[PATCH v12 1/9] security: Introduce ENOFILEOPS return value for IOCTL hooks
Günther Noack
gnoack at google.com
Mon Mar 25 14:28:19 UTC 2024
On Mon, Mar 25, 2024 at 01:39:56PM +0000, Günther Noack wrote:
> diff --git a/include/linux/security.h b/include/linux/security.h
> index d0eb20f90b26..b769dc888d07 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -248,6 +248,12 @@ static const char * const kernel_load_data_str[] = {
> __kernel_read_file_id(__data_id_stringify)
> };
>
> +/*
> + * Returned by security_file_ioctl and security_file_ioctl_compat to indicate
> + * that the IOCTL request may not be dispatched to the file's f_ops IOCTL impl.
> + */
> +#define ENOFILEOPS 532
FYI, the thinking here was:
* I could not find an existing error code that seemed to have a similar meaning,
which we could reuse.
* At the same time, the meaning of this error code is so special that the approach
of adding it to kernel-private codes in include/linux/errno.h also seemed wrong.
* The number 532 is just one higher than the highest code in include/linux/errno.h
Suggestions welcome :)
—Günther
More information about the Linux-security-module-archive
mailing list