Re: [PATCH v3 5/5] LSM: secctx provider check on release
From: Paul Moore
Date: Thu Oct 31 2024 - 18:54:20 EST
On Oct 23, 2024 Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>
> Verify that the LSM releasing the secctx is the LSM that
> allocated it. This was not necessary when only one LSM could
> create a secctx, but once there can be more than one it is.
>
> Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
> ---
> security/apparmor/secid.c | 13 +++++--------
> security/selinux/hooks.c | 13 +++++--------
> 2 files changed, 10 insertions(+), 16 deletions(-)
See my note on patch 1/5, merging into lsm/dev.
--
paul-moore.com