[v5.19.y PATCH 0/3] Backport the io_uring/LSM CMD passthrough controls

Paul Moore paul at paul-moore.com
Tue Sep 6 21:03:36 UTC 2022


The stable patch merging tools failed to automatically merge the
io_uring/LSM CMD passthrough controls into the stable v5.19.y branch,
so I'm doing the backport manually and submitting them directly to
stable for the next v5.19.y release.  The backport is necessary due
to the reorg/decomposition of the io_uring code in io_uring/ during
the v5.19->v6.0 merge window.  Other than the differences in the
filenames under io_uring, the code changes are pretty much the same.

I've done some basic sanity testing this afternoon with these
patches and everything looks good to me.

If you would prefer to pull these directly from a git tree instead
of email, they are available via the LSM tree on the stable-5.19
branch, using the lsm-pr-20220906 tag.

  git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git
        lsm-pr-20220906

---

Paul Moore (3):
      lsm,io_uring: add LSM hooks for the new uring_cmd file op
      selinux: implement the security_uring_cmd() LSM hook
      Smack: Provide read control for io_uring_cmd


 include/linux/lsm_hook_defs.h       |  1 +
 include/linux/lsm_hooks.h           |  3 +++
 include/linux/security.h            |  5 +++++
 io_uring/io_uring.c                 |  4 ++++
 security/security.c                 |  4 ++++
 security/selinux/hooks.c            | 24 ++++++++++++++++++++++
 security/selinux/include/classmap.h |  2 +-
 security/smack/smack_lsm.c          | 32 +++++++++++++++++++++++++++++
 8 files changed, 74 insertions(+), 1 deletion(-)



More information about the Linux-security-module-archive mailing list