Message ID | 20250304-secctx-reword-release-v1-1-e8e9a7ff85ba@google.com (mailing list archive) |
---|---|
State | Accepted |
Delegated to: | Paul Moore |
Headers | show |
Series | lsm: rust: reword "destroy" -> "release" in SecurityCtx | expand |
Alice Ryhl <aliceryhl@google.com> writes: > What happens inside the individual LSMs for a given LSM hook can vary > quite a bit, so it is best to use the terminology "release" instead of > "destroy" or "free". > > Suggested-by: Casey Schaufler <casey@schaufler-ca.com> > Signed-off-by: Alice Ryhl <aliceryhl@google.com> Reviewed-by: Fiona Behrens <me@kloenk.dev> > --- > This patch is based on top of: > https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/ > --- > rust/kernel/security.rs | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) > > diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs > index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644 > --- a/rust/kernel/security.rs > +++ b/rust/kernel/security.rs > @@ -16,7 +16,7 @@ > /// # Invariants > /// > /// The `ctx` field corresponds to a valid security context as returned by a successful call to > -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`. > +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`. > pub struct SecurityCtx { > ctx: bindings::lsm_context, > } > @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] { > impl Drop for SecurityCtx { > #[inline] > fn drop(&mut self) { > - // SAFETY: By the invariant of `Self`, this frees a context that came from a successful > - // call to `security_secid_to_secctx` and has not yet been destroyed by > - // `security_release_secctx`. > + // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a > + // successful call to `security_secid_to_secctx` and has not yet been released. > unsafe { bindings::security_release_secctx(&mut self.ctx) }; > } > } > > --- > base-commit: 93f60f16db02f7b52985338f37679095231b6383 > change-id: 20250304-secctx-reword-release-e26ac4ee7e0b > > Best regards,
On 3/4/2025 2:31 AM, Alice Ryhl wrote: > What happens inside the individual LSMs for a given LSM hook can vary > quite a bit, so it is best to use the terminology "release" instead of > "destroy" or "free". > > Suggested-by: Casey Schaufler <casey@schaufler-ca.com> > Signed-off-by: Alice Ryhl <aliceryhl@google.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> > --- > This patch is based on top of: > https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/ > --- > rust/kernel/security.rs | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) > > diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs > index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644 > --- a/rust/kernel/security.rs > +++ b/rust/kernel/security.rs > @@ -16,7 +16,7 @@ > /// # Invariants > /// > /// The `ctx` field corresponds to a valid security context as returned by a successful call to > -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`. > +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`. > pub struct SecurityCtx { > ctx: bindings::lsm_context, > } > @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] { > impl Drop for SecurityCtx { > #[inline] > fn drop(&mut self) { > - // SAFETY: By the invariant of `Self`, this frees a context that came from a successful > - // call to `security_secid_to_secctx` and has not yet been destroyed by > - // `security_release_secctx`. > + // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a > + // successful call to `security_secid_to_secctx` and has not yet been released. > unsafe { bindings::security_release_secctx(&mut self.ctx) }; > } > } > > --- > base-commit: 93f60f16db02f7b52985338f37679095231b6383 > change-id: 20250304-secctx-reword-release-e26ac4ee7e0b > > Best regards,
On Mar 4, 2025 Alice Ryhl <aliceryhl@google.com> wrote: > > What happens inside the individual LSMs for a given LSM hook can vary > quite a bit, so it is best to use the terminology "release" instead of > "destroy" or "free". > > Suggested-by: Casey Schaufler <casey@schaufler-ca.com> > Signed-off-by: Alice Ryhl <aliceryhl@google.com> > Acked-by: Casey Schaufler <casey@schaufler-ca.com> > Reviewed-by: Fiona Behrens <me@kloenk.dev> > --- > This patch is based on top of: > https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/ > --- > rust/kernel/security.rs | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) Much better, thank you :) Merged into lsm/dev. -- paul-moore.com
diff --git a/rust/kernel/security.rs b/rust/kernel/security.rs index 24321105052648e150f2875bcfa5ef29f4249516..0c63e9e7e564b7d9d85865e5415dd0464e9a9098 100644 --- a/rust/kernel/security.rs +++ b/rust/kernel/security.rs @@ -16,7 +16,7 @@ /// # Invariants /// /// The `ctx` field corresponds to a valid security context as returned by a successful call to -/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`. +/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`. pub struct SecurityCtx { ctx: bindings::lsm_context, } @@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] { impl Drop for SecurityCtx { #[inline] fn drop(&mut self) { - // SAFETY: By the invariant of `Self`, this frees a context that came from a successful - // call to `security_secid_to_secctx` and has not yet been destroyed by - // `security_release_secctx`. + // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a + // successful call to `security_secid_to_secctx` and has not yet been released. unsafe { bindings::security_release_secctx(&mut self.ctx) }; } }
What happens inside the individual LSMs for a given LSM hook can vary quite a bit, so it is best to use the terminology "release" instead of "destroy" or "free". Suggested-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Alice Ryhl <aliceryhl@google.com> --- This patch is based on top of: https://lore.kernel.org/all/20250304-inline-securityctx-v2-1-f110f2c6e7ff@google.com/ --- rust/kernel/security.rs | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) --- base-commit: 93f60f16db02f7b52985338f37679095231b6383 change-id: 20250304-secctx-reword-release-e26ac4ee7e0b Best regards,