From: Fiona Behrens <me@kloenk.dev>
To: Alice Ryhl <aliceryhl@google.com>
Cc: "Paul Moore" <paul@paul-moore.com>,
"Casey Schaufler" <casey@schaufler-ca.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Trevor Gross" <tmgross@umich.edu>,
rust-for-linux@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx
Date: Tue, 04 Mar 2025 13:48:38 +0100 [thread overview]
Message-ID: <m27c55j715.fsf@kloenk.dev> (raw)
In-Reply-To: <20250304-secctx-reword-release-v1-1-e8e9a7ff85ba@google.com> (Alice Ryhl's message of "Tue, 04 Mar 2025 10:31:55 +0000")
Alice Ryhl <aliceryhl@google.com> writes:
> What happens inside the individual LSMs for a given LSM hook can vary
> quite a bit, so it is best to use the terminology "release" instead of
> "destroy" or "free".
>
> Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
Reviewed-by: Fiona Behrens <me@kloenk.dev>
> ---
> This patch is based on top of:
> https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
> ---
> rust/kernel/security.rs | 7 +++----
> 1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
> index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644
> --- a/rust/kernel/security.rs
> +++ b/rust/kernel/security.rs
> @@ -16,7 +16,7 @@
> /// # Invariants
> ///
> /// The `ctx` field corresponds to a valid security context as returned by a successful call to
> -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
> +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
> pub struct SecurityCtx {
> ctx: bindings::lsm_context,
> }
> @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
> impl Drop for SecurityCtx {
> #[inline]
> fn drop(&mut self) {
> - // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
> - // call to `security_secid_to_secctx` and has not yet been destroyed by
> - // `security_release_secctx`.
> + // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
> + // successful call to `security_secid_to_secctx` and has not yet been released.
> unsafe { bindings::security_release_secctx(&mut self.ctx) };
> }
> }
>
> ---
> base-commit: 93f60f16db02f7b52985338f37679095231b6383
> change-id: 20250304-secctx-reword-release-e26ac4ee7e0b
>
> Best regards,
next prev parent reply other threads:[~2025-03-04 12:48 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-04 10:31 [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx Alice Ryhl
2025-03-04 12:48 ` Fiona Behrens [this message]
2025-03-04 17:36 ` Casey Schaufler
2025-03-04 20:44 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m27c55j715.fsf@kloenk.dev \
--to=me@kloenk.dev \
--cc=a.hindborg@kernel.org \
--cc=aliceryhl@google.com \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=casey@schaufler-ca.com \
--cc=gary@garyguo.net \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=ojeda@kernel.org \
--cc=paul@paul-moore.com \
--cc=rust-for-linux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).