lsm,rust: reword "destroy" -> "release" in SecurityCtx

What happens inside the individual LSMs for a given LSM hook can vary quite a bit, so it is best to use the terminology "release" instead of "destroy" or "free". Suggested-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: Alice Ryhl <aliceryhl@google.com> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Fiona Behrens <me@kloenk.dev> [PM: subj tweak] Signed-off-by: Paul Moore <paul@paul-moore.com>
2026-05-15 21:21:49 -04:00 · 2025-03-04 10:31:55 +00:00
parent 55e16418dd
commit 0a01beac92
1 changed files with 3 additions and 4 deletions
--- a/rust/kernel/security.rs
+++ b/rust/kernel/security.rs
@@ -16,7 +16,7 @@
 /// # Invariants
 ///
 /// The `ctx` field corresponds to a valid security context as returned by a successful call to
-/// `security_secid_to_secctx`, that has not yet been destroyed by `security_release_secctx`.
+/// `security_secid_to_secctx`, that has not yet been released by `security_release_secctx`.
 pub struct SecurityCtx {
    ctx: bindings::lsm_context,
 }
@@ -67,9 +67,8 @@ pub fn as_bytes(&self) -> &[u8] {
 impl Drop for SecurityCtx {
    #[inline]
    fn drop(&mut self) {
-        // SAFETY: By the invariant of `Self`, this frees a context that came from a successful
-        // call to `security_secid_to_secctx` and has not yet been destroyed by
-        // `security_release_secctx`.
+        // SAFETY: By the invariant of `Self`, this releases an lsm context that came from a
+        // successful call to `security_secid_to_secctx` and has not yet been released.
        unsafe { bindings::security_release_secctx(&mut self.ctx) };
    }
 }