[PATCH v4 23/34] lsm: introduce an initcall mechanism into the LSM framework
Mimi Zohar
zohar at linux.ibm.com
Thu Sep 18 17:19:56 UTC 2025
On Tue, 2025-09-16 at 18:03 -0400, Paul Moore wrote:
> Currently the individual LSMs register their own initcalls, and while
> this should be harmless, it can be wasteful in the case where a LSM
> is disabled at boot as the initcall will still be executed. This
> patch introduces support for managing the initcalls in the LSM
> framework, and future patches will convert the existing LSMs over to
> this new mechanism.
>
> Only initcall types which are used by the current in-tree LSMs are
> supported, additional initcall types can easily be added in the future
> if needed.
>
> Reviewed-by: Kees Cook <kees at kernel.org>
> Reviewed-by: Casey Schaufler <casey at schaufler-ca.com>
> Reviewed-by: John Johansen <john.johhansen at canonical.com>
> Signed-off-by: Paul Moore <paul at paul-moore.com>
Reviewed-by: Mimi Zohar <zohar at linux.ibm.com>
More information about the Linux-security-module-archive
mailing list