[PATCH v4 20/34] lsm: cleanup the debug and console output in lsm_init.c
Paul Moore
paul at paul-moore.com
Thu Sep 18 15:54:23 UTC 2025
On Thu, Sep 18, 2025 at 11:51 AM Mimi Zohar <zohar at linux.ibm.com> wrote:
> On Tue, 2025-09-16 at 18:03 -0400, Paul Moore wrote:
> > Move away from an init specific init_debug() macro to a more general
> > lsm_pr()/lsm_pr_cont()/lsm_pr_dbg() set of macros that are available
> > both before and after init. In the process we do a number of minor
> > changes to improve the LSM initialization output and cleanup the code
> > somewhat.
> >
> > Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>
> > Reviewed-by: John Johansen <john.johhansen at canonical.com>
> > Signed-off-by: Paul Moore <paul at paul-moore.com>
> > ---
> > security/lsm.h | 11 ++++
> > security/lsm_init.c | 123 +++++++++++++++++++-------------------------
> > security/security.c | 2 +
> > 3 files changed, 66 insertions(+), 70 deletions(-)
> >
> > diff --git a/security/lsm.h b/security/lsm.h
> > index dbe755c45e57..8dc267977ae0 100644
> > --- a/security/lsm.h
> > +++ b/security/lsm.h
> > @@ -6,9 +6,20 @@
> > #ifndef _LSM_H_
> > #define _LSM_H_
> >
> > +#include <linux/printk.h>
> > #include <linux/lsm_hooks.h>
> > #include <linux/lsm_count.h>
> >
> > +/* LSM debugging */
> > +extern bool lsm_debug;
> > +#define lsm_pr(...) pr_info(__VA_ARGS__)
> > +#define lsm_pr_cont(...) pr_cont(__VA_ARGS__)
> > +#define lsm_pr_dbg(...)
> >
> > \
> > + do { \
> > + if (lsm_debug) \
> > + pr_info(__VA_ARGS__); \
> > + } while (0)
>
> The existing pr_info and pr_cont themselves are #defines. Is there a reason for
> these new "#define"? If there is a valid reason for having these new defines,
> why aren't they simply prefixed with "lsm"?
With the creation of the lsm_pr_dbg() macro which gates the output on
the "lsm.debug" flag, I felt it was more consistent to name things
this way, even if lsm_pr() and lsm_pr_cont() are just effectively
renames of the existing pr_info() and pr_cont() symbols.
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list