[PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM
Tetsuo Handa
penguin-kernel at I-love.SAKURA.ne.jp
Sun Apr 30 02:11:41 UTC 2017
Casey Schaufler wrote:
> On 4/29/2017 12:02 PM, Mickael Salaun wrote:
> > Check if the registering LSM already registered hooks just before. This
> > enable to split hook declarations into multiple files without
> > registering multiple time the same LSM name, starting from commit
> > d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm").
>
> What's special about the previous registration? Keep it
> simple and check it the name is already anywhere on the
> list and only add it if it's not already there. I don't
> see advantage to:
>
> % cat /sys/kernel/security/lsm
> capability,yama,spiffy,selinux,spiffy
>
> over
> % cat /sys/kernel/security/lsm
> capability,yama,spiffy,selinux
>
- if (lsm_append(lsm, &lsm_names) < 0)
+ if (lsm && lsm_append(lsm, &lsm_names) < 0)
in security_add_hooks()?
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list