On Thu, Mar 7, 2024, at 13:15, Christian Brauner wrote: > On Wed, Mar 06, 2024 at 04:18:53PM +0100, Arnd Bergmann wrote: >> On Wed, Mar 6, 2024, at 14:47, Mickaël Salaün wrote: >> > >> > Arnd, Christian, Paul, are you OK with this new hook proposal? >> >> I think this sounds better. It would fit more closely into >> the overall structure of the ioctl handlers with their multiple >> levels, where below vfs_ioctl() calling into f_ops->unlocked_ioctl, >> you have the same structure for sockets and blockdev, and >> then additional levels below that and some weirdness for >> things like tty, scsi or cdrom. > > So an additional security hook called from tty, scsi, or cdrom? > And the original hook is left where it is right now? For the moment, I think adding another hook in vfs_ioctl() and the corresponding compat path would do what Mickaël wants. Beyond that, we could consider having hooks in socket and block ioctls if needed as they are easy to filter out based on inode->i_mode. The tty/scsi/cdrom hooks would be harder to do, let's assume for now that we don't need them. Arnd