init/main.c: Initialize early LSMs after arch code, static keys and calls.

With LSMs using static calls and static keys, early_lsm_init needs to
wait for setup_arch for architecture specific functionality which
includes jump tables and static calls to be initialized.

Since not all architectures call jump_table_init in setup_arch,
explicitly call both jump_table_init and static_call_init before
early_security_init.

This only affects "early LSMs" i.e. only lockdown when
CONFIG_SECURITY_LOCKDOWN_LSM_EARLY is set.

Tested-by: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: KP Singh <kpsingh@kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/init/main.c b/init/main.c
index 206acdde51f5a9bec1b7d430ca6701d429a439b8..c4778edae7972f512d5eefe8400075ac35a70d1c 100644 (file)
--- a/init/main.c
+++ b/init/main.c
@@ -922,8 +922,11 @@ void start_kernel(void)
        boot_cpu_init();
        page_address_init();
        pr_notice("%s", linux_banner);
-       early_security_init();
        setup_arch(&command_line);
+       /* Static keys and static calls are needed by LSMs */
+       jump_label_init();
+       static_call_init();
+       early_security_init();
        setup_boot_config();
        setup_command_line(command_line);
        setup_nr_cpu_ids();
@@ -934,7 +937,6 @@ void start_kernel(void)
 
        pr_notice("Kernel command line: %s\n", saved_command_line);
        /* parameters may set static keys */
-       jump_label_init();
        parse_early_param();
        after_dashes = parse_args("Booting kernel",
                                  static_command_line, __start___param,