Commit dd937340 authored by Casey Schaufler's avatar Casey Schaufler Committed by Paul Moore

Smack: Provide read control for io_uring_cmd

Limit io_uring "cmd" options to files for which the caller has
Smack read access. There may be cases where the cmd option may
be closer to a write access than a read, but there is no way
to make that determination.

Cc: stable@vger.kernel.org
Fixes: ee692a21 ("fs,io_uring: add infrastructure for uring-cmd")
Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 70752795
......@@ -42,6 +42,7 @@
#include <linux/fs_context.h>
#include <linux/fs_parser.h>
#include <linux/watch_queue.h>
#include <linux/io_uring.h>
#include "smack.h"
#define TRANS_TRUE "TRUE"
......@@ -4732,6 +4733,36 @@ static int smack_uring_sqpoll(void)
return -EPERM;
}
/**
* smack_uring_cmd - check on file operations for io_uring
* @ioucmd: the command in question
*
* Make a best guess about whether a io_uring "command" should
* be allowed. Use the same logic used for determining if the
* file could be opened for read in the absence of better criteria.
*/
static int smack_uring_cmd(struct io_uring_cmd *ioucmd)
{
struct file *file = ioucmd->file;
struct smk_audit_info ad;
struct task_smack *tsp;
struct inode *inode;
int rc;
if (!file)
return -EINVAL;
tsp = smack_cred(file->f_cred);
inode = file_inode(file);
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_PATH);
smk_ad_setfield_u_fs_path(&ad, file->f_path);
rc = smk_tskacc(tsp, smk_of_inode(inode), MAY_READ, &ad);
rc = smk_bu_credfile(file->f_cred, file, MAY_READ, rc);
return rc;
}
#endif /* CONFIG_IO_URING */
struct lsm_blob_sizes smack_blob_sizes __lsm_ro_after_init = {
......@@ -4889,6 +4920,7 @@ static struct security_hook_list smack_hooks[] __lsm_ro_after_init = {
#ifdef CONFIG_IO_URING
LSM_HOOK_INIT(uring_override_creds, smack_uring_override_creds),
LSM_HOOK_INIT(uring_sqpoll, smack_uring_sqpoll),
LSM_HOOK_INIT(uring_cmd, smack_uring_cmd),
#endif
};
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment