[RFC PATCH 18/29] loadpin: move initcalls to the LSM framework
Paul Moore
paul at paul-moore.com
Wed Apr 9 18:50:03 UTC 2025
Signed-off-by: Paul Moore <paul at paul-moore.com>
---
security/loadpin/loadpin.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
index b9ddf05c5c16..273ffbd6defe 100644
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
@@ -270,11 +270,6 @@ static int __init loadpin_init(void)
return 0;
}
-DEFINE_LSM(loadpin) = {
- .id = &loadpin_lsmid,
- .init = loadpin_init,
-};
-
#ifdef CONFIG_SECURITY_LOADPIN_VERITY
enum loadpin_securityfs_interface_index {
@@ -434,10 +429,16 @@ static int __init init_loadpin_securityfs(void)
return 0;
}
-fs_initcall(init_loadpin_securityfs);
-
#endif /* CONFIG_SECURITY_LOADPIN_VERITY */
+DEFINE_LSM(loadpin) = {
+ .id = &loadpin_lsmid,
+ .init = loadpin_init,
+#ifdef CONFIG_SECURITY_LOADPIN_VERITY
+ .initcall_fs = init_loadpin_securityfs,
+#endif /* CONFIG_SECURITY_LOADPIN_VERITY */
+};
+
/* Should not be mutable after boot, so not listed in sysfs (perm == 0). */
module_param(enforce, int, 0);
MODULE_PARM_DESC(enforce, "Enforce module/firmware pinning");
--
2.49.0
More information about the Linux-security-module-archive
mailing list