[PATCH] lsm, io_uring: add LSM hooks to for the new uring_cmd file op
Casey Schaufler
casey at schaufler-ca.com
Fri Jul 15 21:16:35 UTC 2022
On 7/15/2022 1:00 PM, Jens Axboe wrote:
> I agree that it should've been part of the initial series. As mentioned
> above, I wasn't much apart of that earlier discussion in the series, and
> hence missed that it was missing. And as also mentioned, LSM isn't much
> on my radar as nobody I know uses it.
There are well over 6 Billion systems deployed in the wild that use LSM.
Every Android device. Every Samsung TV, camera and watch. Chromebooks.
Data centers. AWS. HPC. Statistically, a system that does not use LSM is
extremely rare. The only systems that *don't* use LSM are the ones hand
configured by Linux developers for their own use.
> This will cause oversights, even
> if they are unfortunate. My point is just that no ill intent should be
> assumed here.
I see no ill intent. And io_uring addresses an important issue.
It just needs to work for the majority of Linux systems, not just
the few that don't use LSM.
More information about the Linux-security-module-archive
mailing list