| Message ID | 20250409185019.238841-50-paul@paul-moore.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Rework the LSM initialization | expand |
On Wed, Apr 09, 2025 at 02:50:04PM -0400, Paul Moore wrote: > Signed-off-by: Paul Moore <paul@paul-moore.com> Reviewed-by: Kees Cook <kees@kernel.org>
On Wed, Apr 9, 2025 at 11:53 AM Paul Moore <paul@paul-moore.com> wrote: > > Signed-off-by: Paul Moore <paul@paul-moore.com> > --- > security/ipe/fs.c | 4 +--- > security/ipe/ipe.c | 1 + > security/ipe/ipe.h | 2 ++ > 3 files changed, 4 insertions(+), 3 deletions(-) > > diff --git a/security/ipe/fs.c b/security/ipe/fs.c > index 5b6d19fb844a..e4437c70ed3d 100644 > --- a/security/ipe/fs.c > +++ b/security/ipe/fs.c > @@ -187,7 +187,7 @@ static const struct file_operations enforce_fops = { > * Return: %0 on success. If an error occurs, the function will return > * the -errno. > */ > -static int __init ipe_init_securityfs(void) > +int __init ipe_init_securityfs(void) > { > int rc = 0; > struct ipe_policy *ap; > @@ -243,5 +243,3 @@ static int __init ipe_init_securityfs(void) > securityfs_remove(root); > return rc; > } > - > -fs_initcall(ipe_init_securityfs); > diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c > index 2426441181dc..71644748ed56 100644 > --- a/security/ipe/ipe.c > +++ b/security/ipe/ipe.c > @@ -95,4 +95,5 @@ DEFINE_LSM(ipe) = { > .id = &ipe_lsmid, > .init = ipe_init, > .blobs = &ipe_blobs, > + .initcall_fs = ipe_init_securityfs, > }; > diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h > index fb37513812dd..25cfdb8f0c20 100644 > --- a/security/ipe/ipe.h > +++ b/security/ipe/ipe.h > @@ -23,4 +23,6 @@ struct ipe_bdev *ipe_bdev(struct block_device *b); > struct ipe_inode *ipe_inode(const struct inode *inode); > #endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */ > > +int ipe_init_securityfs(void); > + > #endif /* _IPE_H */ > -- > 2.49.0 > I have run the ipe's testsuite and all passed. Tested-by: Fan Wu <wufan@kernel.org> Acked-by: Fan Wu <wufan@kernel.org>
On Mon, Apr 14, 2025 at 5:19 PM Fan Wu <wufan@kernel.org> wrote: > > On Wed, Apr 9, 2025 at 11:53 AM Paul Moore <paul@paul-moore.com> wrote: > > > > Signed-off-by: Paul Moore <paul@paul-moore.com> > > --- > > security/ipe/fs.c | 4 +--- > > security/ipe/ipe.c | 1 + > > security/ipe/ipe.h | 2 ++ > > 3 files changed, 4 insertions(+), 3 deletions(-) ... > I have run the ipe's testsuite and all passed. > > Tested-by: Fan Wu <wufan@kernel.org> > Acked-by: Fan Wu <wufan@kernel.org> Thanks Fan.
diff --git a/security/ipe/fs.c b/security/ipe/fs.c index 5b6d19fb844a..e4437c70ed3d 100644 --- a/security/ipe/fs.c +++ b/security/ipe/fs.c @@ -187,7 +187,7 @@ static const struct file_operations enforce_fops = { * Return: %0 on success. If an error occurs, the function will return * the -errno. */ -static int __init ipe_init_securityfs(void) +int __init ipe_init_securityfs(void) { int rc = 0; struct ipe_policy *ap; @@ -243,5 +243,3 @@ static int __init ipe_init_securityfs(void) securityfs_remove(root); return rc; } - -fs_initcall(ipe_init_securityfs); diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c index 2426441181dc..71644748ed56 100644 --- a/security/ipe/ipe.c +++ b/security/ipe/ipe.c @@ -95,4 +95,5 @@ DEFINE_LSM(ipe) = { .id = &ipe_lsmid, .init = ipe_init, .blobs = &ipe_blobs, + .initcall_fs = ipe_init_securityfs, }; diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h index fb37513812dd..25cfdb8f0c20 100644 --- a/security/ipe/ipe.h +++ b/security/ipe/ipe.h @@ -23,4 +23,6 @@ struct ipe_bdev *ipe_bdev(struct block_device *b); struct ipe_inode *ipe_inode(const struct inode *inode); #endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */ +int ipe_init_securityfs(void); + #endif /* _IPE_H */
Signed-off-by: Paul Moore <paul@paul-moore.com> --- security/ipe/fs.c | 4 +--- security/ipe/ipe.c | 1 + security/ipe/ipe.h | 2 ++ 3 files changed, 4 insertions(+), 3 deletions(-)