From patchwork Fri Mar 10 23:11:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Mirsad Todorovac X-Patchwork-Id: 67846 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp20090wrd; Fri, 10 Mar 2023 15:20:12 -0800 (PST) X-Google-Smtp-Source: AK7set+pmnuvm24SI7vu+RCr06AQoSaxZkddjFRwoStKjyelmdV5xq1KotpiU+cTzKfI2ReqjYi/ X-Received: by 2002:a17:903:190:b0:19d:2542:96a4 with SMTP id z16-20020a170903019000b0019d254296a4mr34276699plg.4.1678490411968; Fri, 10 Mar 2023 15:20:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1678490411; cv=none; d=google.com; s=arc-20160816; b=l9ng4NTV/JR0ODwP/36eKfO4lLISO8ponbNmbcLgbXAQT24OUKicsZIBFtl8SV50yq PtXVrvLxDCVizxpehwSBrdYBiLc84rm+Ugzq9e4X/11ViD25eYeRq870IDoxeAg36CAn bax0kI3zfcu7WK+1Zq363EKI0NpBNT7z5hWAOVIruvhdpyMp6GaX9EG0HvHd35qMAlPr mFlN9g3RC8g+7uVJ3Py8QyOdXxLyod7GDhibhoPatuEDlXGtpM/9yrgflBRYanFw4tGt gRjpgAz8A4WIGKSN90V3F09U2LaoeFtoaoeB6wXo30CTenmAb8DhGfBMZwIUY9GPUH37 E4CA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature:dkim-signature; bh=U44B9pZdAkvT4DdwukzCofIVrj3ygoTc3rd3BAp0dbU=; b=xBWcaHulLUvs0tjIeQkYOy4W+TFmzg+URFxovQ9RzwgzlOYtX8vBpl0/inBRtVETfp IGxeIJ97lgPMdvDUrD6NRnwnq1lCjle8wPWvHdeFvGz3W81LjePR5R7r9gsveW3ZI08T 1k+0rEsOE40QrX4CLJvw9zVQ+6uyLSGQMP9uwMwWt/+8fRAk6obPPdfAcxWIYP74wdEh WRMbgbrrPHZC+fsxfVak3bCcBpyuLc/z9lpe+6KXB3mv+iT0eN8tZbUVpECOMq1CyiiE 3L0ADn7NgVsxmGXPqCUOhxwU7KmDRDmJpTuC/ClJIkU7mRP5zxfs+I7i1/IiSDFSxn9X rIvA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@alu.unizg.hr header.s=mail header.b="KFVl/NzM"; dkim=fail header.i=@alu.unizg.hr header.s=mail header.b=E3ld26Of; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alu.unizg.hr Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id kq11-20020a170903284b00b001870a181f24si996640plb.222.2023.03.10.15.19.38; Fri, 10 Mar 2023 15:20:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=fail header.i=@alu.unizg.hr header.s=mail header.b="KFVl/NzM"; dkim=fail header.i=@alu.unizg.hr header.s=mail header.b=E3ld26Of; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alu.unizg.hr Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231220AbjCJXRh (ORCPT + 99 others); Fri, 10 Mar 2023 18:17:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42146 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230297AbjCJXRW (ORCPT ); Fri, 10 Mar 2023 18:17:22 -0500 Received: from domac.alu.hr (domac.alu.unizg.hr [161.53.235.3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EFD29DBF9 for ; Fri, 10 Mar 2023 15:17:20 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by domac.alu.hr (Postfix) with ESMTP id BA2C1604ED; Sat, 11 Mar 2023 00:17:17 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=alu.unizg.hr; s=mail; t=1678490239; bh=nvunfcIWUaJ/7/0R+SRfAitNiWYZ4FLBFMx5o+htaEU=; h=From:To:Cc:Subject:Date:From; b=KFVl/NzMgokwdO4pMzYRRm+0gI3nw/au2FviTPaZeVZyq4+hDf6cgZCjG8wc3h25Z FvVctAr0KxcL6LyP5Mw5WvqkPkowXrW8ddXwHcNs1M6ffpRLOgTkHVKfyQxn5kyHqT ppJkOzLuHDWEI4LL2sL94Sva6kizjODe2WTAu8w76N2Pf1hHB0sDznYgC8hEDcrPsN mcgYSdx5T3KwCCEkQtg7x99D+WAlbI5TDbDVaPQ9YYmURZSix9a3k8nY9QefCy6AX2 JrKXpe3g4IrkJLJ1yPg7T/ZRE8Ja13X5dMTyHUpXjBCT3sSk3UmEwAMMgKKhOhVtm+ IttjcIYwJHpqg== X-Virus-Scanned: Debian amavisd-new at domac.alu.hr Received: from domac.alu.hr ([127.0.0.1]) by localhost (domac.alu.hr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5C_uzbNxrnOr; Sat, 11 Mar 2023 00:17:15 +0100 (CET) Received: by domac.alu.hr (Postfix, from userid 1014) id 62197604EF; Sat, 11 Mar 2023 00:17:15 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=alu.unizg.hr; s=mail; t=1678490235; bh=nvunfcIWUaJ/7/0R+SRfAitNiWYZ4FLBFMx5o+htaEU=; h=From:To:Cc:Subject:Date:From; b=E3ld26OfsLzs2wCYu2sBxmQuIutnRmao8WTtdG7b09W6GlN68HE7cjhwiVIPGHDr8 OCm6BXLy/RgFqSQo8jhsD03dPeRmyKIbYtfPx0tjZ/W2luvfPE/TxE3sLNr9cl6ksc 5Wc8IU17kzZVkGqpRe2pd+oG2zqfYWH0V9b6blLgvTMZHnXMSUGc+ZGqA14jnzQrP2 KV58e6ozh5khopaRr6br/cwntZ4JT7I/g+Ly4QWzj+QWMNogU4P7oS61CQCPuJoeCS kxKS9U58+VmSHWNBrINU8U3aU+ktVfoqqAmty/NXCp9Lunu+zh3sBgUVSnoaDd2YhY 0ohCV6ptJkIlg== From: Mirsad Goran Todorovac To: Paul Moore , Roberto Sassu , linux-kernel@vger.kernel.org Cc: Mirsad Goran Todorovac , Andy Shevchenko , Greg Kroah-Hartman , Mimi Zohar , =?utf-8?q?Thomas_Wei=C3=9Fschuh?= , Casey Schaufler , =?utf-8?q?Christian_G=C3=B6ttsche?= , =?utf-8?q?Mic?= =?utf-8?q?ka=C3=ABl_Sala=C3=BCn?= , Frederick Lawler Subject: [PATCH v1 1/2] LSM: add a release() hook for the clean exit cleanup of the LSM modules Date: Sat, 11 Mar 2023 00:11:08 +0100 Message-Id: <20230310231107.10954-1-mirsad.todorovac@alu.unizg.hr> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, PP_MIME_FAKE_ASCII_TEXT,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1760024762225409317?= X-GMAIL-MSGID: =?utf-8?q?1760024762225409317?= The LSM modules, namely integrity, do not have a clean way to deallocate resources allocated in the init() hook or later in their lifetime. The resources are destroyed on kernel shutdown in an undefined order. This will allow a .release member per LSM module and calling proper destructors in a well-behaved order. Signed-off-by: Mirsad Goran Todorovac Suggested-by: Andy Shevchenko Cc: Greg Kroah-Hartman Cc: Mimi Zohar Cc: Paul Moore Cc: Thomas Weißschuh Cc: Casey Schaufler Cc: Christian Göttsche Cc: Mickaël Salaün Cc: Frederick Lawler --- include/linux/lsm_hooks.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 6e156d2acffc..d5a6ab9b5eb2 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1724,6 +1724,7 @@ struct lsm_info { unsigned long flags; /* Optional: flags describing LSM */ int *enabled; /* Optional: controlled by CONFIG_LSM */ int (*init)(void); /* Required. */ + int (*release)(void); /* Release associated resources */ struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */ }; -- Mirsad Goran Todorovac Sistem inženjer Grafički fakultet | Akademija likovnih umjetnosti Sveučilište u Zagrebu System engineer Faculty of Graphic Arts | Academy of Fine Arts University of Zagreb, Republic of Croatia The European Union --- include/linux/lsm_hooks.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index 0a5ba81f7367..db3e57e7738b 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -1724,6 +1724,7 @@ struct lsm_info { unsigned long flags; /* Optional: flags describing LSM */ int *enabled; /* Optional: controlled by CONFIG_LSM */ int (*init)(void); /* Required. */ + int (*release)(void); /* Release associated resources */ struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */ };