lsm_pr_dbg("enabling LSM %s:%s\n", src, lsm->id->name);
}
+/**
+ * lsm_order_parse - Parse the comma delimited LSM list
+ * @list: LSM list
+ * @src: source of the list
+ */
+static void __init lsm_order_parse(const char *list, const char *src)
+{
+ struct lsm_info *lsm;
+ char *sep, *name, *next;
+
+ /* Handle any Legacy LSM exclusions if one was specified. */
+ if (lsm_order_legacy) {
+ /*
+ * To match the original "security=" behavior, this explicitly
+ * does NOT fallback to another Legacy Major if the selected
+ * one was separately disabled: disable all non-matching
+ * Legacy Major LSMs.
+ */
+ lsm_for_each_raw(lsm) {
+ if ((lsm->flags & LSM_FLAG_LEGACY_MAJOR) &&
+ strcmp(lsm->id->name, lsm_order_legacy)) {
+ lsm_enabled_set(lsm, false);
+ lsm_pr_dbg("skip legacy LSM conflict %s:%s\n",
+ src, lsm->id->name);
+ }
+ }
+ }
+
+ /* LSM_ORDER_FIRST */
+ lsm_for_each_raw(lsm) {
+ if (lsm->order == LSM_ORDER_FIRST)
+ lsm_order_append(lsm, "first");
+ }
+
+ /* Normal or "mutable" LSMs */
+ sep = kstrdup(list, GFP_KERNEL);
+ next = sep;
+ /* Walk the list, looking for matching LSMs. */
+ while ((name = strsep(&next, ",")) != NULL) {
+ lsm_for_each_raw(lsm) {
+ if (!strcmp(lsm->id->name, name) &&
+ lsm->order == LSM_ORDER_MUTABLE)
+ lsm_order_append(lsm, src);
+ }
+ }
+ kfree(sep);
+
+ /* Legacy LSM if specified. */
+ if (lsm_order_legacy) {
+ lsm_for_each_raw(lsm) {
+ if (!strcmp(lsm->id->name, lsm_order_legacy))
+ lsm_order_append(lsm, src);
+ }
+ }
+
+ /* LSM_ORDER_LAST */
+ lsm_for_each_raw(lsm) {
+ if (lsm->order == LSM_ORDER_LAST)
+ lsm_order_append(lsm, "last");
+ }
+
+ /* Disable all LSMs not previously enabled. */
+ lsm_for_each_raw(lsm) {
+ if (lsm_order_exists(lsm))
+ continue;
+ lsm_enabled_set(lsm, false);
+ lsm_pr_dbg("skip disabled LSM %s:%s\n", src, lsm->id->name);
+ }
+}
+
/**
* lsm_blob_size_update - Update the LSM blob size and offset information
* @sz_req: the requested additional blob size
WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret);
}
-/**
- * lsm_order_parse - Parse the comma delimited LSM list
- * @list: LSM list
- * @src: source of the list
- */
-static void __init lsm_order_parse(const char *list, const char *src)
-{
- struct lsm_info *lsm;
- char *sep, *name, *next;
-
- /* Handle any Legacy LSM exclusions if one was specified. */
- if (lsm_order_legacy) {
- /*
- * To match the original "security=" behavior, this explicitly
- * does NOT fallback to another Legacy Major if the selected
- * one was separately disabled: disable all non-matching
- * Legacy Major LSMs.
- */
- lsm_for_each_raw(lsm) {
- if ((lsm->flags & LSM_FLAG_LEGACY_MAJOR) &&
- strcmp(lsm->id->name, lsm_order_legacy)) {
- lsm_enabled_set(lsm, false);
- lsm_pr_dbg("skip legacy LSM conflict %s:%s\n",
- src, lsm->id->name);
- }
- }
- }
-
- /* LSM_ORDER_FIRST */
- lsm_for_each_raw(lsm) {
- if (lsm->order == LSM_ORDER_FIRST)
- lsm_order_append(lsm, "first");
- }
-
- /* Normal or "mutable" LSMs */
- sep = kstrdup(list, GFP_KERNEL);
- next = sep;
- /* Walk the list, looking for matching LSMs. */
- while ((name = strsep(&next, ",")) != NULL) {
- lsm_for_each_raw(lsm) {
- if (!strcmp(lsm->id->name, name) &&
- lsm->order == LSM_ORDER_MUTABLE)
- lsm_order_append(lsm, src);
- }
- }
- kfree(sep);
-
- /* Legacy LSM if specified. */
- if (lsm_order_legacy) {
- lsm_for_each_raw(lsm) {
- if (!strcmp(lsm->id->name, lsm_order_legacy))
- lsm_order_append(lsm, src);
- }
- }
-
- /* LSM_ORDER_LAST */
- lsm_for_each_raw(lsm) {
- if (lsm->order == LSM_ORDER_LAST)
- lsm_order_append(lsm, "last");
- }
-
- /* Disable all LSMs not previously enabled. */
- lsm_for_each_raw(lsm) {
- if (lsm_order_exists(lsm))
- continue;
- lsm_enabled_set(lsm, false);
- lsm_pr_dbg("skip disabled LSM %s:%s\n", src, lsm->id->name);
- }
-}
-
/**
* lsm_static_call_init - Initialize a LSM's static calls
* @hl: LSM hook list
projects / thirdparty / kernel / linux.git / commitdiff
