[RFC PATCH 08/29] lsm: get rid of the lsm_names list and do some cleanup

Fri Apr 11 02:15:31 UTC 2025

On Thu, Apr 10, 2025 at 06:47:12PM -0400, Paul Moore wrote:
> On Wed, Apr 9, 2025 at 7:13 PM Kees Cook <kees at kernel.org> wrote:
> > Better yet, do this whole thing in a initcall after LSMs are loaded, and
> > both can gain __ro_after_init...
> 
> I *really* disliked all the stuff we were having to do during boot,
> and all the redundant global state we were keeping around.  I'll go
> ahead and cache the lsm_read() result local to the function but that's
> probably all I'm going to accept at this point in time.

Oh, for sure. I love that all that can get thrown away. I mean literally
copy/paste what you have in lsm_read() and stick it immediately before
the "lsms are done loading" notifier. Then it only needs to be done
once, it's impossible to race, etc.

-- 
Kees Cook