[PATCH v3 2/5] security: Count the LSMs enabled at compile time
Song Liu
song at kernel.org
Thu Sep 21 20:59:44 UTC 2023
On Thu, Sep 21, 2023 at 1:41 AM KP Singh <kpsingh at kernel.org> wrote:
>
> On Wed, Sep 20, 2023 at 9:24 PM Kees Cook <keescook at chromium.org> wrote:
> >
> > On 9/18/2023 2:24 PM, KP Singh wrote:
> > > [...]
> > > +#define __COUNT_COMMAS(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, _10, _11, _12, _n, X...) _n
> > > +#define COUNT_COMMAS(a, X...) __COUNT_COMMAS(, ##X, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0)
> > > +#define ___COUNT_COMMAS(args...) COUNT_COMMAS(args)
> >
> > Oh! Oops, I missed that this _DOES_ already exist in Linux:
> >
> > cf14f27f82af ("macro: introduce COUNT_ARGS() macro")
> >
> > now in include/linux/args.h as COUNT_ARGS():
> >
> > #define __COUNT_ARGS(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, _10, _11, _12, _n, X...) _n
> > #define COUNT_ARGS(X...) __COUNT_ARGS(, ##X, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0)
> >
> > I think this can be refactored to use that?
Aha, I noticed the same thing when backporting the set to 6.4 for testing. (Some
dependency of this set uses args.h).
>
> Thanks, yeah I was able to do this with:
With this fixed:
Acked-by: Song Liu <song at kernel.org>
>
> diff --git a/include/linux/lsm_count.h b/include/linux/lsm_count.h
> index 0c0ff3c7dddc..969b6bf60718 100644
> --- a/include/linux/lsm_count.h
> +++ b/include/linux/lsm_count.h
> @@ -7,7 +7,7 @@
> #ifndef __LINUX_LSM_COUNT_H
> #define __LINUX_LSM_COUNT_H
>
> -#include <linux/kconfig.h>
> +#include <linux/args.h>
>
> #ifdef CONFIG_SECURITY
>
> @@ -79,13 +79,15 @@
> #endif
>
>
> -#define __COUNT_COMMAS(_0, _1, _2, _3, _4, _5, _6, _7, _8, _9, _10,
> _11, _12, _n, X...) >
> -#define COUNT_COMMAS(a, X...) __COUNT_COMMAS(, ##X, 12, 11, 10, 9, 8,
> 7, 6, 5, 4, 3, 2, >
> -#define ___COUNT_COMMAS(args...) COUNT_COMMAS(args)
> -
> +/*
> + * There is a trailing comma that we need to be accounted for. This is done by
> + * using a skipped argument in __COUNT_LSMS
> + */
> +#define __COUNT_LSMS(skipped_arg, args...) COUNT_ARGS(args)
> +#define COUNT_LSMS(args...) __COUNT_LSMS(args)
>
> #define MAX_LSM_COUNT \
> - ___COUNT_COMMAS( \
> + COUNT_LSMS( \
> CAPABILITIES_ENABLED \
> SELINUX_ENABLED \
> SMACK_ENABLED \
>
>
>
> >
> > -Kees
> >
> > --
> > Kees Cook
> >
More information about the Linux-security-module-archive
mailing list