[PATCH] init/main.c: Do jump_label_init before early_security_init
KP Singh
kpsingh at kernel.org
Thu Aug 1 11:26:25 UTC 2024
On Thu, Aug 1, 2024 at 10:34 AM Peter Zijlstra <peterz at infradead.org> wrote:
>
> On Wed, Jul 31, 2024 at 09:15:04PM -0400, Paul Moore wrote:
> > On Wed, Jul 31, 2024 at 5:34 PM KP Singh <kpsingh at kernel.org> wrote:
> > >
> > > LSM indirect calls being are now replaced by static calls, this requires
> > > a jumpt_table_init before early_security_init where LSM hooks and their
> > > static calls and keys are initialized.
> > >
> > > Fixes: 2732ad5ecd5b ("lsm: replace indirect LSM hook calls with static calls")
> > > Signed-off-by: KP Singh <kpsingh at kernel.org>
> > > ---
> > > init/main.c | 4 ++--
> > > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > Does this look okay, static call folks?
>
> Are we confused between jump_label/static_branch and static_call ?
Not confused, just rushed, from my side, we need both static_call_init
and jump_label_init() before early_security_init(). It fixes the error
for me but as you folks mentioned, we need to check with the arch
folks if this okay.
>
> > > diff --git a/init/main.c b/init/main.c
> > > index 206acdde51f5..5bd45af7a49e 100644
> > > --- a/init/main.c
> > > +++ b/init/main.c
> > > @@ -922,6 +922,8 @@ void start_kernel(void)
> > > boot_cpu_init();
> > > page_address_init();
> > > pr_notice("%s", linux_banner);
> > > + /* LSM and command line parameters use static keys */
> > > + jump_label_init();
> > > early_security_init();
> > > setup_arch(&command_line);
> > > setup_boot_config();
> > > @@ -933,8 +935,6 @@ void start_kernel(void)
> > > boot_cpu_hotplug_init();
> > >
> > > pr_notice("Kernel command line: %s\n", saved_command_line);
> > > - /* parameters may set static keys */
> > > - jump_label_init();
> > > parse_early_param();
> > > after_dashes = parse_args("Booting kernel",
> > > static_command_line, __start___param,
> > > --
> > > 2.46.0.rc2.264.g509ed76dc8-goog
> >
> > --
> > paul-moore.com
More information about the Linux-security-module-archive
mailing list