]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b8a468e) | patch
io_uring,lsm,selinux: add LSM hooks for io_uring_setup()
authorHamza Mahfooz <hamzamahfooz@linux.microsoft.com>
Mon, 27 Jan 2025 15:57:18 +0000 (10:57 -0500)
committerPaul Moore <paul@paul-moore.com>
Fri, 7 Feb 2025 22:17:49 +0000 (17:17 -0500)
commitc6ad9fdbd44b78f51fa50138247694774ab99e97
treee28a1056a83be8177af5db7c75959d431267bd1ctree
parentb8a468e0b0604a10e72ab7f55af0f931aac1d477commit | diff
io_uring,lsm,selinux: add LSM hooks for io_uring_setup()

It is desirable to allow LSM to configure accessibility to io_uring
because it is a coarse yet very simple way to restrict access to it. So,
add an LSM for io_uring_allowed() to guard access to io_uring.

Cc: Paul Moore <paul@paul-moore.com>
Signed-off-by: Hamza Mahfooz <hamzamahfooz@linux.microsoft.com>
Acked-by: Jens Axboe <axboe@kernel.dk>
[PM: merge fuzz due to changes in preceding patches, subj tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>
include/linux/lsm_hook_defs.h diff | blob | blame | history
include/linux/security.h diff | blob | blame | history
io_uring/io_uring.c diff | blob | blame | history
security/security.c diff | blob | blame | history
security/selinux/hooks.c diff | blob | blame | history
security/selinux/include/classmap.h diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git