summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2021-02-01 19:33:52 -0500
committerPaul Moore <paul@paul-moore.com>2021-09-19 22:36:24 -0400
commit91a9ab7c942aaa40ac5957eebe71ddae30b2a49c (patch)
tree7ef48210cf7c83c59c79c517a23139eab940c6ec /fs
parent3a862cacf8670729b1ad8fc28e4f7e078f9c570c (diff)
downloadlinux-91a9ab7c942aaa40ac5957eebe71ddae30b2a49c.tar.gz
linux-91a9ab7c942aaa40ac5957eebe71ddae30b2a49c.tar.bz2
linux-91a9ab7c942aaa40ac5957eebe71ddae30b2a49c.zip
io_uring: convert io_uring to the secure anon inode interface
Converting io_uring's anonymous inode to the secure anon inode API enables LSMs to enforce policy on the io_uring anonymous inodes if they chose to do so. This is an important first step towards providing the necessary mechanisms so that LSMs can apply security policy to io_uring operations. Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/io_uring.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 388754b24785..56cc9aba0d01 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -10155,8 +10155,8 @@ static struct file *io_uring_get_file(struct io_ring_ctx *ctx)
return ERR_PTR(ret);
#endif
- file = anon_inode_getfile("[io_uring]", &io_uring_fops, ctx,
- O_RDWR | O_CLOEXEC);
+ file = anon_inode_getfile_secure("[io_uring]", &io_uring_fops, ctx,
+ O_RDWR | O_CLOEXEC, NULL);
#if defined(CONFIG_UNIX)
if (IS_ERR(file)) {
sock_release(ctx->ring_sock);