| Message ID | 20250326103819.93387-1-cgoettsche@seltendoof.de (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [RFC] selinux: rename io_uring permission to match syscall | expand |
On Wed, Mar 26, 2025 at 6:38 AM Christian Göttsche <cgoettsche@seltendoof.de> wrote: > > From: Christian Göttsche <cgzones@googlemail.com> > > Commit c6ad9fdbd44b ("io_uring,lsm,selinux: add LSM hooks for > io_uring_setup()") introduced the LSM hook `uring_allowed` and > implemented it in SELinux via a new `io_uring` class permission > `allowed`. Rename the permission to `setup` since most permission verbs > are named after the corresponding syscall ... Some permissions are named after a syscall, but there are also a number that are not. I believe "allowed" is the right choice here as it better reflects the intent of the permission. As an aside, the original draft of this patch was sent to the lists back in late December and the final revision was merged in early February before going up to Linus a few days ago. While I maintain that "allowed" is the better choice, the proper time to raise your concerns would have been during the past few months, not now. > ... in this case > io_uring_setup(2), and avoid confusing policy rules with an allow > keyword and an allowed permission. > > Fixes: c6ad9fdbd44b ("io_uring,lsm,selinux: add LSM hooks for io_uring_setup()") > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > Note: this patch targets torvalds/master > --- > security/selinux/hooks.c | 2 +- > security/selinux/include/classmap.h | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > index 7150c953fec3..bcc66dea8bdc 100644 > --- a/security/selinux/hooks.c > +++ b/security/selinux/hooks.c > @@ -7188,7 +7188,7 @@ static int selinux_uring_allowed(void) > { > u32 sid = current_sid(); > > - return avc_has_perm(sid, sid, SECCLASS_IO_URING, IO_URING__ALLOWED, > + return avc_has_perm(sid, sid, SECCLASS_IO_URING, IO_URING__SETUP, > NULL); > } > #endif /* CONFIG_IO_URING */ > diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h > index 04a9b480885e..49fb584f2056 100644 > --- a/security/selinux/include/classmap.h > +++ b/security/selinux/include/classmap.h > @@ -179,7 +179,7 @@ const struct security_class_mapping secclass_map[] = { > { "perf_event", > { "open", "cpu", "kernel", "tracepoint", "read", "write", NULL } }, > { "anon_inode", { COMMON_FILE_PERMS, NULL } }, > - { "io_uring", { "override_creds", "sqpoll", "cmd", "allowed", NULL } }, > + { "io_uring", { "override_creds", "sqpoll", "cmd", "setup", NULL } }, > { "user_namespace", { "create", NULL } }, > /* last one */ { NULL, {} } > }; > -- > 2.49.0
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7150c953fec3..bcc66dea8bdc 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7188,7 +7188,7 @@ static int selinux_uring_allowed(void) { u32 sid = current_sid(); - return avc_has_perm(sid, sid, SECCLASS_IO_URING, IO_URING__ALLOWED, + return avc_has_perm(sid, sid, SECCLASS_IO_URING, IO_URING__SETUP, NULL); } #endif /* CONFIG_IO_URING */ diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index 04a9b480885e..49fb584f2056 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -179,7 +179,7 @@ const struct security_class_mapping secclass_map[] = { { "perf_event", { "open", "cpu", "kernel", "tracepoint", "read", "write", NULL } }, { "anon_inode", { COMMON_FILE_PERMS, NULL } }, - { "io_uring", { "override_creds", "sqpoll", "cmd", "allowed", NULL } }, + { "io_uring", { "override_creds", "sqpoll", "cmd", "setup", NULL } }, { "user_namespace", { "create", NULL } }, /* last one */ { NULL, {} } };