summaryrefslogtreecommitdiffstats
path: root/fs/io_uring.c
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2021-02-02 01:33:52 +0100
committerPaul Moore <paul@paul-moore.com>2021-09-20 04:36:24 +0200
commit91a9ab7c942aaa40ac5957eebe71ddae30b2a49c (patch)
tree7ef48210cf7c83c59c79c517a23139eab940c6ec /fs/io_uring.c
parentfs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure() (diff)
downloadlinux-91a9ab7c942aaa40ac5957eebe71ddae30b2a49c.tar.xz
linux-91a9ab7c942aaa40ac5957eebe71ddae30b2a49c.zip
io_uring: convert io_uring to the secure anon inode interface
Converting io_uring's anonymous inode to the secure anon inode API enables LSMs to enforce policy on the io_uring anonymous inodes if they chose to do so. This is an important first step towards providing the necessary mechanisms so that LSMs can apply security policy to io_uring operations. Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'fs/io_uring.c')
-rw-r--r--fs/io_uring.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 388754b24785..56cc9aba0d01 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -10155,8 +10155,8 @@ static struct file *io_uring_get_file(struct io_ring_ctx *ctx)
return ERR_PTR(ret);
#endif
- file = anon_inode_getfile("[io_uring]", &io_uring_fops, ctx,
- O_RDWR | O_CLOEXEC);
+ file = anon_inode_getfile_secure("[io_uring]", &io_uring_fops, ctx,
+ O_RDWR | O_CLOEXEC, NULL);
#if defined(CONFIG_UNIX)
if (IS_ERR(file)) {
sock_release(ctx->ring_sock);