[PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx

rust-for-linux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx
@ 2025-03-04 10:31 Alice Ryhl
  2025-03-04 12:48 ` Fiona Behrens
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Alice Ryhl @ 2025-03-04 10:31 UTC (permalink / raw)
  To: Paul Moore, Casey Schaufler
  Cc: James Morris, Serge E. Hallyn, Miguel Ojeda, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg,
	Trevor Gross, rust-for-linux, linux-security-module, linux-kernel,
	Alice Ryhl

What happens inside the individual LSMs for a given LSM hook can vary
quite a bit, so it is best to use the terminology "release" instead of
"destroy" or "free".

Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Alice Ryhl <aliceryhl@google.com>
---
This patch is based on top of:
https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
---
 rust/kernel/security.rs | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644
--- a/rust/kernel/security.rs
+++ b/rust/kernel/security.rs
@@ -16,7 +16,7 @@
 /// # Invariants
 ///
 /// The `ctx` field corresponds to a valid security context as returned by a successful call to
-/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
+/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
 pub struct SecurityCtx {
     ctx: bindings::lsm_context,
 }
@@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
 impl Drop for SecurityCtx {
     #[inline]
     fn drop(&mut self) {
-        // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
-        // call to `security_secid_to_secctx` and has not yet been destroyed by
-        // `security_release_secctx`.
+        // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
+        // successful call to `security_secid_to_secctx` and has not yet been released.
         unsafe { bindings::security_release_secctx(&mut self.ctx) };
     }
 }

---
base-commit: 93f60f16db02f7b52985338f37679095231b6383
change-id: 20250304-secctx-reword-release-e26ac4ee7e0b

Best regards,
-- 
Alice Ryhl <aliceryhl@google.com>


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx
  2025-03-04 10:31 [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx Alice Ryhl
@ 2025-03-04 12:48 ` Fiona Behrens
  2025-03-04 17:36 ` Casey Schaufler
  2025-03-04 20:44 ` Paul Moore
  2 siblings, 0 replies; 4+ messages in thread
From: Fiona Behrens @ 2025-03-04 12:48 UTC (permalink / raw)
  To: Alice Ryhl
  Cc: Paul Moore, Casey Schaufler, James Morris, Serge E. Hallyn,
	Miguel Ojeda, Boqun Feng, Gary Guo, Björn Roy Baron,
	Benno Lossin, Andreas Hindborg, Trevor Gross, rust-for-linux,
	linux-security-module, linux-kernel

Alice Ryhl <aliceryhl@google.com> writes:

> What happens inside the individual LSMs for a given LSM hook can vary
> quite a bit, so it is best to use the terminology "release" instead of
> "destroy" or "free".
>
> Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>

Reviewed-by: Fiona Behrens <me@kloenk.dev>

> ---
> This patch is based on top of:
> https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
> ---
>  rust/kernel/security.rs | 7 +++----
>  1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
> index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644
> --- a/rust/kernel/security.rs
> +++ b/rust/kernel/security.rs
> @@ -16,7 +16,7 @@
>  /// # Invariants
>  ///
>  /// The `ctx` field corresponds to a valid security context as returned by a successful call to
> -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
> +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
>  pub struct SecurityCtx {
>      ctx: bindings::lsm_context,
>  }
> @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
>  impl Drop for SecurityCtx {
>      #[inline]
>      fn drop(&mut self) {
> -        // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
> -        // call to `security_secid_to_secctx` and has not yet been destroyed by
> -        // `security_release_secctx`.
> +        // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
> +        // successful call to `security_secid_to_secctx` and has not yet been released.
>          unsafe { bindings::security_release_secctx(&mut self.ctx) };
>      }
>  }
>
> ---
> base-commit: 93f60f16db02f7b52985338f37679095231b6383
> change-id: 20250304-secctx-reword-release-e26ac4ee7e0b
>
> Best regards,

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx
  2025-03-04 10:31 [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx Alice Ryhl
  2025-03-04 12:48 ` Fiona Behrens
@ 2025-03-04 17:36 ` Casey Schaufler
  2025-03-04 20:44 ` Paul Moore
  2 siblings, 0 replies; 4+ messages in thread
From: Casey Schaufler @ 2025-03-04 17:36 UTC (permalink / raw)
  To: Alice Ryhl, Paul Moore
  Cc: James Morris, Serge E. Hallyn, Miguel Ojeda, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg,
	Trevor Gross, rust-for-linux, linux-security-module, linux-kernel,
	Casey Schaufler

On 3/4/2025 2:31 AM, Alice Ryhl wrote:
> What happens inside the individual LSMs for a given LSM hook can vary
> quite a bit, so it is best to use the terminology "release" instead of
> "destroy" or "free".
>
> Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>

Acked-by: Casey Schaufler <casey@schaufler-ca.com>

> ---
> This patch is based on top of:
> https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
> ---
>  rust/kernel/security.rs | 7 +++----
>  1 file changed, 3 insertions(+), 4 deletions(-)
>
> diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs
> index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644
> --- a/rust/kernel/security.rs
> +++ b/rust/kernel/security.rs
> @@ -16,7 +16,7 @@
>  /// # Invariants
>  ///
>  /// The `ctx` field corresponds to a valid security context as returned by a successful call to
> -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
> +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
>  pub struct SecurityCtx {
>      ctx: bindings::lsm_context,
>  }
> @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
>  impl Drop for SecurityCtx {
>      #[inline]
>      fn drop(&mut self) {
> -        // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
> -        // call to `security_secid_to_secctx` and has not yet been destroyed by
> -        // `security_release_secctx`.
> +        // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
> +        // successful call to `security_secid_to_secctx` and has not yet been released.
>          unsafe { bindings::security_release_secctx(&mut self.ctx) };
>      }
>  }
>
> ---
> base-commit: 93f60f16db02f7b52985338f37679095231b6383
> change-id: 20250304-secctx-reword-release-e26ac4ee7e0b
>
> Best regards,

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx
  2025-03-04 10:31 [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx Alice Ryhl
  2025-03-04 12:48 ` Fiona Behrens
  2025-03-04 17:36 ` Casey Schaufler
@ 2025-03-04 20:44 ` Paul Moore
  2 siblings, 0 replies; 4+ messages in thread
From: Paul Moore @ 2025-03-04 20:44 UTC (permalink / raw)
  To: Alice Ryhl, Casey Schaufler
  Cc: James Morris, Serge E. Hallyn, Miguel Ojeda, Boqun Feng, Gary Guo,
	Björn Roy Baron, Benno Lossin, Andreas Hindborg,
	Trevor Gross, rust-for-linux, linux-security-module, linux-kernel,
	Alice Ryhl

On Mar  4, 2025 Alice Ryhl <aliceryhl@google.com> wrote:
> 
> What happens inside the individual LSMs for a given LSM hook can vary
> quite a bit, so it is best to use the terminology "release" instead of
> "destroy" or "free".
> 
> Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
> Signed-off-by: Alice Ryhl <aliceryhl@google.com>
> Acked-by: Casey Schaufler <casey@schaufler-ca.com>
> Reviewed-by: Fiona Behrens <me@kloenk.dev>
> ---
> This patch is based on top of:
> https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/
> ---
>  rust/kernel/security.rs | 7 +++----
>  1 file changed, 3 insertions(+), 4 deletions(-)

Much better, thank you :)  Merged into lsm/dev.

--
paul-moore.com

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2025-03-04 20:44 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-04 10:31 [PATCH] lsm: rust: reword "destroy" -> "release" in SecurityCtx Alice Ryhl
2025-03-04 12:48 ` Fiona Behrens
2025-03-04 17:36 ` Casey Schaufler
2025-03-04 20:44 ` Paul Moore

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).