[PATCH 6/6] LSM: Infrastructure management of the perf_event security blob
Paul Moore
paul at paul-moore.com
Tue Jul 9 22:08:05 UTC 2024
On Jul 8, 2024 Casey Schaufler <casey at schaufler-ca.com> wrote:
>
> Move management of the perf_event->security blob out of the individual
> security modules and into the security infrastructure. Instead of
> allocating the blobs from within the modules the modules tell the
> infrastructure how much space is required, and the space is allocated
> there.
>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
> ---
> include/linux/lsm_hooks.h | 1 +
> security/security.c | 12 ++++++++++++
> security/selinux/hooks.c | 18 ++++--------------
> security/selinux/include/objsec.h | 6 ++++++
> 4 files changed, 23 insertions(+), 14 deletions(-)
...
> @@ -5665,6 +5675,8 @@ int security_perf_event_alloc(struct perf_event *event)
> void security_perf_event_free(struct perf_event *event)
> {
> call_void_hook(perf_event_free, event);
> + kfree(event->security);
> + event->security = NULL;
> }
See previous comments regarding the *free() hooks.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list