Re: [RFC PATCH] selinux: rename io_uring permission to match syscall

From: Paul Moore
Date: Wed Mar 26 2025 - 10:58:03 EST

Next message: Sungjong Seo: "[PATCH] exfat: fix potential wrong error return from get_block"
Previous message: Ryan Roberts: "Re: [PATCH v3 03/11] mm/page_table_check: Batch-check pmds/puds just like ptes"
In reply to: Christian Göttsche: "[RFC PATCH] selinux: rename io_uring permission to match syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 26, 2025 at 6:38 AM Christian Göttsche
<cgoettsche@xxxxxxxxxxxxx> wrote:
>
> From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> Commit c6ad9fdbd44b ("io_uring,lsm,selinux: add LSM hooks for
> io_uring_setup()") introduced the LSM hook `uring_allowed` and
> implemented it in SELinux via a new `io_uring` class permission
> `allowed`. Rename the permission to `setup` since most permission verbs
> are named after the corresponding syscall ...

Some permissions are named after a syscall, but there are also a
number that are not. I believe "allowed" is the right choice here as
it better reflects the intent of the permission.

As an aside, the original draft of this patch was sent to the lists
back in late December and the final revision was merged in early
February before going up to Linus a few days ago. While I maintain
that "allowed" is the better choice, the proper time to raise your
concerns would have been during the past few months, not now.

> ... in this case
> io_uring_setup(2), and avoid confusing policy rules with an allow
> keyword and an allowed permission.
>
> Fixes: c6ad9fdbd44b ("io_uring,lsm,selinux: add LSM hooks for io_uring_setup()")
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> ---
> Note: this patch targets torvalds/master
> ---
> security/selinux/hooks.c | 2 +-
> security/selinux/include/classmap.h | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index 7150c953fec3..bcc66dea8bdc 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -7188,7 +7188,7 @@ static int selinux_uring_allowed(void)
> {
> u32 sid = current_sid();
>
> - return avc_has_perm(sid, sid, SECCLASS_IO_URING, IO_URING__ALLOWED,
> + return avc_has_perm(sid, sid, SECCLASS_IO_URING, IO_URING__SETUP,
> NULL);
> }
> #endif /* CONFIG_IO_URING */
> diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
> index 04a9b480885e..49fb584f2056 100644
> --- a/security/selinux/include/classmap.h
> +++ b/security/selinux/include/classmap.h
> @@ -179,7 +179,7 @@ const struct security_class_mapping secclass_map[] = {
> { "perf_event",
> { "open", "cpu", "kernel", "tracepoint", "read", "write", NULL } },
> { "anon_inode", { COMMON_FILE_PERMS, NULL } },
> - { "io_uring", { "override_creds", "sqpoll", "cmd", "allowed", NULL } },
> + { "io_uring", { "override_creds", "sqpoll", "cmd", "setup", NULL } },
> { "user_namespace", { "create", NULL } },
> /* last one */ { NULL, {} }
> };
> --
> 2.49.0

--
paul-moore.com

Next message: Sungjong Seo: "[PATCH] exfat: fix potential wrong error return from get_block"
Previous message: Ryan Roberts: "Re: [PATCH v3 03/11] mm/page_table_check: Batch-check pmds/puds just like ptes"
In reply to: Christian Göttsche: "[RFC PATCH] selinux: rename io_uring permission to match syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]