Re: [PATCH v22 06/12] fs,security: Add sb_delete hook

On Tue, Oct 27, 2020 at 9:04 PM Mickaël Salaün mic@digikod.net wrote:

The sb_delete security hook is called when shutting down a superblock, which may be useful to release kernel objects tied to the superblock's lifetime (e.g. inodes).

This new hook is needed by Landlock to release (ephemerally) tagged struct inodes. This comes from the unprivileged nature of Landlock described in the next commit.

Cc: Al Viro viro@zeniv.linux.org.uk Cc: James Morris jmorris@namei.org Cc: Jann Horn jannh@google.com Cc: Kees Cook keescook@chromium.org Cc: Serge E. Hallyn serge@hallyn.com Signed-off-by: Mickaël Salaün mic@linux.microsoft.com

Reviewed-by: Jann Horn jannh@google.com