On 12/19/24 1:41 PM, Hamza Mahfooz wrote:
> diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
> index 06ff41484e29..0922bb0724c0 100644
> --- a/io_uring/io_uring.c
> +++ b/io_uring/io_uring.c
> @@ -3806,29 +3806,36 @@ static long io_uring_setup(u32 entries, struct io_uring_params __user *params)
> return io_uring_create(entries, &p, params);
> }
>
> -static inline bool io_uring_allowed(void)
> +static inline int io_uring_allowed(void)
> {
> int disabled = READ_ONCE(sysctl_io_uring_disabled);
> kgid_t io_uring_group;
>
> if (disabled == 2)
> - return false;
> + return -EPERM;
>
> if (disabled == 0 || capable(CAP_SYS_ADMIN))
> - return true;
> + goto allowed_lsm;
>
> io_uring_group = make_kgid(&init_user_ns, sysctl_io_uring_group);
> if (!gid_valid(io_uring_group))
> - return false;
> + return -EPERM;
> +
> + if (!in_group_p(io_uring_group))
> + return -EPERM;
>
> - return in_group_p(io_uring_group);
> +allowed_lsm:
> + return security_uring_allowed();
> }
>
> SYSCALL_DEFINE2(io_uring_setup, u32, entries,
> struct io_uring_params __user *, params)
> {
> - if (!io_uring_allowed())
> - return -EPERM;
> + int ret;
> +
> + ret = io_uring_allowed();
> + if (ret)
> + return ret;
>
> return io_uring_setup(entries, params);
> }
Please do a prep patch that makes io_uring_allowed() return the actual
error rather than true/false, then the rest of your patch can stand
alone.
--
Jens Axboe
