lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f4efd956-ebe9-4a02-8b98-b80e16db95af@kernel.dk>
Date: Fri, 7 Feb 2025 14:54:56 -0700
From: Jens Axboe <axboe@...nel.dk>
To: Paul Moore <paul@...l-moore.com>,
 Hamza Mahfooz <hamzamahfooz@...ux.microsoft.com>
Cc: James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>,
 Pavel Begunkov <asml.silence@...il.com>,
 Stephen Smalley <stephen.smalley.work@...il.com>,
 Ondrej Mosnacek <omosnace@...hat.com>, Thiébaud Weksteen
 <tweek@...gle.com>, Christian Göttsche
 <cgzones@...glemail.com>, Bram Bonné
 <brambonne@...gle.com>, Masahiro Yamada <masahiroy@...nel.org>,
 linux-security-module@...r.kernel.org, io-uring@...r.kernel.org,
 selinux@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 1/2] io_uring: refactor io_uring_allowed()

On 2/7/25 2:42 PM, Paul Moore wrote:
> On Jan 27, 2025 Hamza Mahfooz <hamzamahfooz@...ux.microsoft.com> wrote:
>>
>> Have io_uring_allowed() return an error code directly instead of
>> true/false. This is needed for follow-up work to guard io_uring_setup()
>> with LSM.
>>
>> Cc: Jens Axboe <axboe@...nel.dk>
>> Signed-off-by: Hamza Mahfooz <hamzamahfooz@...ux.microsoft.com>
>> ---
>>  io_uring/io_uring.c | 21 ++++++++++++++-------
>>  1 file changed, 14 insertions(+), 7 deletions(-)
>>
>> diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
>> index 7bfbc7c22367..c2d8bd4c2cfc 100644
>> --- a/io_uring/io_uring.c
>> +++ b/io_uring/io_uring.c
>> @@ -3789,29 +3789,36 @@ static long io_uring_setup(u32 entries, struct io_uring_params __user *params)
>>  	return io_uring_create(entries, &p, params);
>>  }
>>  
>> -static inline bool io_uring_allowed(void)
>> +static inline int io_uring_allowed(void)
>>  {
>>  	int disabled = READ_ONCE(sysctl_io_uring_disabled);
>>  	kgid_t io_uring_group;
>>  
>>  	if (disabled == 2)
>> -		return false;
>> +		return -EPERM;
>>  
>>  	if (disabled == 0 || capable(CAP_SYS_ADMIN))
>> -		return true;
>> +		goto allowed_lsm;
> 
> I'd probably just 'return 0;' here as the "allowed_lsm" goto label
> doesn't make a lot of sense until patch 2/2, but otherwise this
> looks okay to me.

Agree, get rid of this unnecessary goto.

> Jens, are you okay with this patch?  If yes, can we get an ACK from you?

With that change, yep I'm fine with both of these and you can add my
acked-by to them.

-- 
Jens Axboe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ