xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

LSM: Lift LSM selection out of individual LSMs

Browse Source 
As a prerequisite to adjusting LSM selection logic in the future, this
moves the selection logic up out of the individual major LSMs, making
their init functions only run when actually enabled. This considers all
LSMs enabled by default unless they specified an external "enable"
variable.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Kees Cook
2018-09-13 23:17:50 -07:00
parent c5459b829b
commit f4941d75b9
6 changed files with 73 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
security/smack/smack_lsm.c
View File

@@ -4762,9 +4762,6 @@ static __init int smack_init(void)
struct cred *cred;
struct task_smack *tsp;
if (!security_module_enable("smack"))
return 0;
smack_inode_cache = KMEM_CACHE(inode_smack, 0);
if (!smack_inode_cache)
return -ENOMEM;