Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM

From: Tetsuo Handa
Date: Sat Apr 29 2017 - 22:13:10 EST

Next message: Mike Galbraith: "Re: [patch] timer: Fix timers_update_migration(), and call it in tmigr_init()"
Previous message: Andy Lutomirski: "Re: new ...at() flag: AT_NO_JUMPS"
In reply to: Casey Schaufler: "Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM"
Next in thread: MickaÃl SalaÃn: "Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Casey Schaufler wrote:
> On 4/29/2017 12:02 PM, Mickael Salaun wrote:
> > Check if the registering LSM already registered hooks just before. This
> > enable to split hook declarations into multiple files without
> > registering multiple time the same LSM name, starting from commit
> > d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm").
>
> What's special about the previous registration? Keep it
> simple and check it the name is already anywhere on the
> list and only add it if it's not already there. I don't
> see advantage to:
>
> % cat /sys/kernel/security/lsm
> capability,yama,spiffy,selinux,spiffy
>
> over
> % cat /sys/kernel/security/lsm
> capability,yama,spiffy,selinux
>

- if (lsm_append(lsm, &lsm_names) < 0)
+ if (lsm && lsm_append(lsm, &lsm_names) < 0)

in security_add_hooks()?

Next message: Mike Galbraith: "Re: [patch] timer: Fix timers_update_migration(), and call it in tmigr_init()"
Previous message: Andy Lutomirski: "Re: new ...at() flag: AT_NO_JUMPS"
In reply to: Casey Schaufler: "Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM"
Next in thread: MickaÃl SalaÃn: "Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]