[PATCH bpf-next v5 2/7] security: Refactor declaration of LSM hooks
Andrii Nakryiko
andrii.nakryiko at gmail.com
Mon Mar 23 19:56:37 UTC 2020
On Mon, Mar 23, 2020 at 9:45 AM KP Singh <kpsingh at chromium.org> wrote:
>
> From: KP Singh <kpsingh at google.com>
>
> The information about the different types of LSM hooks is scattered
> in two locations i.e. union security_list_options and
> struct security_hook_heads. Rather than duplicating this information
> even further for BPF_PROG_TYPE_LSM, define all the hooks with the
> LSM_HOOK macro in lsm_hook_names.h which is then used to generate all
> the data structures required by the LSM framework.
>
> Signed-off-by: KP Singh <kpsingh at google.com>
> Reviewed-by: Brendan Jackman <jackmanb at google.com>
> Reviewed-by: Florent Revest <revest at google.com>
> ---
> include/linux/lsm_hook_names.h | 354 +++++++++++++++++++
> include/linux/lsm_hooks.h | 622 +--------------------------------
> 2 files changed, 360 insertions(+), 616 deletions(-)
> create mode 100644 include/linux/lsm_hook_names.h
>
> diff --git a/include/linux/lsm_hook_names.h b/include/linux/lsm_hook_names.h
> new file mode 100644
> index 000000000000..412e4ca24c9b
> --- /dev/null
> +++ b/include/linux/lsm_hook_names.h
It's not really just hook names, it's full hook definitions, no? So
lsm_hook_defs.h seems a bit more appropriate. Just for consideration,
not that I care that strongly :)
[...]
More information about the Linux-security-module-archive
mailing list