Smack: Handle io_uring kernel thread privileges

Smack assumes that kernel threads are privileged for smackfs operations. This was necessary because the credential of the kernel thread was not related to a user operation. With io_uring the credential does reflect a user's rights and can be used. Suggested-by: Jens Axboe <[email protected]> Acked-by: Jens Axboe <[email protected]> Acked-by: Eric W. Biederman <[email protected]> Signed-off-by: Casey Schaufler <[email protected]>
josf · Dec 22, 2020 · 942cb35 · 942cb35
1 parent 9b0072e
commit 942cb35
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/security/smack/smack_access.c b/security/smack/smack_access.c
@@ -688,9 +688,10 @@ bool smack_privileged_cred(int cap, const struct cred *cred)
 bool smack_privileged(int cap)
 {
 	/*
-	 * All kernel tasks are privileged
+	 * Kernel threads may not have credentials we can use.
+	 * The io_uring kernel threads do have reliable credentials.
 	 */
-	if (unlikely(current->flags & PF_KTHREAD))
+	if ((current->flags & (PF_KTHREAD | PF_IO_WORKER)) == PF_KTHREAD)
 		return true;
 
 	return smack_privileged_cred(cap, current_cred());