summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2020-12-24 14:08:43 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2020-12-24 14:08:43 -0800
commit2f2fce3d535779cb1b0d77ce839029d5d875d4f4 (patch)
treedd067cfddc69455b0ad2a30a63f1d6ec48fed420
parent7a2fde8def1fffceda728d2441d7e69230478285 (diff)
parent942cb357ae7d9249088e3687ee6a00ed2745a0c7 (diff)
Merge tag 'Smack-for-5.11-io_uring-fix' of git://github.com/cschaufler/smack-next
Pull smack fix from Casey Schaufler: "Provide a fix for the incorrect handling of privilege in the face of io_uring's use of kernel threads. That invalidated an long standing assumption regarding the privilege of kernel threads. The fix is simple and safe. It was provided by Jens Axboe and has been tested" * tag 'Smack-for-5.11-io_uring-fix' of git://github.com/cschaufler/smack-next: Smack: Handle io_uring kernel thread privileges
-rw-r--r--security/smack/smack_access.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
index efe2406a3960..7eabb448acab 100644
--- a/security/smack/smack_access.c
+++ b/security/smack/smack_access.c
@@ -688,9 +688,10 @@ bool smack_privileged_cred(int cap, const struct cred *cred)
bool smack_privileged(int cap)
{
/*
- * All kernel tasks are privileged
+ * Kernel threads may not have credentials we can use.
+ * The io_uring kernel threads do have reliable credentials.
*/
- if (unlikely(current->flags & PF_KTHREAD))
+ if ((current->flags & (PF_KTHREAD | PF_IO_WORKER)) == PF_KTHREAD)
return true;
return smack_privileged_cred(cap, current_cred());