Re: [PATCH v3 5/5] LSM: secctx provider check on release

From: Paul Moore
Date: Thu Oct 31 2024 - 18:54:20 EST

Next message: Paul Moore: "Re: [PATCH v3 2/5] LSM: Replace context+len with lsm_context"
Previous message: Paul Moore: "Re: [PATCH v3 1/5] LSM: Ensure the correct LSM context releaser"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Oct 23, 2024 Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>
> Verify that the LSM releasing the secctx is the LSM that
> allocated it. This was not necessary when only one LSM could
> create a secctx, but once there can be more than one it is.
>
> Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
> ---
> security/apparmor/secid.c | 13 +++++--------
> security/selinux/hooks.c | 13 +++++--------
> 2 files changed, 10 insertions(+), 16 deletions(-)

See my note on patch 1/5, merging into lsm/dev.

--
paul-moore.com

Next message: Paul Moore: "Re: [PATCH v3 2/5] LSM: Replace context+len with lsm_context"
Previous message: Paul Moore: "Re: [PATCH v3 1/5] LSM: Ensure the correct LSM context releaser"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]