lsm: replace the name field with a pointer to the lsm_id struct

Reduce the duplication between the lsm_id struct and the DEFINE_LSM() definition by linking the lsm_id struct directly into the individual LSM's DEFINE_LSM() instance. Linking the lsm_id into the LSM definition also allows us to simplify the security_add_hooks() function by removing the code which populates the lsm_idlist[] array and moving it into the normal LSM startup code where the LSM list is parsed and the individual LSMs are enabled, making for a cleaner implementation with less overhead at boot. Reviewed-by: Kees Cook <kees@kernel.org> Reviewed-by: John Johansen <john.johansen@canonical.com> Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Paul Moore <paul@paul-moore.com> 2025-02-12 14:45:06 -0500
committer: Paul Moore <paul@paul-moore.com> 2025-10-22 19:24:18 -0400
commit: 9f9dc69e06ecbc61e7a50b823b82a78daf130dc0 (patch)
tree: ad4279cddfd5f5b196c63340b0c6e0d0f1fb849e /security/commoncap.c
parent: faabedcd6e88ca1f65ef45d711d2e0c7288fd551 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 6bd4adeb4795..b50479bd0286 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -1505,7 +1505,7 @@ static int __init capability_init(void)
 }
 
 DEFINE_LSM(capability) = {
-	.name = "capability",
+	.id = &capability_lsmid,
 	.order = LSM_ORDER_FIRST,
 	.init = capability_init,
 };
author	Paul Moore <paul@paul-moore.com>	2025-02-12 14:45:06 -0500
committer	Paul Moore <paul@paul-moore.com>	2025-10-22 19:24:18 -0400
commit	9f9dc69e06ecbc61e7a50b823b82a78daf130dc0 (patch)
tree	ad4279cddfd5f5b196c63340b0c6e0d0f1fb849e /security/commoncap.c
parent	faabedcd6e88ca1f65ef45d711d2e0c7288fd551 (diff)