diff options
author | Luis Chamberlain <mcgrof@kernel.org> | 2022-07-15 21:16:22 +0200 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2022-08-26 17:19:43 +0200 |
commit | 2a5840124009f133bd09fd855963551fb2cefe22 (patch) | |
tree | a5d4322412e3fb7e7b372039fca8fbf6841a8893 /security/security.c | |
parent | Linux 6.0-rc1 (diff) | |
download | linux-2a5840124009f133bd09fd855963551fb2cefe22.tar.xz linux-2a5840124009f133bd09fd855963551fb2cefe22.zip |
lsm,io_uring: add LSM hooks for the new uring_cmd file op
io-uring cmd support was added through ee692a21e9bf ("fs,io_uring:
add infrastructure for uring-cmd"), this extended the struct
file_operations to allow a new command which each subsystem can use
to enable command passthrough. Add an LSM specific for the command
passthrough which enables LSMs to inspect the command details.
This was discussed long ago without no clear pointer for something
conclusive, so this enables LSMs to at least reject this new file
operation.
[0] https://lkml.kernel.org/r/8adf55db-7bab-f59d-d612-ed906b948d19@schaufler-ca.com
Cc: stable@vger.kernel.org
Fixes: ee692a21e9bf ("fs,io_uring: add infrastructure for uring-cmd")
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
Acked-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/security.c')
-rw-r--r-- | security/security.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c index 14d30fec8a00..4b95de24bc8d 100644 --- a/security/security.c +++ b/security/security.c @@ -2660,4 +2660,8 @@ int security_uring_sqpoll(void) { return call_int_hook(uring_sqpoll, 0); } +int security_uring_cmd(struct io_uring_cmd *ioucmd) +{ + return call_int_hook(uring_cmd, 0, ioucmd); +} #endif /* CONFIG_IO_URING */ |