[PATCH 1/1] always security_msg_alloc before security_msg_restore
Serge E. Hallyn
serue at us.ibm.com
Tue Mar 2 11:13:36 PST 2010
Signed-off-by: Serge E. Hallyn <serue at us.ibm.com>
---
ipc/checkpoint_msg.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/ipc/checkpoint_msg.c b/ipc/checkpoint_msg.c
index 0155c20..594580f 100644
--- a/ipc/checkpoint_msg.c
+++ b/ipc/checkpoint_msg.c
@@ -231,6 +231,12 @@ static struct msg_msg *restore_msg_contents_one(struct ckpt_ctx *ctx, int *clen)
msg->next = NULL;
pseg = &msg->next;
+ /* set default MAC attributes */
+ ret = security_msg_msg_alloc(msg);
+ if (ret < 0)
+ goto out;
+
+ /* if requested and allowed, reset checkpointed MAC attributes */
ret = security_restore_obj(ctx, (void *) msg, CKPT_SECURITY_MSG_MSG,
h->sec_ref);
if (ret < 0)
@@ -261,7 +267,6 @@ static struct msg_msg *restore_msg_contents_one(struct ckpt_ctx *ctx, int *clen)
msg->m_type = h->m_type;
msg->m_ts = h->m_ts;
*clen = h->m_ts;
- ret = security_msg_msg_alloc(msg);
out:
if (ret < 0 && msg) {
free_msg(msg);
--
1.6.0.6
More information about the Containers
mailing list