Re: [PATCH v30 06/12] fs,security: Add sb_delete hook

On Tue, Mar 16, 2021 at 09:42:46PM +0100, Mickaël Salaün wrote:

From: Mickaël Salaün mic@linux.microsoft.com

The sb_delete security hook is called when shutting down a superblock, which may be useful to release kernel objects tied to the superblock's lifetime (e.g. inodes).

This new hook is needed by Landlock to release (ephemerally) tagged struct inodes. This comes from the unprivileged nature of Landlock described in the next commit.

Cc: Al Viro viro@zeniv.linux.org.uk Cc: James Morris jmorris@namei.org Cc: Kees Cook keescook@chromium.org Signed-off-by: Mickaël Salaün mic@linux.microsoft.com

Reviewed-by: Kees Cook keescook@chromium.org