diff options
author | Kees Cook <keescook@chromium.org> | 2018-10-09 14:42:57 -0700 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2019-01-08 13:18:42 -0800 |
commit | a8027fb0d188599ccdb2096f49f708bae04d86c4 (patch) | |
tree | fdef774e00b724d4ecf2eb0b997dc2ce773c8663 /include/linux/lsm_hooks.h | |
parent | 79f7865d844c7703e3dc0e2f5b9ed2f3a4f412e5 (diff) |
LSM: Tie enabling logic to presence in ordered list
Until now, any LSM without an enable storage variable was considered
enabled. This inverts the logic and sets defaults to true only if the
LSM gets added to the ordered initialization list. (And an exception
continues for the major LSMs until they are integrated into the ordered
initialization in a later patch.)
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/lsm_hooks.h')
-rw-r--r-- | include/linux/lsm_hooks.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index be1581d18e3e..e28a3aa639e8 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -2047,7 +2047,7 @@ extern void security_add_hooks(struct security_hook_list *hooks, int count, struct lsm_info { const char *name; /* Required. */ unsigned long flags; /* Optional: flags describing LSM */ - int *enabled; /* Optional: NULL means enabled. */ + int *enabled; /* Optional: controlled by CONFIG_LSM */ int (*init)(void); /* Required. */ }; |