smack: move initcalls to the LSM framework (06643d55) · Commits · git / linux-net

security/smack/smack.h

+14 −0

Original line number	Diff line number	Diff line
		@@ -275,6 +275,20 @@ struct smk_audit_info {
		#endif
		};

		/*
		* Initialization
		*/
		#if defined(CONFIG_SECURITY_SMACK_NETFILTER)
		int smack_nf_ip_init(void);
		#else
		static inline int smack_nf_ip_init(void)
		{
		return 0;
		}
		#endif
		int init_smk_fs(void);
		int smack_initcall(void);

		/*
		* These functions are in smack_access.c
		*/

+9 −0

Original line number	Diff line number	Diff line
		@@ -5275,6 +5275,14 @@ static __init int smack_init(void)
		return 0;
		}

		int __init smack_initcall(void)
		{
		int rc_fs = init_smk_fs();
		int rc_nf = smack_nf_ip_init();

		return rc_fs ? rc_fs : rc_nf;
		}

		/*
		* Smack requires early initialization in order to label
		* all processes and objects when they are created.
		@@ -5284,4 +5292,5 @@ DEFINE_LSM(smack) = {
		.flags = LSM_FLAG_LEGACY_MAJOR \| LSM_FLAG_EXCLUSIVE,
		.blobs = &smack_blob_sizes,
		.init = smack_init,
		.initcall_device = smack_initcall,
		};

+1 −3

Original line number	Diff line number	Diff line
		@@ -68,7 +68,7 @@ static struct pernet_operations smack_net_ops = {
		.exit = smack_nf_unregister,
		};

		static int __init smack_nf_ip_init(void)
		int __init smack_nf_ip_init(void)
		{
		if (smack_enabled == 0)
		return 0;
		@@ -76,5 +76,3 @@ static int __init smack_nf_ip_init(void)
		printk(KERN_DEBUG "Smack: Registering netfilter hooks\n");
		return register_pernet_subsys(&smack_net_ops);
		}

		__initcall(smack_nf_ip_init);

+1 −3

Original line number	Diff line number	Diff line
		@@ -2978,7 +2978,7 @@ static struct vfsmount *smackfs_mount;
		* Returns true if we were not chosen on boot or if
		* we were chosen and filesystem registration succeeded.
		*/
		static int __init init_smk_fs(void)
		int __init init_smk_fs(void)
		{
		int err;
		int rc;
		@@ -3021,5 +3021,3 @@ static int __init init_smk_fs(void)

		return err;
		}

		__initcall(init_smk_fs);