diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2008-11-01 09:50:38 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-11-01 09:50:38 -0700 |
commit | 0a6d2fac615972142715d736289abeeb7382e81d (patch) | |
tree | 828bd68949a5d4dd3a958c2be215695170b9b29c | |
parent | 76f8bef0db031f03bf286c8bbccfaf83f0b22224 (diff) | |
parent | 37dd0bd04a3240d2922786d501e2f12cec858fbf (diff) | |
download | linux-0a6d2fac615972142715d736289abeeb7382e81d.tar.bz2 |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6:
SELinux: properly handle empty tty_files list
-rw-r--r-- | security/selinux/hooks.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 3e3fde7c1d2b..f85597a4d733 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2126,14 +2126,16 @@ static inline void flush_unauthorized_files(struct files_struct *files) tty = get_current_tty(); if (tty) { file_list_lock(); - file = list_entry(tty->tty_files.next, typeof(*file), f_u.fu_list); - if (file) { + if (!list_empty(&tty->tty_files)) { + struct inode *inode; + /* Revalidate access to controlling tty. Use inode_has_perm on the tty inode directly rather than using file_has_perm, as this particular open file may belong to another process and we are only interested in the inode-based check here. */ - struct inode *inode = file->f_path.dentry->d_inode; + file = list_first_entry(&tty->tty_files, struct file, f_u.fu_list); + inode = file->f_path.dentry->d_inode; if (inode_has_perm(current, inode, FILE__READ | FILE__WRITE, NULL)) { drop_tty = 1; |