On Wed, 27 Feb 2008, David P. Quigley wrote: > +#ifdef CONFIG_SECURITY > +static inline void nfs_fattr_alloc(struct nfs_fattr *fattr, gfp_t flags) > +{ > + fattr->label = kzalloc(NFS4_MAXLABELLEN, flags); > + if (fattr->label == NULL) > + panic("Can't allocate security label."); > + fattr->label_len = NFS4_MAXLABELLEN; > +} A panic here seems like overkill, and also possibly a DoS vector. I suggest having the calling code handle the allocation failure gracefully. > + > +#define nfs_fattr_fini(fattr) _nfs_fattr_fini(fattr, __FILE__, __LINE__, __func__) > +static inline void _nfs_fattr_fini(struct nfs_fattr *fattr, > + const char *file, int line, const char *func) > +{ > + if ((fattr)->label == NULL) { > + if (fattr->label_len != 0) { > + printk(KERN_WARNING > + "%s:%d %s() nfs_fattr label available (%d)\n", > + file, line, func, > + fattr->label_len); > + } > + } else { > + if (fattr->label_len == NFS4_MAXLABELLEN) > + printk(KERN_WARNING > + "%s:%d %s() nfs_fattr label unused\n", > + file, line, func); > + else if (fattr->label_len != (strlen(fattr->label) + 1)) > + printk(KERN_WARNING > + "%s:%d %s() nfs_fattr label size mismatch (label_len %d, strlen %d)\n", > + file, line, func, > + fattr->label_len, strlen(fattr->label) + 1); > + > + kfree(fattr->label); > + fattr->label = NULL; > + fattr->label_len = 0; > + } > +} > +#else > +#define nfs_fattr_alloc(fattr, flags) > +#define nfs_fattr_fini(fattr) > +#endif Perhaps introduce a debug configuration option for this code. - James -- James Morris <jmorris@xxxxxxxxx> - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html