The LSM modules, namely integrity, do not have a clean way to deallocate
resources allocated in the init() hook or later in their lifetime. The
resources are destroyed on kernel shutdown in an undefined order.
This will allow a .release member per LSM module and calling proper
destructors in a well-behaved order.
Signed-off-by: Mirsad Goran Todorovac <[email protected]>
Suggested-by: Andy Shevchenko <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Mimi Zohar <[email protected]>
Cc: Paul Moore <[email protected]>
Cc: Thomas Weißschuh <[email protected]>
Cc: Casey Schaufler <[email protected]>
Cc: Christian Göttsche <[email protected]>
Cc: Mickaël Salaün <[email protected]>
Cc: Frederick Lawler <[email protected]>
---
include/linux/lsm_hooks.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 6e156d2acffc..d5a6ab9b5eb2 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1724,6 +1724,7 @@ struct lsm_info {
unsigned long flags; /* Optional: flags describing LSM */
int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
+ int (*release)(void); /* Release associated resources */
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
};
--
Mirsad Goran Todorovac
Sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
System engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
The European Union
---
include/linux/lsm_hooks.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index 0a5ba81f7367..db3e57e7738b 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -1724,6 +1724,7 @@ struct lsm_info {
unsigned long flags; /* Optional: flags describing LSM */
int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
+ int (*release)(void); /* Release associated resources */
struct lsm_blob_sizes *blobs; /* Optional: for blob sharing. */
};
--
2.30.2
The kmem_cache_create() callback in the init() hook of the integrity LSM
module doesn't have a corresponding kmem_cache_destroy() function call.
The allocated cache is destroyed on kernel shutdown in an undefined manner.
This patch should define a proper destructor to deallocate resource in a
well-behaved, defined order.
Signed-off-by: Mirsad Goran Todorovac <[email protected]>
Suggested-by: Andy Shevchenko <[email protected]>
Cc: Greg Kroah-Hartman <[email protected]>
Cc: Mimi Zohar <[email protected]>
Cc: Paul Moore <[email protected]>
Cc: Thomas Weißschuh <[email protected]>
Cc: Casey Schaufler <[email protected]>
Cc: Christian Göttsche <[email protected]>
Cc: Mickaël Salaün <[email protected]>
Cc: Frederick Lawler <[email protected]>
---
security/integrity/iint.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index 8638976f7990..3f69eb702b2e 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -179,9 +179,16 @@ static int __init integrity_iintcache_init(void)
0, SLAB_PANIC, init_once);
return 0;
}
+
+static int __exit integrity_iintcache_release(void)
+{
+ kmem_cache_destroy(iint_cache);
+}
+
DEFINE_LSM(integrity) = {
.name = "integrity",
.init = integrity_iintcache_init,
+ .release = integrity_iintcache_release,
};
--
2.30.2
On Sat, Mar 11, 2023 at 12:11:08AM +0100, Mirsad Goran Todorovac wrote:
> The LSM modules, namely integrity, do not have a clean way to deallocate
> resources allocated in the init() hook or later in their lifetime. The
> resources are destroyed on kernel shutdown in an undefined order.
>
> This will allow a .release member per LSM module and calling proper
> destructors in a well-behaved order.
...
> Cc: Greg Kroah-Hartman <[email protected]>
> Cc: Mimi Zohar <[email protected]>
> Cc: Paul Moore <[email protected]>
> Cc: Thomas Wei?schuh <[email protected]>
> Cc: Casey Schaufler <[email protected]>
> Cc: Christian G?ttsche <[email protected]>
> Cc: Micka?l Sala?n <[email protected]>
> Cc: Frederick Lawler <[email protected]>
As I told you, try to use my script instead, run it as
`ge2maintainer.sh -c 2 -v 2 HEAD~0 --annotate --cover-letter`
(assuming your 2 patches are on the top of the current branch
in the Git tree of Linux kernel source code).
It will create a template for the cover letter, automatically
applies To and Cc lists based on the MAINTAINERS database and
sends them.
--
With Best Regards,
Andy Shevchenko