[PATCH v3 25/34] ipe: move initcalls to the LSM framework
John Johansen
john.johansen at canonical.com
Tue Sep 2 17:52:54 UTC 2025
On 8/14/25 15:50, Paul Moore wrote:
> Reviewed-by: Kees Cook <kees at kernel.org>
> Tested-by: Fan Wu <wufan at kernel.org>
> Acked-by: Fan Wu <wufan at kernel.org>
> Signed-off-by: Paul Moore <paul at paul-moore.com>
Reviewed-by: John Johansen <john.johansen at canonical.com>
> ---
> security/ipe/fs.c | 4 +---
> security/ipe/ipe.c | 1 +
> security/ipe/ipe.h | 2 ++
> 3 files changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/security/ipe/fs.c b/security/ipe/fs.c
> index 0bb9468b8026..076c111c85c8 100644
> --- a/security/ipe/fs.c
> +++ b/security/ipe/fs.c
> @@ -193,7 +193,7 @@ static const struct file_operations enforce_fops = {
> * Return: %0 on success. If an error occurs, the function will return
> * the -errno.
> */
> -static int __init ipe_init_securityfs(void)
> +int __init ipe_init_securityfs(void)
> {
> int rc = 0;
> struct ipe_policy *ap;
> @@ -244,5 +244,3 @@ static int __init ipe_init_securityfs(void)
> securityfs_remove(root);
> return rc;
> }
> -
> -fs_initcall(ipe_init_securityfs);
> diff --git a/security/ipe/ipe.c b/security/ipe/ipe.c
> index 2426441181dc..71644748ed56 100644
> --- a/security/ipe/ipe.c
> +++ b/security/ipe/ipe.c
> @@ -95,4 +95,5 @@ DEFINE_LSM(ipe) = {
> .id = &ipe_lsmid,
> .init = ipe_init,
> .blobs = &ipe_blobs,
> + .initcall_fs = ipe_init_securityfs,
> };
> diff --git a/security/ipe/ipe.h b/security/ipe/ipe.h
> index fb37513812dd..25cfdb8f0c20 100644
> --- a/security/ipe/ipe.h
> +++ b/security/ipe/ipe.h
> @@ -23,4 +23,6 @@ struct ipe_bdev *ipe_bdev(struct block_device *b);
> struct ipe_inode *ipe_inode(const struct inode *inode);
> #endif /* CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG */
>
> +int ipe_init_securityfs(void);
> +
> #endif /* _IPE_H */
More information about the Linux-security-module-archive
mailing list