[PATCH v3 2/5] security: Count the LSMs enabled at compile time
KP Singh
kpsingh at kernel.org
Thu Sep 21 08:41:00 UTC 2023
On Wed, Sep 20, 2023 at 9:24 PM Kees Cook <keescook at chromium.org> wrote:
>
> On 9/18/2023 2:24 PM, KP Singh wrote:
> > [...]
> > +#define __COUNT_COMMAS(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, _10, _11, _12, _n, X...) _n
> > +#define COUNT_COMMAS(a, X...) __COUNT_COMMAS(, ##X, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0)
> > +#define ___COUNT_COMMAS(args...) COUNT_COMMAS(args)
>
> Oh! Oops, I missed that this _DOES_ already exist in Linux:
>
> cf14f27f82af ("macro: introduce COUNT_ARGS() macro")
>
> now in include/linux/args.h as COUNT_ARGS():
>
> #define __COUNT_ARGS(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, _10, _11, _12, _n, X...) _n
> #define COUNT_ARGS(X...) __COUNT_ARGS(, ##X, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0)
>
> I think this can be refactored to use that?
Thanks, yeah I was able to do this with:
diff --git a/include/linux/lsm_count.h b/include/linux/lsm_count.h
index 0c0ff3c7dddc..969b6bf60718 100644
--- a/include/linux/lsm_count.h
+++ b/include/linux/lsm_count.h
@@ -7,7 +7,7 @@
#ifndef __LINUX_LSM_COUNT_H
#define __LINUX_LSM_COUNT_H
-#include <linux/kconfig.h>
+#include <linux/args.h>
#ifdef CONFIG_SECURITY
@@ -79,13 +79,15 @@
#endif
-#define __COUNT_COMMAS(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, _10,
_11, _12, _n, X...) >
-#define COUNT_COMMAS(a, X...) __COUNT_COMMAS(, ##X, 12, 11, 10, 9, 8,
7, 6, 5, 4, 3, 2, >
-#define ___COUNT_COMMAS(args...) COUNT_COMMAS(args)
-
+/*
+ * There is a trailing comma that we need to be accounted for. This is done by
+ * using a skipped argument in __COUNT_LSMS
+ */
+#define __COUNT_LSMS(skipped_arg, args...) COUNT_ARGS(args)
+#define COUNT_LSMS(args...) __COUNT_LSMS(args)
#define MAX_LSM_COUNT \
- ___COUNT_COMMAS( \
+ COUNT_LSMS( \
CAPABILITIES_ENABLED \
SELINUX_ENABLED \
SMACK_ENABLED \
>
> -Kees
>
> --
> Kees Cook
>
More information about the Linux-security-module-archive
mailing list