[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 3/5] Allow runtime registration of LSM modules.



Allow TOMOYO (and other future LSM modules) to register after init process
starts.

Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
---
 include/linux/security.h |    2 +-
 security/capability.c    |    2 +-
 security/security.c      |    5 +++--
 3 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/include/linux/security.h b/include/linux/security.h
index 14e394d..5d2435d 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1659,7 +1659,7 @@ struct security_operations {
 extern int security_init(void);
 extern int security_module_enable(struct security_operations *ops);
 extern int register_security(struct security_operations *ops);
-extern void __init security_fixup_ops(struct security_operations *ops);
+extern void security_fixup_ops(struct security_operations *ops);
 
 
 /* Security operations */
diff --git a/security/capability.c b/security/capability.c
index 61095df..28799f2 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -875,7 +875,7 @@ static void cap_audit_rule_free(void *lsmrule)
 			}						\
 	} while (0)
 
-void __init security_fixup_ops(struct security_operations *ops)
+void security_fixup_ops(struct security_operations *ops)
 {
 	set_to_cap_if_null(ops, ptrace_access_check);
 	set_to_cap_if_null(ops, ptrace_traceme);
diff --git a/security/security.c b/security/security.c
index d23b435..9bcf949 100644
--- a/security/security.c
+++ b/security/security.c
@@ -37,7 +37,7 @@ static struct security_operations default_security_ops = {
 	.name	= "default",
 };
 
-static inline int __init verify(struct security_operations *ops)
+static inline int verify(struct security_operations *ops)
 {
 	/* verify the security_operations structure exists */
 	if (!ops)
@@ -116,7 +116,7 @@ int __init security_module_enable(struct security_operations *ops)
  * If there is already a security module registered with the kernel,
  * an error will be returned.  Otherwise %0 is returned on success.
  */
-int __init register_security(struct security_operations *ops)
+int register_security(struct security_operations *ops)
 {
 	if (verify(ops)) {
 		printk(KERN_DEBUG "%s could not verify "
@@ -131,6 +131,7 @@ int __init register_security(struct security_operations *ops)
 
 	return 0;
 }
+EXPORT_SYMBOL_GPL(register_security);
 
 /* Security operations */
 
-- 
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]

Powered by Linux