On Mon, 2004-12-06 at 18:01, Serge Hallyn wrote: > A very good point. I will put this in stacker for now. I can't think > of any reason why this would be useful to any case which was not using > stacker, and calling free_security() after a failed alloc_security() > could cause existing LSMs to Oops... Does anyone think the alternative > would be better? I see that the current core kernel isn't completely consistent in this regard, e.g. security_bprm_free() is always called even if security_bprm_alloc() failed. But that seems to be the exception. It helps that the core kernel initializes the security field prior to calling the alloc_security hooks, so that they have a well-defined initial state. SELinux should handle it fine either way, as it only returns from an alloc_security hook with a set security field on success, and its free_security hooks always check for NULL on entry. -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Tue Dec 07 2004 - 05:13:26 PST