From 51d59af26fe81967e0d7ec92bd9381d3b26434f3 Mon Sep 17 00:00:00 2001 From: Casey Schaufler Date: Wed, 31 May 2017 08:53:42 -0700 Subject: Smack: Safer check for a socket in file_receive The check of S_ISSOCK() in smack_file_receive() is not appropriate if the passed descriptor is a socket. Reported-by: Stephen Smalley Signed-off-by: Casey Schaufler --- security/smack/smack_lsm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security/smack/smack_lsm.c') diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 658f5d8c7e76..463af86812c7 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1915,7 +1915,7 @@ static int smack_file_receive(struct file *file) smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH); smk_ad_setfield_u_fs_path(&ad, file->f_path); - if (S_ISSOCK(inode->i_mode)) { + if (inode->i_sb->s_magic == SOCKFS_MAGIC) { sock = SOCKET_I(inode); ssp = sock->sk->sk_security; tsp = current_security(); -- cgit v1.2.3