[PATCH v5 2/5] security: Count the LSMs enabled at compile time

Kees Cook keescook at chromium.org
Fri Sep 29 00:37:02 UTC 2023


On Thu, Sep 28, 2023 at 10:24:07PM +0200, KP Singh wrote:
> These macros are a clever trick to determine a count of the number of
> LSMs that are enabled in the config to ascertain the maximum number of
> static calls that need to be configured per LSM hook.
> 
> Without this one would need to generate static calls for the total
> number of LSMs in the kernel (even if they are not compiled) times the
> number of LSM hooks which ends up being quite wasteful.
> 
> Suggested-by: Kui-Feng Lee <sinquersw at gmail.com>
> Suggested-by: Andrii Nakryiko <andrii at kernel.org>
> Acked-by: Song Liu <song at kernel.org>
> Signed-off-by: KP Singh <kpsingh at kernel.org>

Thanks for doing the refactor with the existing macro!

Reviewed-by: Kees Cook <keescook at chromium.org>

-- 
Kees Cook



More information about the Linux-security-module-archive mailing list