lsm: rework lsm_active_cnt and lsm_idlist[]

Move the LSM active count and lsm_id list declarations out of a header that is visible across the kernel and into a header that is limited to the LSM framework. This not only helps keep the include/linux headers smaller and cleaner, it helps prevent misuse of these variables. Reviewed-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: John Johansen <john.johhansen@canonical.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Paul Moore <paul@paul-moore.com> 2025-02-12 15:36:51 -0500
committer: Paul Moore <paul@paul-moore.com> 2025-10-22 19:24:19 -0400
commit: 250898ca335f337bc032a9693dc0a30a1cb85825 (patch)
tree: 2647692b2aaea4b1748f2d68de95c87cbad29224 /security/security.c
parent: 592b104f9b516b2c22cb23a2f4c34486fdb21bae (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c
index dc9734f0d45c..b4eec4f00730 100644
--- a/security/security.c
+++ b/security/security.c
@@ -73,6 +73,9 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = {
 	[LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality",
 };
 
+unsigned int lsm_active_cnt __ro_after_init;
+const struct lsm_id *lsm_idlist[MAX_LSM_COUNT];
+
 struct lsm_blob_sizes blob_sizes;
 
 struct kmem_cache *lsm_file_cache;
author	Paul Moore <paul@paul-moore.com>	2025-02-12 15:36:51 -0500
committer	Paul Moore <paul@paul-moore.com>	2025-10-22 19:24:19 -0400
commit	250898ca335f337bc032a9693dc0a30a1cb85825 (patch)
tree	2647692b2aaea4b1748f2d68de95c87cbad29224 /security/security.c
parent	592b104f9b516b2c22cb23a2f4c34486fdb21bae (diff)