summaryrefslogtreecommitdiff
path: root/include/linux/lsm_hooks.h
diff options
context:
space:
mode:
authorMickaël Salaün <mic@linux.microsoft.com>2021-04-22 17:41:16 +0200
committerJames Morris <jamorris@linux.microsoft.com>2021-04-22 12:22:11 -0700
commit83e804f0bfee2247b1c0aa64845c81a38562da7a (patch)
tree18a47335116fa823fc6a29cb67c92e412064b583 /include/linux/lsm_hooks.h
parentcb2c7d1a1776057c9a1f48ed1250d85e94d4850d (diff)
fs,security: Add sb_delete hook
The sb_delete security hook is called when shutting down a superblock, which may be useful to release kernel objects tied to the superblock's lifetime (e.g. inodes). This new hook is needed by Landlock to release (ephemerally) tagged struct inodes. This comes from the unprivileged nature of Landlock described in the next commit. Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: James Morris <jmorris@namei.org> Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com> Reviewed-by: Jann Horn <jannh@google.com> Acked-by: Serge Hallyn <serge@hallyn.com> Reviewed-by: Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20210422154123.13086-7-mic@digikod.net Signed-off-by: James Morris <jamorris@linux.microsoft.com>
Diffstat (limited to 'include/linux/lsm_hooks.h')
-rw-r--r--include/linux/lsm_hooks.h3
1 files changed, 3 insertions, 0 deletions
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 75715998a95f..cc2eaaaec0e4 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -108,6 +108,9 @@
* allocated.
* @sb contains the super_block structure to be modified.
* Return 0 if operation was successful.
+ * @sb_delete:
+ * Release objects tied to a superblock (e.g. inodes).
+ * @sb contains the super_block structure being released.
* @sb_free_security:
* Deallocate and clear the sb->s_security field.
* @sb contains the super_block structure to be modified.