On Tue, Mar 08, 2022 at 08:50:53PM +0530, Kanchan Joshi wrote:
> diff --git a/drivers/nvme/host/ioctl.c b/drivers/nvme/host/ioctl.c
> index 5c9cd9695519..1df270b47af5 100644
> --- a/drivers/nvme/host/ioctl.c
> +++ b/drivers/nvme/host/ioctl.c
> @@ -369,6 +469,33 @@ long nvme_ns_chr_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
> return __nvme_ioctl(ns, cmd, (void __user *)arg);
> }
>
> +static int nvme_ns_async_ioctl(struct nvme_ns *ns, struct io_uring_cmd *ioucmd)
> +{
> + int ret;
> +
> + BUILD_BUG_ON(sizeof(struct nvme_uring_cmd_pdu) > sizeof(ioucmd->pdu));
> +
> + switch (ioucmd->cmd_op) {
> + case NVME_IOCTL_IO64_CMD:
> + ret = nvme_user_cmd64(ns->ctrl, ns, NULL, ioucmd);
> + break;
> + default:
> + ret = -ENOTTY;
> + }
> +
> + if (ret >= 0)
> + ret = -EIOCBQUEUED;
> + return ret;
> +}
And here I think we'll need something like this:
diff --git a/drivers/nvme/host/ioctl.c b/drivers/nvme/host/ioctl.c
index ddb7e5864be6..83529adf130d 100644
--- a/drivers/nvme/host/ioctl.c
+++ b/drivers/nvme/host/ioctl.c
@@ -5,6 +5,7 @@
*/
#include <linux/ptrace.h> /* for force_successful_syscall_return */
#include <linux/nvme_ioctl.h>
+#include <linux/security.h>
#include "nvme.h"
/*
@@ -524,6 +525,11 @@ static int nvme_ns_async_ioctl(struct nvme_ns *ns, struct io_uring_cmd *ioucmd)
BUILD_BUG_ON(sizeof(struct nvme_uring_cmd_pdu) > sizeof(ioucmd->pdu));
+ ret = security_file_ioctl(ioucmd->file, ioucmd->cmd_op,
+ (unsigned long) ioucmd->cmd);
+ if (ret)
+ return ret;
+
switch (ioucmd->cmd_op) {
case NVME_IOCTL_IO64_CMD:
ret = nvme_user_cmd64(ns->ctrl, ns, NULL, ioucmd);
