Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

loadpin: move initcalls to the LSM framework 

Acked-by: Kees Cook <kees@kernel.org>
Reviewed-by: John Johansen <john.johhansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore 2025-02-18 17:11:32 -05:00
parent cdc028812f
commit b0374e79a8
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
security/loadpin/loadpin.c
View File

@ -270,11 +270,6 @@ static int __init loadpin_init(void)
return 0; return 0;
} }
DEFINE_LSM(loadpin) = {
.id = &loadpin_lsmid,
.init = loadpin_init,
};
#ifdef CONFIG_SECURITY_LOADPIN_VERITY #ifdef CONFIG_SECURITY_LOADPIN_VERITY
enum loadpin_securityfs_interface_index { enum loadpin_securityfs_interface_index {
@ -434,10 +429,16 @@ static int __init init_loadpin_securityfs(void)
return 0; return 0;
} }
fs_initcall(init_loadpin_securityfs);
#endif /* CONFIG_SECURITY_LOADPIN_VERITY */ #endif /* CONFIG_SECURITY_LOADPIN_VERITY */
DEFINE_LSM(loadpin) = {
.id = &loadpin_lsmid,
.init = loadpin_init,
#ifdef CONFIG_SECURITY_LOADPIN_VERITY
.initcall_fs = init_loadpin_securityfs,
#endif /* CONFIG_SECURITY_LOADPIN_VERITY */
};
/* Should not be mutable after boot, so not listed in sysfs (perm == 0). */ /* Should not be mutable after boot, so not listed in sysfs (perm == 0). */
module_param(enforce, int, 0); module_param(enforce, int, 0);
MODULE_PARM_DESC(enforce, "Enforce module/firmware pinning"); MODULE_PARM_DESC(enforce, "Enforce module/firmware pinning");