| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 11 Mar 2023 00:11:08 +0100
From: Mirsad Goran Todorovac <mirsad.todorovac@....unizg.hr>
To: Paul Moore <paul@...l-moore.com>,
Roberto Sassu <roberto.sassu@...wei.com>,
linux-kernel@...r.kernel.org
Cc: Mirsad Goran Todorovac <mirsad.todorovac@....unizg.hr>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Mimi Zohar <zohar@...ux.ibm.com>,
Thomas Weißschuh <linux@...ssschuh.net>,
Casey Schaufler <casey@...aufler-ca.com>,
Christian Göttsche <cgzones@...glemail.com>,
Mickaël Salaün <mic@...ikod.net>,
Frederick Lawler <fred@...udflare.com>
Subject: [PATCH v1 1/2] LSM: add a release() hook for the clean exit cleanup of the LSM modules
The LSM modules, namely integrity, do not have a clean way to deallocate
resources allocated in the init() hook or later in their lifetime. The
resources are destroyed on kernel shutdown in an undefined order.
This will allow a .release member per LSM module and calling proper
destructors in a well-behaved order.
Signed-off-by: Mirsad Goran Todorovac <mirsad.todorovac@....unizg.hr>
Suggested-by: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Mimi Zohar <zohar@...ux.ibm.com>
Cc: Paul Moore <paul@...l-moore.com>
Cc: Thomas Weißschuh <linux@...ssschuh.net>
Cc: Casey Schaufler <casey@...aufler-ca.com>
Cc: Christian Göttsche <cgzones@...glemail.com>
Cc: Mickaël Salaün <mic@...ikod.net>
Cc: Frederick Lawler <fred@...udflare.com>
---
include/linux/lsm_hooks.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 6e156d2acffc..d5a6ab9b5eb2 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1724,6 +1724,7 @@ struct lsm_info {
unsigned long flags; /* Optional: flags describing LSM */
int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
+ int (*release)(void); /* Release associated resources */
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
};
--
Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union
---
include/linux/lsm_hooks.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 0a5ba81f7367..db3e57e7738b 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1724,6 +1724,7 @@ struct lsm_info {
unsigned long flags; /* Optional: flags describing LSM */
int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
+ int (*release)(void); /* Release associated resources */
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
};
--
2.30.2
Powered by blists - more mailing lists