Re: [PATCH security-next v3 07/29] LSM: Convert security_initcall() into DEFINE_LSM()
From: John Johansen <john.johansen@canonical.com>
Date: 2018-10-01 21:12:25
Also in:
linux-arch, linux-security-module, lkml, selinux
On 09/24/2018 05:18 PM, Kees Cook wrote:
quoted hunk ↗ jump to hunk
Instead of using argument-based initializers, switch to defining the contents of struct lsm_info on a per-LSM basis. This also drops the final use of the now inaccurate "initcall" naming. Cc: John Johansen <john.johansen@canonical.com> Cc: James Morris <jmorris@namei.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <redacted> Cc: Casey Schaufler <casey@schaufler-ca.com> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Mimi Zohar <redacted> Cc: linux-security-module@vger.kernel.org Cc: selinux@tycho.nsa.gov Signed-off-by: Kees Cook <redacted> --- include/linux/lsm_hooks.h | 6 ++++-- security/apparmor/lsm.c | 4 +++- security/integrity/iint.c | 4 +++- security/selinux/hooks.c | 4 +++- security/smack/smack_lsm.c | 4 +++- security/tomoyo/tomoyo.c | 4 +++- 6 files changed, 19 insertions(+), 7 deletions(-)diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index ad04761e5587..02ec717189f9 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h@@ -2045,11 +2045,13 @@ struct lsm_info { extern struct lsm_info __start_lsm_info[], __end_lsm_info[]; -#define security_initcall(lsm) \ +#define DEFINE_LSM(lsm) \ static struct lsm_info __lsm_##lsm \ __used __section(.lsm_info.init) \ __aligned(sizeof(unsigned long)) \ - = { .init = lsm, } + = { \ + +#define END_LSM }
I am with Tetsuo on this one, I really don't like the END_LSM thing.