[PATCH v3 2/5] security: Count the LSMs enabled at compile time
Kees Cook
keescook at chromium.org
Wed Sep 20 15:48:11 UTC 2023
On Mon, Sep 18, 2023 at 11:24:56PM +0200, KP Singh wrote:
> These macros are a clever trick to determine a count of the number of
> LSMs that are enabled in the config to ascertain the maximum number of
> static calls that need to be configured per LSM hook.
>
> Without this one would need to generate static calls for (number of
> possible LSMs * number of LSM hooks) which ends up being quite wasteful
> especially when some LSMs are not compiled into the kernel.
>
> Suggested-by: Kui-Feng Lee <sinquersw at gmail.com>
> Suggested-by: Andrii Nakryiko <andrii at kernel.org
> Signed-off-by: KP Singh <kpsingh at kernel.org>
I may extract this into a separate header in the future -- I have plans
to make strscpy() take a variable number of arguments. ;) Regardless,
for the LSM usage:
Reviewed-by: Kees Cook <keescook at chromium.org>
--
Kees Cook
More information about the Linux-security-module-archive
mailing list