On Mon, Jan 27, 2025 at 12:18 PM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > On 1/27/2025 7:57 AM, Hamza Mahfooz wrote: > > It is desirable to allow LSM to configure accessibility to io_uring > > because it is a coarse yet very simple way to restrict access to it. So, > > add an LSM for io_uring_allowed() to guard access to io_uring. > > I don't like this at all at all. It looks like you're putting in a hook > so that io_uring can easily deflect any responsibility for safely > interacting with LSMs. That's not how this works Casey, unless you're seeing something different? This is an additional access control point for io_uring, largely to simplify what a LSM would need to do to help control a process' access to io_uring, it does not replace any of the io_uring LSM hooks or access control points. -- paul-moore.com
