[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: free inode security blob

To: tongcd <tongcd@21cn.com>
Subject: Re: free inode security blob
From: Chris Wright <chris@wirex.com>
Date: Fri, 7 Dec 2001 08:45:07 -0800
Cc: kernelnewbies@nl.linux.org, linux-security-module@wirex.com
In-Reply-To: <20011207003953.A25554@figure1.int.wirex.com>; from chris@wirex.com on Fri, Dec 07, 2001 at 12:39:53AM -0800
List-archive: <http://mail.nl.linux.org/kernelnewbies/>
List-help: <mailto:listar@nl.linux.org?Subject=help>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:kernelnewbies@nl.linux.org>
List-software: Listar version 1.0.0
List-subscribe: <mailto:kernelnewbies-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:kernelnewbies-request@nl.linux.org?Subject=unsubscribe>
Original-Recipient: rfc822;kernelnewbies-archive@nl.linux.org
References: <000501c17ecf$c0459440$d7353cda@a> <20011207003953.A25554@figure1.int.wirex.com>
Sender: kernelnewbies-bounce@nl.linux.org
User-Agent: Mutt/1.2.5i

(sorry, i mean to include the lsm list on the last reply).
tongcd, you may also find useful lsm help on the lsm list.

* Chris Wright (chris@wirex.com) wrote:
> * tongcd (tongcd@21cn.com) wrote:
> > Could anybody give me some hint about the following question?  Thanks
> > 1.  I use linux security module to alloc a security blob to each inode, but when
> >     i want to cleanup the module ,i decide to free these alloced memory from inode struct,i want to travel through inode_in_use ,inode_unused,sb->s_dirty and sb->s_locked_inode ,but these are all static varieble,where is no way to use it in lsm module,could it be other ways to do it?
> 
> lsm attempts to make the minimal changes to the kernel required to
> meet its requirements.  so static lists like you've mentioned have
> not been exported just for lsm.  the proper way to handle this is to
> maintain your own list in your module of the allocations you've made.
> during the module_exit code, you can traverse these lists, and clean up
> after yourself.  see the SELinux module for a good example of how to
> handle this.  honestly, many lsm modules are coded with the intention
> that they will not be removed until the machine is being rebooted, and
> since lsm can control module unloading, this is not necessarily a bogus
> assumption.
> 
> > why dte not do it?
> 
> i'm sure serge would accept patches ;-)
> 
> > 2.   iget4 call find_inode to find establishing inode linked in i_hash,(these inode all in inode_in_used and inode_unused links??)why iget call get_new_inode which use find_inode for a second time? If this question has post before,i am sorry.
> 
> it is possible for an inode to not be in hash.  so the first attempt
> at find_inode in iget4 could fail.  notice find_inode must be called
> with lock, so get_new_inode (which is called after the search failed,
> and the lock is released) must re-obtain the lock and re-check the hash.
> 

-chris
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
IRC Channel:   irc.openprojects.net / #kernelnewbies
Web Page:      http://www.kernelnewbies.org/

References:
- free inode security blob
  - From: "tongcd" <tongcd@21cn.com>
- Re: free inode security blob
  - From: Chris Wright <chris@wirex.com>

Prev by Date: Re: free inode security blob
Next by Date: Re: Copy_to_user/copy_from_user
Prev by thread: Re: free inode security blob
Next by thread: copy to user and vice versa
Index(es):
- Date
- Thread