[PATCH v1 1/2] LSM: add a release() hook for the clean exit cleanup of the LSM modules

From: Mirsad Goran Todorovac
Date: Fri Mar 10 2023 - 18:18:05 EST

Next message: Thinh Nguyen: "Re: [PATCH v7 3/5] usb: gadget: Add function wakeup support"
Previous message: Luis Chamberlain: "[PATCH] utsname: simplify one-level sysctl registration for uts_kern_table"
Next in thread: Mirsad Goran Todorovac: "[PATCH v1 2/2] integrity: Add the release() hook to the integrity LSM module"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The LSM modules, namely integrity, do not have a clean way to deallocate
resources allocated in the init() hook or later in their lifetime. The
resources are destroyed on kernel shutdown in an undefined order.

This will allow a .release member per LSM module and calling proper
destructors in a well-behaved order.

Signed-off-by: Mirsad Goran Todorovac <mirsad.todorovac@xxxxxxxxxxxx>
Suggested-by: Andy Shevchenko <andriy.shevchenko@xxxxxxxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Cc: Mimi Zohar <zohar@xxxxxxxxxxxxx>
Cc: Paul Moore <paul@xxxxxxxxxxxxxx>
Cc: Thomas WeiÃ?schuh <linux@xxxxxxxxxxxxxx>
Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Cc: Christian GÃ¶ttsche <cgzones@xxxxxxxxxxxxxx>
Cc: MickaÃ«l SalaÃ¼n <mic@xxxxxxxxxxx>
Cc: Frederick Lawler <fred@xxxxxxxxxxxxxx>

---
include/linux/lsm_hooks.h | 1 +
1 file changed, 1 insertion(+)

diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 6e156d2acffc..d5a6ab9b5eb2 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1724,6 +1724,7 @@ struct lsm_info {
unsigned long flags; /* Optional: flags describing LSM */
int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
+ int (*release)(void); /* Release associated resources */
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
};

--
Mirsad Goran Todorovac
Sistem inÅ¾enjer
GrafiÄ?ki fakultet | Akademija likovnih umjetnosti
SveuÄ?iliÅ¡te u Zagrebu

System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union

---
include/linux/lsm_hooks.h | 1 +
1 file changed, 1 insertion(+)

diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 0a5ba81f7367..db3e57e7738b 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1724,6 +1724,7 @@ struct lsm_info {
unsigned long flags; /* Optional: flags describing LSM */
int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
+ int (*release)(void); /* Release associated resources */
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
};

--
2.30.2

Next message: Thinh Nguyen: "Re: [PATCH v7 3/5] usb: gadget: Add function wakeup support"
Previous message: Luis Chamberlain: "[PATCH] utsname: simplify one-level sysctl registration for uts_kern_table"
Next in thread: Mirsad Goran Todorovac: "[PATCH v1 2/2] integrity: Add the release() hook to the integrity LSM module"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]