review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Luis Chamberlain <mcgrof@kernel.org>
	Fri, 15 Jul 2022 19:16:22 +0000 (12:16 -0700)
committer	Paul Moore <paul@paul-moore.com>
	Fri, 26 Aug 2022 15:19:43 +0000 (11:19 -0400)
commit	2a5840124009f133bd09fd855963551fb2cefe22
tree	a5d4322412e3fb7e7b372039fca8fbf6841a8893	tree \| snapshot
parent	568035b01cfb107af8d2e4bd2fb9aea22cf5b868	commit \| diff

lsm,io_uring: add LSM hooks for the new uring_cmd file op

io-uring cmd support was added through ee692a21e9bf ("fs,io_uring:
add infrastructure for uring-cmd"), this extended the struct
file_operations to allow a new command which each subsystem can use
to enable command passthrough. Add an LSM specific for the command
passthrough which enables LSMs to inspect the command details.

This was discussed long ago without no clear pointer for something
conclusive, so this enables LSMs to at least reject this new file
operation.

[0] https://lkml.kernel.org/r/8adf55db-7bab-f59d-d612-ed906b948d19@schaufler-ca.com

Cc: stable@vger.kernel.org
Fixes: ee692a21e9bf ("fs,io_uring: add infrastructure for uring-cmd")
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
Acked-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/lsm_hook_defs.h		diff \| blob \| history
include/linux/lsm_hooks.h		diff \| blob \| history
include/linux/security.h		diff \| blob \| history
io_uring/uring_cmd.c		diff \| blob \| history
security/security.c		diff \| blob \| history