From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.3 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 88A03C47088 for ; Wed, 26 May 2021 15:46:54 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C1A2A613D7 for ; Wed, 26 May 2021 15:46:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C1A2A613D7 Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=samba.org Authentication-Results: mail.kernel.org; spf=tempfail smtp.mailfrom=linux-audit-bounces@redhat.com Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-484-OfCL5GJsO22JjAF0QSAugw-1; Wed, 26 May 2021 11:46:50 -0400 X-MC-Unique: OfCL5GJsO22JjAF0QSAugw-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E0F06100747A; Wed, 26 May 2021 15:46:47 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 56A87101E249; Wed, 26 May 2021 15:46:47 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 898881800BB8; Wed, 26 May 2021 15:46:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 14QFPKQR003572 for ; Wed, 26 May 2021 11:25:20 -0400 Received: by smtp.corp.redhat.com (Postfix) id 8F1C6112D42D; Wed, 26 May 2021 15:25:20 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8B09B112D42A for ; Wed, 26 May 2021 15:25:17 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3FB261825066 for ; Wed, 26 May 2021 15:25:17 +0000 (UTC) Received: from hr2.samba.org (hr2.samba.org [144.76.82.148]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-198-pS6RRa8GPvmd1HBb8WFQSA-1; Wed, 26 May 2021 11:25:15 -0400 X-MC-Unique: pS6RRa8GPvmd1HBb8WFQSA-1 Received: from [127.0.0.2] (localhost [127.0.0.1]) by hr2.samba.org with esmtpsa (TLS1.3:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim) id 1llupc-0000TW-3O; Wed, 26 May 2021 14:48:24 +0000 To: Paul Moore , linux-security-module@vger.kernel.org, selinux@vger.kernel.org, linux-audit@redhat.com, io-uring@vger.kernel.org, linux-fsdevel@vger.kernel.org, Kumar Kartikeya Dwivedi , Jens Axboe , Alexander Viro References: <162163367115.8379.8459012634106035341.stgit@sifl> <162163382536.8379.3124023175473604584.stgit@sifl> From: Stefan Metzmacher Subject: Re: [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring Message-ID: <00bede98-1bea-e3bc-b0a6-f038dc75c08d@samba.org> Date: Wed, 26 May 2021 16:48:23 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: <162163382536.8379.3124023175473604584.stgit@sifl> X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: linux-audit@redhat.com X-Mailman-Approved-At: Wed, 26 May 2021 11:46:45 -0400 X-BeenThere: linux-audit@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Linux Audit Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi Paul, > #define CREATE_TRACE_POINTS > #include > @@ -6537,6 +6538,11 @@ static int io_init_req(struct io_ring_ctx *ctx, struct io_kiocb *req, > if (!req->work.creds) > return -EINVAL; > get_cred(req->work.creds); > + ret = security_uring_override_creds(req->work.creds); > + if (ret) { > + put_cred(req->work.creds); > + return ret; > + } Why are you calling this per requests, shouldn't this be done in io_register_personality()? I'm also not sure if this really gains anything as io_register_personality() only captures the value of get_current_cred(), so the process already has changed to the credentials (at least once for the io_uring_register(IORING_REGISTER_PERSONALITY) call). metze -- Linux-audit mailing list Linux-audit@redhat.com https://listman.redhat.com/mailman/listinfo/linux-audit