Re: [RFC] [Stacking v4 3/3] Cleaned up stacker patch

From: Stephen Smalley (sds@private)
Date: Tue Dec 07 2004 - 05:07:53 PST

On Mon, 2004-12-06 at 18:01, Serge Hallyn wrote:
> A very good point.  I will put this in stacker for now.  I can't think
> of any reason why this would be useful to any case which was not using
> stacker, and calling free_security() after a failed alloc_security()
> could cause existing LSMs to Oops...  Does anyone think the alternative
> would be better?

I see that the current core kernel isn't completely consistent in this
regard, e.g. security_bprm_free() is always called even if
security_bprm_alloc() failed.  But that seems to be the exception.  It
helps that the core kernel initializes the security field prior to
calling the alloc_security hooks, so that they have a well-defined
initial state.  SELinux should handle it fine either way, as it only
returns from an alloc_security hook with a set security field on
success, and its free_security hooks always check for NULL on entry.

Stephen Smalley <sds@private>
National Security Agency

This archive was generated by hypermail 2.1.3 : Tue Dec 07 2004 - 05:13:26 PST