On Tue, Aug 23, 2022 at 9:33 AM Jens Axboe <axboe@xxxxxxxxx> wrote: > On 8/23/22 12:51 AM, Greg Kroah-Hartman wrote: > > On Mon, Aug 22, 2022 at 05:21:19PM -0400, Paul Moore wrote: > >> This patch adds support for the io_uring command pass through, aka > >> IORING_OP_URING_CMD, to the /dev/null driver. As with all of the > >> /dev/null functionality, the implementation is just a simple sink > >> where commands go to die, but it should be useful for developers who > >> need a simple IORING_OP_URING_CMD test device that doesn't require > >> any special hardware. > >> > >> Cc: Arnd Bergmann <arnd@xxxxxxxx> > >> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> > >> Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> > >> --- > >> drivers/char/mem.c | 6 ++++++ > >> 1 file changed, 6 insertions(+) > >> > >> diff --git a/drivers/char/mem.c b/drivers/char/mem.c > >> index 84ca98ed1dad..32a932a065a6 100644 > >> --- a/drivers/char/mem.c > >> +++ b/drivers/char/mem.c > >> @@ -480,6 +480,11 @@ static ssize_t splice_write_null(struct pipe_inode_info *pipe, struct file *out, > >> return splice_from_pipe(pipe, out, ppos, len, flags, pipe_to_null); > >> } > >> > >> +static int uring_cmd_null(struct io_uring_cmd *ioucmd, unsigned int issue_flags) > >> +{ > >> + return 0; > > > > If a callback just returns 0, that implies it is not needed at all and > > can be removed and then you are back at the original file before your > > commit :) > > In theory you are correct, but the empty hook is needed so that > submitting an io_uring cmd to the file type is attempted. If not it's > just errored upfront. > > Paul, is it strictly needed to test the selinux uring cmd policy? If the > operation would've been attempted but null doesn't support it, you'd get > -1/EOPNOTSUPP - and supposedly you'd get EACCES/EPERM or something if > it's filtered? I haven't built a kernel without this patch to test, but yes, you are probably correct that it wouldn't be strictly necessary, but considering the extreme simplicity of this addition, what is the real harm here? Wouldn't it be nice to have a rather simple IORING_OP_URING_CMD target? Also, just so we are clear, I didn't mark this patch with the stable/fixes tags because I don't believe this should go into -stable; while I believe it is a nice addition, it is definitely not critical. -- paul-moore.com