[RFC PATCH 07/29] lsm: rework lsm_active_cnt and lsm_idlist[]

Wed Apr 9 23:06:04 UTC 2025

On Wed, Apr 09, 2025 at 02:49:52PM -0400, Paul Moore wrote:
> Move the LSM count and lsm_id list declarations out of a header that is
> visible across the kernel and into a header that is limited to the LSM
> framework.  This not only helps keep the include/linux headers smaller
> and cleaner, it helps prevent misuse of these variables.

Yay for private headers!

> During the move, lsm_active_cnt was renamed to lsm_count for the sake
> of brevity.

I would echo Casey's comment. Other places deal with a count based on
the compile-in count of "all" LSMs. This one is for the active list.
If you really want two words, perhaps "lsms_active"?

> 
> Signed-off-by: Paul Moore <paul at paul-moore.com>
> ---
>  include/linux/security.h | 2 --
>  security/lsm.h           | 5 +++++
>  security/lsm_init.c      | 8 +-------
>  security/lsm_syscalls.c  | 8 +++++---
>  security/security.c      | 3 +++
>  5 files changed, 14 insertions(+), 12 deletions(-)
> 
> diff --git a/include/linux/security.h b/include/linux/security.h
> index cc9b54d95d22..8aac21787a9f 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -167,8 +167,6 @@ struct lsm_prop {
>  };
>  
>  extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];
> -extern u32 lsm_active_cnt;
> -extern const struct lsm_id *lsm_idlist[];
>  
>  /* These functions are in security/commoncap.c */
>  extern int cap_capable(const struct cred *cred, struct user_namespace *ns,
> diff --git a/security/lsm.h b/security/lsm.h
> index 0e1731bad4a7..af343072199d 100644
> --- a/security/lsm.h
> +++ b/security/lsm.h
> @@ -7,6 +7,11 @@
>  #define _LSM_H_
>  
>  #include <linux/lsm_hooks.h>
> +#include <linux/lsm_count.h>
> +
> +/* List of configured LSMs */
> +extern unsigned int lsm_count;
> +extern const struct lsm_id *lsm_idlist[];
>  
>  /* LSM blob configuration */
>  extern struct lsm_blob_sizes blob_sizes;
> diff --git a/security/lsm_init.c b/security/lsm_init.c
> index edf2f4140eaa..981ddb20f48e 100644
> --- a/security/lsm_init.c
> +++ b/security/lsm_init.c
> @@ -22,8 +22,8 @@ static __initdata const char *lsm_order_cmdline;
>  static __initdata const char *lsm_order_legacy;
>  
>  /* Ordered list of LSMs to initialize. */
> -static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1];
>  static __initdata struct lsm_info *lsm_exclusive;
> +static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1];

I don't care either way, but why re-order these? Just local reverse
xmas-tree?

-- 
Kees Cook