diff options
| -rw-r--r-- | include/linux/security.h | 2 | ||||
| -rw-r--r-- | security/lsm.h | 5 | ||||
| -rw-r--r-- | security/lsm_init.c | 6 | ||||
| -rw-r--r-- | security/lsm_syscalls.c | 2 | ||||
| -rw-r--r-- | security/security.c | 3 |
5 files changed, 10 insertions, 8 deletions
diff --git a/include/linux/security.h b/include/linux/security.h index 92ac3f27b973..556890ea2e83 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -167,8 +167,6 @@ struct lsm_prop { }; extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1]; -extern u32 lsm_active_cnt; -extern const struct lsm_id *lsm_idlist[]; /* These functions are in security/commoncap.c */ extern int cap_capable(const struct cred *cred, struct user_namespace *ns, diff --git a/security/lsm.h b/security/lsm.h index 0e1731bad4a7..dbe755c45e57 100644 --- a/security/lsm.h +++ b/security/lsm.h @@ -7,6 +7,11 @@ #define _LSM_H_ #include <linux/lsm_hooks.h> +#include <linux/lsm_count.h> + +/* List of configured LSMs */ +extern unsigned int lsm_active_cnt; +extern const struct lsm_id *lsm_idlist[]; /* LSM blob configuration */ extern struct lsm_blob_sizes blob_sizes; diff --git a/security/lsm_init.c b/security/lsm_init.c index a0785ca081c7..d40f31e79bd5 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -217,12 +217,6 @@ static void __init initialize_lsm(struct lsm_info *lsm) } } -/* - * Current index to use while initializing the lsm id list. - */ -u32 lsm_active_cnt __ro_after_init; -const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; - /* Populate ordered LSMs list from comma-separated LSM name list. */ static void __init ordered_lsm_parse(const char *order, const char *origin) { diff --git a/security/lsm_syscalls.c b/security/lsm_syscalls.c index 8440948a690c..5648b1f0ce9c 100644 --- a/security/lsm_syscalls.c +++ b/security/lsm_syscalls.c @@ -17,6 +17,8 @@ #include <linux/lsm_hooks.h> #include <uapi/linux/lsm.h> +#include "lsm.h" + /** * lsm_name_to_attr - map an LSM attribute name to its ID * @name: name of the attribute diff --git a/security/security.c b/security/security.c index dc9734f0d45c..b4eec4f00730 100644 --- a/security/security.c +++ b/security/security.c @@ -73,6 +73,9 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX + 1] = { [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; +unsigned int lsm_active_cnt __ro_after_init; +const struct lsm_id *lsm_idlist[MAX_LSM_COUNT]; + struct lsm_blob_sizes blob_sizes; struct kmem_cache *lsm_file_cache; |