diff options
| -rw-r--r-- | security/selinux/hooks.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 3e3fde7c1d2b..f85597a4d733 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
| @@ -2126,14 +2126,16 @@ static inline void flush_unauthorized_files(struct files_struct *files) | |||
| 2126 | tty = get_current_tty(); | 2126 | tty = get_current_tty(); |
| 2127 | if (tty) { | 2127 | if (tty) { |
| 2128 | file_list_lock(); | 2128 | file_list_lock(); |
| 2129 | file = list_entry(tty->tty_files.next, typeof(*file), f_u.fu_list); | 2129 | if (!list_empty(&tty->tty_files)) { |
| 2130 | if (file) { | 2130 | struct inode *inode; |
| 2131 | |||
| 2131 | /* Revalidate access to controlling tty. | 2132 | /* Revalidate access to controlling tty. |
| 2132 | Use inode_has_perm on the tty inode directly rather | 2133 | Use inode_has_perm on the tty inode directly rather |
| 2133 | than using file_has_perm, as this particular open | 2134 | than using file_has_perm, as this particular open |
| 2134 | file may belong to another process and we are only | 2135 | file may belong to another process and we are only |
| 2135 | interested in the inode-based check here. */ | 2136 | interested in the inode-based check here. */ |
| 2136 | struct inode *inode = file->f_path.dentry->d_inode; | 2137 | file = list_first_entry(&tty->tty_files, struct file, f_u.fu_list); |
| 2138 | inode = file->f_path.dentry->d_inode; | ||
| 2137 | if (inode_has_perm(current, inode, | 2139 | if (inode_has_perm(current, inode, |
| 2138 | FILE__READ | FILE__WRITE, NULL)) { | 2140 | FILE__READ | FILE__WRITE, NULL)) { |
| 2139 | drop_tty = 1; | 2141 | drop_tty = 1; |