IORING_OP_SENDMSG_ZC should enable auditing just like IORING_OP_SENDMSG
Jens Axboe
axboe at kernel.dk
Fri Oct 7 18:22:48 UTC 2022
On 10/7/22 11:34 AM, Paul Moore wrote:
> Commit 493108d95f14 ("io_uring/net: zerocopy sendmsg") added a new
> zerocopy sendmsg command to io_uring, but it enabled the
> io_op_def:audit_skip flag, causing the operation to bypass auditing.
> As far as I can see, the SENDMSG_ZC operation should be subject to
> auditing just as SENDMSG.
As far as I can tell you're right, it's not audited further down.
I'll add a patch getting rid of that audit_skip for SENDMSG_ZC.
--
Jens Axboe
More information about the Linux-security-module-archive
mailing list