lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <m27c55j715.fsf@kloenk.dev>
Date: Tue, 04 Mar 2025 13:48:38 +0100
From: Fiona Behrens <me@...enk.dev>
To: Alice Ryhl <aliceryhl@...gle.com>
Cc: Paul Moore <paul@...l-moore.com>,  Casey Schaufler
 <casey@...aufler-ca.com>,  James Morris <jmorris@...ei.org>,  "Serge E.
 Hallyn" <serge@...lyn.com>,  Miguel Ojeda <ojeda@...nel.org>,  Boqun Feng
 <boqun.feng@...il.com>,  Gary Guo <gary@...yguo.net>,  Björn Roy Baron
 <bjorn3_gh@...tonmail.com>,  Benno Lossin <benno.lossin@...ton.me>,
  Andreas Hindborg <a.hindborg@...nel.org>,  Trevor Gross
 <tmgross@...ch.edu>,  rust-for-linux@...r.kernel.org,
  linux-security-module@...r.kernel.org,  linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx

Alice Ryhl <aliceryhl@...gle.com> writes:

> What happens inside the individual LSMs for a given LSM hook can vary
> quite a bit, so it is best to use the terminology "release" instead of
> "destroy" or "free".
>
> Suggested-by: Casey Schaufler <casey@...aufler-ca.com>
> Signed-off-by: Alice Ryhl <aliceryhl@...gle.com>

Reviewed-by: Fiona Behrens <me@...enk.dev>

> ---
> This patch is based on top of:
> https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
> ---
>  rust/kernel/security.rs | 7 +++----
>  1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
> index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644
> --- a/rust/kernel/security.rs
> +++ b/rust/kernel/security.rs
> @@ -16,7 +16,7 @@
>  /// # Invariants
>  ///
>  /// The `ctx` field corresponds to a valid security context as returned by a successful call to
> -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
> +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
>  pub struct SecurityCtx {
>      ctx: bindings::lsm_context,
>  }
> @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
>  impl Drop for SecurityCtx {
>      #[inline]
>      fn drop(&mut self) {
> -        // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
> -        // call to `security_secid_to_secctx` and has not yet been destroyed by
> -        // `security_release_secctx`.
> +        // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
> +        // successful call to `security_secid_to_secctx` and has not yet been released.
>          unsafe { bindings::security_release_secctx(&mut self.ctx) };
>      }
>  }
>
> ---
> base-commit: 93f60f16db02f7b52985338f37679095231b6383
> change-id: 20250304-secctx-reword-release-e26ac4ee7e0b
>
> Best regards,

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ