On Tue, 27 Oct 2020, Mickaël Salaün wrote: > From: Mickaël Salaün <m...@linux.microsoft.com> > > The sb_delete security hook is called when shutting down a superblock, > which may be useful to release kernel objects tied to the superblock's > lifetime (e.g. inodes). > > This new hook is needed by Landlock to release (ephemerally) tagged > struct inodes. This comes from the unprivileged nature of Landlock > described in the next commit. > > Cc: Al Viro <v...@zeniv.linux.org.uk> > Cc: James Morris <jmor...@namei.org> > Cc: Jann Horn <ja...@google.com> > Cc: Kees Cook <keesc...@chromium.org> > Cc: Serge E. Hallyn <se...@hallyn.com> > Signed-off-by: Mickaël Salaün <m...@linux.microsoft.com>
Al, Kees, JJ et al, any objections? -- James Morris <jmor...@namei.org>
