Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'io_uring-6.8-2024-01-26' of git://git.kernel.dk/linux

Pull io_uring fix from Jens Axboe:
"Just a single tweak to the newly added IORING_OP_FIXED_FD_INSTALL from
Paul, ensuring it goes via the audit path and playing it safe by
excluding it from using registered creds"

* tag 'io_uring-6.8-2024-01-26' of git://git.kernel.dk/linux:
io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL

+4 -1
-1
io_uring/opdef.c
··· 471 471 }, 472 472 [IORING_OP_FIXED_FD_INSTALL] = { 473 473 .needs_file = 1, 474 - .audit_skip = 1, 475 474 .prep = io_install_fixed_fd_prep, 476 475 .issue = io_install_fixed_fd, 477 476 },
+4
io_uring/openclose.c
··· 277 277 if (flags & ~IORING_FIXED_FD_NO_CLOEXEC) 278 278 return -EINVAL; 279 279 280 + /* ensure the task's creds are used when installing/receiving fds */ 281 + if (req->flags & REQ_F_CREDS) 282 + return -EPERM; 283 + 280 284 /* default to O_CLOEXEC, disable if IORING_FIXED_FD_NO_CLOEXEC is set */ 281 285 ifi = io_kiocb_to_cmd(req, struct io_fixed_install); 282 286 ifi->o_flags = O_CLOEXEC;