summaryrefslogtreecommitdiff
path: root/include/linux/lsm_hooks.h
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2018-10-09 14:42:57 -0700
committerKees Cook <keescook@chromium.org>2019-01-08 13:18:42 -0800
commita8027fb0d188599ccdb2096f49f708bae04d86c4 (patch)
treefdef774e00b724d4ecf2eb0b997dc2ce773c8663 /include/linux/lsm_hooks.h
parent79f7865d844c7703e3dc0e2f5b9ed2f3a4f412e5 (diff)
LSM: Tie enabling logic to presence in ordered list
Until now, any LSM without an enable storage variable was considered enabled. This inverts the logic and sets defaults to true only if the LSM gets added to the ordered initialization list. (And an exception continues for the major LSMs until they are integrated into the ordered initialization in a later patch.) Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'include/linux/lsm_hooks.h')
-rw-r--r--include/linux/lsm_hooks.h2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h
index be1581d18e3e..e28a3aa639e8 100644
--- a/include/linux/lsm_hooks.h
+++ b/include/linux/lsm_hooks.h
@@ -2047,7 +2047,7 @@ extern void security_add_hooks(struct security_hook_list *hooks, int count,
struct lsm_info {
const char *name; /* Required. */
unsigned long flags; /* Optional: flags describing LSM */
- int *enabled; /* Optional: NULL means enabled. */
+ int *enabled; /* Optional: controlled by CONFIG_LSM */
int (*init)(void); /* Required. */
};