On Tue, 27 Oct 2020, Mickaël Salaün wrote: > From: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> > > The sb_delete security hook is called when shutting down a superblock, > which may be useful to release kernel objects tied to the superblock's > lifetime (e.g. inodes). > > This new hook is needed by Landlock to release (ephemerally) tagged > struct inodes. This comes from the unprivileged nature of Landlock > described in the next commit. > > Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx> > Cc: James Morris <jmorris@xxxxxxxxx> > Cc: Jann Horn <jannh@xxxxxxxxxx> > Cc: Kees Cook <keescook@xxxxxxxxxxxx> > Cc: Serge E. Hallyn <serge@xxxxxxxxxx> > Signed-off-by: Mickaël Salaün <mic@xxxxxxxxxxxxxxxxxxx> Al, Kees, JJ et al, any objections? -- James Morris <jmorris@xxxxxxxxx>