Index: lsm.c
===================================================================
--- lsm.c	(revision 425)
+++ lsm.c	(working copy)
@@ -451,6 +451,29 @@
 }
 
 /**
+ * ccs_bprm_alloc_security - Allocate memory for "struct linux_binprm".
+ *
+ * @bprm: Pointer to "struct linux_binprm".
+ *
+ * Returns 0 on success, negative value otherwise.
+ */
+static int ccs_bprm_alloc_security(struct linux_binprm *bprm)
+{
+	int rc;
+	while (!original_security_ops.bprm_alloc_security);
+	rc = original_security_ops.bprm_alloc_security(bprm);
+	if (bprm->security || rc)
+		return rc;
+	/*
+	 * Set bprm->security to non-NULL so that security_bprm_free() will be
+	 * always called. This trick assumes that active LSM module does not
+	 * access bprm->security without allocating memory.
+	 */
+	bprm->security = ZERO_SIZE_PTR;
+	return 0;
+}
+
+/**
  * ccs_bprm_free_security - Release memory for "struct linux_binprm".
  *
  * @bprm: Pointer to "struct linux_binprm".
@@ -2906,6 +2929,7 @@
 #else
 	swap_security_ops(task_alloc_security);
 	swap_security_ops(task_free_security);
+	swap_security_ops(bprm_alloc_security);
 	swap_security_ops(bprm_free_security);
 #endif
 	/* Security context updater for successful execve(). */
