diff options
author | Chris Wright <chris@wirex.com> | 2003-06-13 04:27:01 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@home.transmeta.com> | 2003-06-13 04:27:01 -0700 |
commit | 553bd5a2715ae7a5c858fde11873d0640065c29e (patch) | |
tree | 38d5869e4245d322f102cbc32a18bb9ade55871a /security | |
parent | 47382294ae9ecca706f7386a0a890abcbf6bdf4b (diff) | |
download | history-553bd5a2715ae7a5c858fde11873d0640065c29e.tar.gz |
[PATCH] lsm: Early init for security modules (1/4)
As discussed before, this allows for early initialization of security
modules when compiled statically into the kernel. The standard
do_initcalls is too late for complete coverage of all filesystems and
threads, for example.
Diffstat (limited to 'security')
-rw-r--r-- | security/capability.c | 2 | ||||
-rw-r--r-- | security/root_plug.c | 2 | ||||
-rw-r--r-- | security/security.c | 13 |
3 files changed, 14 insertions, 3 deletions
diff --git a/security/capability.c b/security/capability.c index 02cb4112fce019..9b2b9862d03564 100644 --- a/security/capability.c +++ b/security/capability.c @@ -348,7 +348,7 @@ static void __exit capability_exit (void) } } -module_init (capability_init); +security_initcall (capability_init); module_exit (capability_exit); MODULE_DESCRIPTION("Standard Linux Capabilities Security Module"); diff --git a/security/root_plug.c b/security/root_plug.c index d705d43305c981..73ee98192b3aba 100644 --- a/security/root_plug.c +++ b/security/root_plug.c @@ -135,7 +135,7 @@ static void __exit rootplug_exit (void) printk (KERN_INFO "Root Plug module removed\n"); } -module_init (rootplug_init); +security_initcall (rootplug_init); module_exit (rootplug_exit); MODULE_DESCRIPTION("Root Plug sample LSM module, written for Linux Journal article"); diff --git a/security/security.c b/security/security.c index 4ea82dbc60b4ec..0fb1ad99cd3cd7 100644 --- a/security/security.c +++ b/security/security.c @@ -38,12 +38,22 @@ static inline int verify (struct security_operations *ops) return 0; } +static void __init do_security_initcalls(void) +{ + initcall_t *call; + call = &__security_initcall_start; + while (call < &__security_initcall_end) { + (*call)(); + call++; + } +} + /** * security_scaffolding_startup - initialzes the security scaffolding framework * * This should be called early in the kernel initialization sequence. */ -int security_scaffolding_startup (void) +int __init security_scaffolding_startup (void) { printk (KERN_INFO "Security Scaffold v" SECURITY_SCAFFOLD_VERSION " initialized\n"); @@ -55,6 +65,7 @@ int security_scaffolding_startup (void) } security_ops = &dummy_security_ops; + do_security_initcalls(); return 0; } |