git.baikalelectronics.ru Git - kernel.git/commit

author	Luis Chamberlain <mcgrof@kernel.org>
	Fri, 15 Jul 2022 19:16:22 +0000 (12:16 -0700)
committer	Paul Moore <paul@paul-moore.com>
	Fri, 26 Aug 2022 15:19:43 +0000 (11:19 -0400)
commit	d774f8ba1b6e0de1e2bef0bd6f054e72a14adf6b
tree	a5d4322412e3fb7e7b372039fca8fbf6841a8893	tree \| snapshot
parent	3d7dcb2c5450a57f60c448f42be48fdfe456bfdf	commit \| diff

lsm,io_uring: add LSM hooks for the new uring_cmd file op

io-uring cmd support was added through 8c878aa3fcaf ("fs,io_uring:
add infrastructure for uring-cmd"), this extended the struct
file_operations to allow a new command which each subsystem can use
to enable command passthrough. Add an LSM specific for the command
passthrough which enables LSMs to inspect the command details.

This was discussed long ago without no clear pointer for something
conclusive, so this enables LSMs to at least reject this new file
operation.

[0] https://lkml.kernel.org/r/8adf55db-7bab-f59d-d612-ed906b948d19@schaufler-ca.com

Cc: stable@vger.kernel.org
Fixes: 8c878aa3fcaf ("fs,io_uring: add infrastructure for uring-cmd")
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
Acked-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/lsm_hook_defs.h		diff \| blob \| history
include/linux/lsm_hooks.h		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
io_uring/uring_cmd.c		diff \| blob \| history
security/security.c		diff \| blob \| history