Paul Moore f4d653dcaa selinux: implement the security_uring_cmd() LSM hook ... Add a SELinux access control for the iouring IORING_OP_URING_CMD command. This includes the addition of a new permission in the existing "io_uring" object class: "cmd". The subject of the new permission check is the domain of the process requesting access, the object is the open file which points to the device/file that is the target of the IORING_OP_URING_CMD operation. A sample policy rule is shown below: allow <domain> <file>:io_uring { cmd }; Cc: stable@vger.kernel.org Fixes: ee692a21e9 ("fs,io_uring: add infrastructure for uring-cmd") Signed-off-by: Paul Moore <paul@paul-moore.com>		2022-08-26 11:19:43 -04:00
..
include	selinux: implement the security_uring_cmd() LSM hook	2022-08-26 11:19:43 -04:00
ss	selinux: Add boundary check in put_entry()	2022-06-14 21:52:37 -04:00
.gitignore
avc.c	selinux: declare data arrays const	2022-05-03 15:53:49 -04:00
hooks.c	selinux: implement the security_uring_cmd() LSM hook	2022-08-26 11:19:43 -04:00
ibpkey.c	selinux: various sparse fixes	2022-02-01 19:08:28 -05:00
ima.c	selinux/stable-5.18 PR 20220321	2022-03-21 20:47:54 -07:00
Kconfig
Makefile	selinux: include a consumer of the new IMA critical data hook	2021-01-14 23:41:46 -05:00
netif.c	selinux: remove unused global variables	2021-01-12 09:49:01 -05:00
netlabel.c	security: pass asoc to sctp_assoc_request and sctp_sk_clone	2021-11-03 11:09:20 +00:00
netlink.c	selinux: mark some global variables __ro_after_init	2021-01-12 10:08:55 -05:00
netnode.c	selinux: various sparse fixes	2022-02-01 19:08:28 -05:00
netport.c	selinux: various sparse fixes	2022-02-01 19:08:28 -05:00
nlmsgtab.c	selinux: resolve checkpatch errors	2022-05-03 13:59:15 -04:00
selinuxfs.c	selinux: don't sleep when CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE is true	2022-04-14 16:44:21 -04:00
status.c
xfrm.c	selinux: use correct type for context length	2022-02-18 10:45:54 -05:00