[PATCH v15 3/4] lsm: count the LSMs enabled at compile time
Paul Moore
paul at paul-moore.com
Tue Aug 20 04:39:09 UTC 2024
On Fri, Aug 16, 2024 at 11:43 AM KP Singh <kpsingh at kernel.org> wrote:
>
> These macros are a clever trick to determine a count of the number of
> LSMs that are enabled in the config to ascertain the maximum number of
> static calls that need to be configured per LSM hook.
>
> Without this one would need to generate static calls for the total
> number of LSMs in the kernel (even if they are not compiled) times the
> number of LSM hooks which ends up being quite wasteful.
>
> Suggested-by: Kui-Feng Lee <sinquersw at gmail.com>
> Suggested-by: Andrii Nakryiko <andrii at kernel.org>
> Acked-by: Song Liu <song at kernel.org>
> Acked-by: Andrii Nakryiko <andrii at kernel.org>
> Reviewed-by: Kees Cook <keescook at chromium.org>
> Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>
> Signed-off-by: KP Singh <kpsingh at kernel.org>
> Reviewed-by: John Johansen <john.johansen at canonical.com>
> [PM: subj tweaks]
> Signed-off-by: Paul Moore <paul at paul-moore.com>
For future reference, it's fine to grab the commits that I previously
merged into the lsm/dev branch to use as a base, but you should
probably drop the merge edit notes (the stuff in the braces) when you
(re)post the patches.
> include/linux/args.h | 6 +-
> include/linux/lsm_count.h | 128 ++++++++++++++++++++++++++++++++++++++
> 2 files changed, 131 insertions(+), 3 deletions(-)
> create mode 100644 include/linux/lsm_count.h
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list