf304115e630739ac9d1b2ece6794d0ed1273f 100644
--- a/fs/read_write.c
+++ b/fs/read_write.c
@@ -535,6 +535,10 @@ static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos,
 	if (retval)
 		goto fput_in;
 
+	retval = security_file_permission (in_file, MAY_READ);
+	if (retval)
+		goto fput_in;
+
 	/*
 	 * Get output file, and verify that it is ok..
 	 */
@@ -556,6 +560,10 @@ static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos,
 	if (retval)
 		goto fput_out;
 
+	retval = security_file_permission (out_file, MAY_WRITE);
+	if (retval)
+		goto fput_out;
+
 	if (!ppos)
 		ppos = &in_file->f_pos;