www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Paul Moore <paul@paul-moore.com>
	Tue, 9 Jul 2024 23:43:06 +0000 (19:43 -0400)
committer	Paul Moore <paul@paul-moore.com>
	Mon, 12 Aug 2024 19:35:04 +0000 (15:35 -0400)
commit	63dff3e48871b0583be5032ff8fb7260c349a18c
tree	658e21e7c21fc865f459a1c6dcd9fad7059f0323	tree
parent	711f5c5ce6c2c640c1b3b569ab2a8847be5ab21f	commit \| diff

lsm: add the inode_free_security_rcu() LSM implementation hook

The LSM framework has an existing inode_free_security() hook which
is used by LSMs that manage state associated with an inode, but
due to the use of RCU to protect the inode, special care must be
taken to ensure that the LSMs do not fully release the inode state
until it is safe from a RCU perspective.

This patch implements a new inode_free_security_rcu() implementation
hook which is called when it is safe to free the LSM's internal inode
state. Unfortunately, this new hook does not have access to the inode
itself as it may already be released, so the existing
inode_free_security() hook is retained for those LSMs which require
access to the inode.

Cc: stable@vger.kernel.org
Reported-by: syzbot+5446fbf332b0602ede0b@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/r/00000000000076ba3b0617f65cc8@google.com
Signed-off-by: Paul Moore <paul@paul-moore.com>

include/linux/lsm_hook_defs.h		diff \| blob \| history
security/integrity/ima/ima.h		diff \| blob \| history
security/integrity/ima/ima_iint.c		diff \| blob \| history
security/integrity/ima/ima_main.c		diff \| blob \| history
security/landlock/fs.c		diff \| blob \| history
security/security.c		diff \| blob \| history