From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5446EC43334 for ; Mon, 18 Jul 2022 17:12:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233747AbiGRRMo (ORCPT ); Mon, 18 Jul 2022 13:12:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35116 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233707AbiGRRMn (ORCPT ); Mon, 18 Jul 2022 13:12:43 -0400 Received: from sonic308-15.consmr.mail.ne1.yahoo.com (sonic308-15.consmr.mail.ne1.yahoo.com [66.163.187.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D361E2B625 for ; Mon, 18 Jul 2022 10:12:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1658164361; bh=xppzB0kxv5KtG37fv45GQbugTJkA94hzrsgf767sUGA=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From:Subject:Reply-To; b=Lj7anAlzLC03KVoF9tysKYMSjLdn8ebskxCp6rv7uu6uNGN5ojdsPMkUNcngoPAgCt1g+2Z99Gk46clWMLCfSTbDc00jqApzYzNEo7lXFFjg2fq+XPLXXQhThFeiokuFjYhu1/wD74hfPSbTyOxAUYPmOc4lIdxuMZiqHnAtmTUF0QFxMuEXJ8KOa2JYw2bcSjvQxUzmajqYOETe2Vc6excA+2YSDDlIjs8ZlhTzCvXYZE0plYQl141MYbGxMda07S6mtYK68nXwjlpV1Ve6PfSLMobCbvYq4xK5EKmO++QrYnZqghN/MfqOyMYmEJ61AgzVtk6vpe3n4wQubx07jw== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1658164361; bh=OfkCiPtmqP8Tk1RPckeS4qJX6EAdj9LC41Pg7PIeLe6=; h=X-Sonic-MF:Date:Subject:To:From:From:Subject; b=L00MNOtyUOMjbQ19v6sASagzA2jv+Qf1QoLde9jFOXMohbQZjg0J9QRtpOYbZ/diVCGlxO3B1S+iwHXxXUQtVbwxfI7KntwRIw9frHsS/1MXEcrTvronAbKyLEwwOEoxa9tIU2WPm+bAMDUAxNfIiKm8+0Y0hB0zut5KlqJAjxngs+6sXbJRGNgDaB8KOQAN5el9a0f2/evMh7kI1QX+PUbt8q47Z8EQBJqAFwF+Exfv1QEiVSHIKWXI/btt/fmDPpbAJ0ZK2lbOXmTDBk270ZJZQCnDi8/8nx2KI8JpfURGCuM2UTQvExPgWb/GPSxKcdnGsLV1fhMBqhYUamfSmQ== X-YMail-OSG: mIh5kRUVM1nxarMNoEbeBYqruHczFLbuKIy2dGsbvxHswfKSHBhiae.Q9NMAcCI Url2YXb7M25ckR57PrAuQh_dkxF1LhrrPVM38gi4g6ASMVYs6VfjhuqlJ6JrR1Z6cYS_rmSvgAYL M9qX2BzLsM8g4.2Us9o10jiUnuPnVVVrovIzeYp4rGMWRIqF3PGY2fRjxhxFjU24RA0A9Npf_.Wj GxqcZLf3RwrVcCfr9f30RVHlD2iYNwlFb6sEjrCvMoBM2xt3zEGfbJawVANpfoivT97_0.gmFHny 8PTGpHDBMc4YJNuclYAp6IPAthYJWZhBDD7_i.L5ssqNGGlxX8VspBhtYQ7vougufOo.IAMmKjtT 3cOQo_.SdD7YUu5flQ1bfJkX695D7OJlacXmYqcXkjoG_d2VR1xjbuvUWpSmiMf3l4MvzJQCFxyZ 15efGnJT9ewIjHfGAJ8odaBAsOSMheltBBUquBlB3p2s41FXBwitfwwVex0QiWZig8hoRW.ITonh OFGNxmxvgXTj7tl_HKk3pinX.8p454jp0xXCb.Jyuf2whJcdnSXnOfLzhXFEoU7EB1zjNP3x1zXW ZJB.sRDE6Fm7lIFKtu.YygJP8Py_AWUTaFzk28FdtVEwfREJtUvYMZnhQSl97HCML6toSVzl92V. 8hJbxEia4A_SThFLKEBf8RJ_Zc4m5KNK6wWTf4xPuz__MMP7FwlYSP6I7W_SnMq8fbKzYdPT_un. M_MvyJ.bO6DIzmpYH_Nt2HJwSwo_t6Z_nRM52vwerjyg8xfo.xXjfqjQ2Txe2KpQuKV.ccJEqCQu h1oriLmH3h3JQUGnekdnAbZtsQo_dr9nQe2cboloaHp9gWft4t1k9UtcXbBNA1LOEvc5OBU1i1Os e3T3dDSuCFsRkM5kSVcTSbxZgkv9J93cdjOZ6y19Y0_N80I6y9ncmmqF72xUChfLxDT7naEAyoZ_ 6Ph3GldXnNUQhQuattpRrxClna.P8tSq.AM0or9GKprjlF9kLkGYh9j984SyiozjtarfZ2KjiPs0 e1tc4bjXwXBT8MyY.A3JKLou6zbUcGiGIrSR_5phFhcLYpuRGfzaEn.pG7icsN8tv4rZGcrHM7tD cBLDovtOi1iHvkEByfwpQa_RGmYFHCzxXWdIwOT9yY6bIGC0c.alXlIgs92fLn6D1uZzanznFb5_ P42NF5bkSz_vORVeZ7_mzb1tOvXe5YJWGoSjTOeKaDjihcmupTdzIdkFRLsD14.G_qi3YaBQ_Uev vjMT78Bx_AT9SScWRsSodOQaQsV1COapBOQsw3Aiat2.KA.kpwuwqLxGLfDc.t7c_tkymWuExr3a Y78R96hjONPSL.cV9d3MIvmN_RCnaih0qK17SsiDvaqfIXCTdszwfqOO3fyfehnyLJcP1fZcoMCX SweaW9JSrZT4k0m8Jiy9Hn6QPSiOYl8B9pnKqdpoEPZaK_u6nr9bqN9kct0ekQCn1rrZXJoOlg56 E24qNVQ7o1V4iJuQdFnhIhHqPCA4QmLcG6yOi1vtp8QZcTdip9ruJK0.XH80QDeLAfhFpkr2wN0B X8A0SJC15RdqgSQ4CrayiilI6QMsRMNFp_cBQu3r03bw7T5goiTcvVCz.9PSjo768szPref2spCi xnWAfxEKgpNZrHwLuieymvISp5bvxTQeDIXKqNKAF3Z7nxh9UH1KIdpyMOODPOu_x_DNbfYPNr45 gkmTwJoYl9GOhHBuEE0d1cJnouMxrqWqjSa_4BAucHJXrMjCB_xBxvAsAJOqCcydfejbLgr6F8g6 nY2ACVhXNYdB6DTZK5k9BmuAUj56gqi8pX_aLTcTCtvC6V9zYVPZ8VWe0uzEWbLPDEwM2Ujn1b.h _izhZQKObUnVB5PwtX.Rp0DQ9EElHh_8UmpCDI6FuzaLnKdfy5g0_wAIfmi7H3yp6Mr5XFpWa_Gv IBbYGERhnsMSxtYIEhyG8aaaakHbhKfxjonTsFJYq0r4JHxWv1xK0YV601Hx0qFAFpVTJKuYYeAl OVPMXFXYrRYKTzEObAHSCnrMJSaDNixLJQxj97PRBw8O8dsqaOuDeeTfcvsoT_UoG.ig9zJrDJCR FYwzDo2ruK9NbyHs7JdU0NooIrK95qg2oomEn4svaFSvgFSyLjToDSoYzlRlv2eq9YziZ078.zIH 0J9219aF8l9qAGuZSQwEfVat02Lz47YNM4WyBcU2yGmb0m.ZXnJwUcGN3KlHV.CRHr1QbQYhu7Zs JHuYPnt.t1YkXiRKa5M4jOaseIFl7wR.7CfcMb10nBvD8m824G8TKpP0fih9uaNo2xPSHdPERXtJ 3tqFqLCO0l3edNZIa9w-- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic308.consmr.mail.ne1.yahoo.com with HTTP; Mon, 18 Jul 2022 17:12:41 +0000 Received: by hermes--production-gq1-56bb98dbc7-fxknz (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID 4dcb57f26f3bd08333e217284802ba60; Mon, 18 Jul 2022 17:12:37 +0000 (UTC) Message-ID: Date: Mon, 18 Jul 2022 10:12:35 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 Subject: Re: [PATCH v2] lsm,io_uring: add LSM hooks for the new uring_cmd file op Content-Language: en-US To: Paul Moore , Jens Axboe , Luis Chamberlain Cc: joshi.k@samsung.com, linux-security-module@vger.kernel.org, io-uring@vger.kernel.org, linux-nvme@lists.infradead.org, linux-block@vger.kernel.org, a.manzanares@samsung.com, javier@javigon.com, casey@schaufler-ca.com References: <20220715191622.2310436-1-mcgrof@kernel.org> From: Casey Schaufler In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Mailer: WebService/1.1.20407 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Precedence: bulk List-ID: X-Mailing-List: io-uring@vger.kernel.org On 7/15/2022 8:33 PM, Paul Moore wrote: > On Fri, Jul 15, 2022 at 3:52 PM Paul Moore wrote: >> On Fri, Jul 15, 2022 at 3:28 PM Jens Axboe wrote: >>> On 7/15/22 1:16 PM, Luis Chamberlain wrote: >>>> io-uring cmd support was added through ee692a21e9bf ("fs,io_uring: >>>> add infrastructure for uring-cmd"), this extended the struct >>>> file_operations to allow a new command which each subsystem can use >>>> to enable command passthrough. Add an LSM specific for the command >>>> passthrough which enables LSMs to inspect the command details. >>>> >>>> This was discussed long ago without no clear pointer for something >>>> conclusive, so this enables LSMs to at least reject this new file >>>> operation. >>> From an io_uring perspective, this looks fine to me. It may be easier if >>> I take this through my tree due to the moving of the files, or the >>> security side can do it but it'd have to then wait for merge window (and >>> post io_uring branch merge) to do so. Just let me know. If done outside >>> of my tree, feel free to add: > I forgot to add this earlier ... let's see how the timing goes, I > don't expect the LSM/Smack/SELinux bits to be ready and tested before > the merge window opens so I'm guessing this will not be an issue in > practice, but thanks for the heads-up. I have a patch that may or may not be appropriate. I ran the liburing tests without (additional) failures, but it looks like there isn't anything there testing uring_cmd. Do you have a test tucked away somewhere I can use? Thanks.