On Wed, 8 Aug 2001, richard offer wrote: > I thought that that was some consensus about the intention of always > calling the post hooks, not just when there was no error. > > Its widley perceived by Linus to be quicker to do a call and return than > check and then call. > > One of our patches rectified that. My patch (and Serge's patch) was simply adding another call to the existing post_lookup hook to cover a case that was previously missed. With regard to checking and calling, there isn't any additional check here - the existing code already checks for an error and branches accordingly, so inserting a hook into the success code path doesn't add any checking. I think that the same is true for the post_create/mkdir/... hooks - the existing code already had a check and branch. I think I mentioned in my feedback on SGI's patch that changing the post_create/post_mkdir/... hooks to always be called and pass the error seemed reasonable to me. But I'm not sure it will be of much use to you for post_lookup. The intent of post_lookup is to allow the module to set the security attributes on the newly looked up inode. What would a module if post_lookup were called in the failure case? -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 08:24:55 PDT