[PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op

Greg Kroah-Hartman gregkh at linuxfoundation.org
Tue Aug 23 06:53:48 UTC 2022


On Mon, Aug 22, 2022 at 05:21:07PM -0400, Paul Moore wrote:
> From: Luis Chamberlain <mcgrof at kernel.org>
> 
> io-uring cmd support was added through ee692a21e9bf ("fs,io_uring:
> add infrastructure for uring-cmd"), this extended the struct
> file_operations to allow a new command which each subsystem can use
> to enable command passthrough. Add an LSM specific for the command
> passthrough which enables LSMs to inspect the command details.
> 
> This was discussed long ago without no clear pointer for something
> conclusive, so this enables LSMs to at least reject this new file
> operation.
> 
> [0] https://lkml.kernel.org/r/8adf55db-7bab-f59d-d612-ed906b948d19@schaufler-ca.com
> 
> Fixes: ee692a21e9bf ("fs,io_uring: add infrastructure for uring-cmd")

You are not "fixing" anything, you are adding new functionality.
Careful with using "Fixes:" for something like this, you will trigger
the bug-detection scripts and have to fend off stable bot emails for a
long time for stuff that should not be backported to stable trees.

thanks,

greg k-h



More information about the Linux-security-module-archive mailing list