Commit dfa024bc authored by Paul Moore's avatar Paul Moore
Browse files

lsm: add a LSM_STARTED_ALL notification event 



Add a new LSM notifier event, LSM_STARTED_ALL, which is fired once at
boot when all of the LSMs have been started.

Reviewed-by: default avatarKees Cook <kees@kernel.org>
Reviewed-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
Reviewed-by: default avatarJohn Johansen <john.johhansen@canonical.com>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 4ab5efcc

include/linux/security.h

+1 −0
Original line number Diff line number Diff line
@@ -85,6 +85,7 @@ struct timezone; 


enum lsm_event {

	LSM_POLICY_CHANGE,

	LSM_STARTED_ALL,

};



struct dm_verity_digest {

security/lsm_init.c

+1 −0
Original line number Diff line number Diff line
@@ -556,6 +556,7 @@ static int __init security_initcall_late(void) 


	rc = lsm_initcall(late);

	lsm_pr_dbg("all enabled LSMs fully activated\n");

	call_blocking_lsm_notifier(LSM_STARTED_ALL, NULL);



	return rc;

}