git.baikalelectronics.ru Git - kernel.git/commit

author	Luis Chamberlain <mcgrof@kernel.org>
	Fri, 15 Jul 2022 19:16:22 +0000 (12:16 -0700)
committer	Paul Moore <paul@paul-moore.com>
	Fri, 26 Aug 2022 15:19:43 +0000 (11:19 -0400)
commit	f8750392df2a2a5730240835d964fb128f4b7a6f
tree	a5d4322412e3fb7e7b372039fca8fbf6841a8893	tree \| snapshot
parent	34a3249ab33a1690f58cd6e91a0208887337d3e0	commit \| diff

lsm,io_uring: add LSM hooks for the new uring_cmd file op

io-uring cmd support was added through d795bbeb06e5 ("fs,io_uring:
add infrastructure for uring-cmd"), this extended the struct
file_operations to allow a new command which each subsystem can use
to enable command passthrough. Add an LSM specific for the command
passthrough which enables LSMs to inspect the command details.

This was discussed long ago without no clear pointer for something
conclusive, so this enables LSMs to at least reject this new file
operation.

[0] https://lkml.kernel.org/r/8adf55db-7bab-f59d-d612-ed906b948d19@schaufler-ca.com

Cc: stable@vger.kernel.org
Fixes: d795bbeb06e5 ("fs,io_uring: add infrastructure for uring-cmd")
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
Acked-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/lsm_hook_defs.h		diff \| blob \| history
include/linux/lsm_hooks.h		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
io_uring/uring_cmd.c		diff \| blob \| history
security/security.c		diff \| blob \| history