From: Fiona Behrens <me@kloenk.dev>
To: Alice Ryhl <aliceryhl@google.com>
Cc: "Paul Moore" <paul@paul-moore.com>,
"Casey Schaufler" <casey@schaufler-ca.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Trevor Gross" <tmgross@umich.edu>,
rust-for-linux@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx
Date: Tue, 04 Mar 2025 13:48:38 +0100 [thread overview]
Message-ID: <m27c55j715.fsf@kloenk.dev> (raw)
In-Reply-To: <20250304-secctx-reword-release-v1-1-e8e9a7ff85ba@google.com> (Alice Ryhl's message of "Tue, 04 Mar 2025 10:31:55 +0000")
Alice Ryhl <aliceryhl@google.com> writes:
> What happens inside the individual LSMs for a given LSM hook can vary
> quite a bit, so it is best to use the terminology "release" instead of
> "destroy" or "free".
>
> Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
Reviewed-by: Fiona Behrens <me@kloenk.dev>
> ---
> This patch is based on top of:
> https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
> ---
> rust/kernel/security.rs | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
> index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644
> --- a/rust/kernel/security.rs
> +++ b/rust/kernel/security.rs
> @@ -16,7 +16,7 @@
> /// # Invariants
> ///
> /// The `ctx` field corresponds to a valid security context as returned by a successful call to
> -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
> +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
> pub struct SecurityCtx {
> ctx: bindings::lsm_context,
> }
> @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
> impl Drop for SecurityCtx {
> #[inline]
> fn drop(&mut self) {
> - // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
> - // call to `security_secid_to_secctx` and has not yet been destroyed by
> - // `security_release_secctx`.
> + // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
> + // successful call to `security_secid_to_secctx` and has not yet been released.
> unsafe { bindings::security_release_secctx(&mut self.ctx) };
> }
> }
>
> ---
> base-commit: 93f60f16db02f7b52985338f37679095231b6383
> change-id: 20250304-secctx-reword-release-e26ac4ee7e0b
>
> Best regards,
next prev parent reply other threads:[~2025-03-04 12:48 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-04 10:31 [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx Alice Ryhl
2025-03-04 12:48 ` Fiona Behrens [this message]
2025-03-04 17:36 ` Casey Schaufler
2025-03-04 20:44 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m27c55j715.fsf@kloenk.dev \
--to=me@kloenk.dev \
--cc=a.hindborg@kernel.org \
--cc=aliceryhl@google.com \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=casey@schaufler-ca.com \
--cc=gary@garyguo.net \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=ojeda@kernel.org \
--cc=paul@paul-moore.com \
--cc=rust-for-linux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.