tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

lsm: introduce looping macros for the initialization code

There are three common for loop patterns in the LSM initialization code
to loop through the ordered LSM list and the registered "early" LSMs.
This patch implements these loop patterns as macros to help simplify the
code and reduce the chance for errors.

Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johhansen@canonical.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

Paul Moore 37f788f6 e0257856

+27 -15
+27 -15
security/lsm_init.c
··· 32 32 pr_info(__VA_ARGS__); \ 33 33 } while (0) 34 34 35 + #define lsm_order_for_each(iter) \ 36 + for ((iter) = ordered_lsms; *(iter); (iter)++) 37 + #define lsm_for_each_raw(iter) \ 38 + for ((iter) = __start_lsm_info; \ 39 + (iter) < __end_lsm_info; (iter)++) 40 + #define lsm_early_for_each_raw(iter) \ 41 + for ((iter) = __start_early_lsm_info; \ 42 + (iter) < __end_early_lsm_info; (iter)++) 43 + 35 44 static int lsm_append(const char *new, char **result); 36 45 37 46 /* Save user chosen LSM */ ··· 105 96 { 106 97 struct lsm_info **check; 107 98 108 - for (check = ordered_lsms; *check; check++) 99 + lsm_order_for_each(check) { 109 100 if (*check == lsm) 110 101 return true; 102 + } 111 103 112 104 return false; 113 105 } ··· 219 209 char *sep, *name, *next; 220 210 221 211 /* LSM_ORDER_FIRST is always first. */ 222 - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { 212 + lsm_for_each_raw(lsm) { 223 213 if (lsm->order == LSM_ORDER_FIRST) 224 214 append_ordered_lsm(lsm, " first"); 225 215 } ··· 234 224 * if the selected one was separately disabled: disable 235 225 * all non-matching Legacy Major LSMs. 236 226 */ 237 - for (major = __start_lsm_info; major < __end_lsm_info; 238 - major++) { 227 + lsm_for_each_raw(major) { 239 228 if ((major->flags & LSM_FLAG_LEGACY_MAJOR) && 240 229 strcmp(major->name, chosen_major_lsm) != 0) { 241 230 set_enabled(major, false); ··· 250 241 while ((name = strsep(&next, ",")) != NULL) { 251 242 bool found = false; 252 243 253 - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { 244 + lsm_for_each_raw(lsm) { 254 245 if (strcmp(lsm->name, name) == 0) { 255 246 if (lsm->order == LSM_ORDER_MUTABLE) 256 247 append_ordered_lsm(lsm, origin); ··· 265 256 266 257 /* Process "security=", if given. */ 267 258 if (chosen_major_lsm) { 268 - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { 259 + lsm_for_each_raw(lsm) { 269 260 if (exists_ordered_lsm(lsm)) 270 261 continue; 271 262 if (strcmp(lsm->name, chosen_major_lsm) == 0) ··· 274 265 } 275 266 276 267 /* LSM_ORDER_LAST is always last. */ 277 - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { 268 + lsm_for_each_raw(lsm) { 278 269 if (lsm->order == LSM_ORDER_LAST) 279 270 append_ordered_lsm(lsm, " last"); 280 271 } 281 272 282 273 /* Disable all LSMs not in the ordered list. */ 283 - for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) { 274 + lsm_for_each_raw(lsm) { 284 275 if (exists_ordered_lsm(lsm)) 285 276 continue; 286 277 set_enabled(lsm, false); ··· 299 290 pr_info("initializing lsm="); 300 291 301 292 /* Report each enabled LSM name, comma separated. */ 302 - for (early = __start_early_lsm_info; 303 - early < __end_early_lsm_info; early++) 293 + lsm_early_for_each_raw(early) { 304 294 if (is_enabled(early)) 305 295 pr_cont("%s%s", first++ == 0 ? "" : ",", early->name); 306 - for (lsm = ordered_lsms; *lsm; lsm++) 296 + } 297 + lsm_order_for_each(lsm) { 307 298 if (is_enabled(*lsm)) 308 299 pr_cont("%s%s", first++ == 0 ? "" : ",", (*lsm)->name); 300 + } 309 301 310 302 pr_cont("\n"); 311 303 } ··· 353 343 } else 354 344 ordered_lsm_parse(builtin_lsm_order, "builtin"); 355 345 356 - for (lsm = ordered_lsms; *lsm; lsm++) 346 + lsm_order_for_each(lsm) { 357 347 lsm_prepare(*lsm); 348 + } 358 349 359 350 report_lsm_order(); 360 351 ··· 393 382 394 383 lsm_early_cred((struct cred *) current->cred); 395 384 lsm_early_task(current); 396 - for (lsm = ordered_lsms; *lsm; lsm++) 385 + lsm_order_for_each(lsm) { 397 386 initialize_lsm(*lsm); 387 + } 398 388 } 399 389 400 390 static bool match_last_lsm(const char *list, const char *lsm) ··· 497 485 { 498 486 struct lsm_info *lsm; 499 487 500 - for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { 488 + lsm_early_for_each_raw(lsm) { 501 489 if (!lsm->enabled) 502 490 lsm->enabled = &lsm_enabled_true; 503 491 lsm_prepare(lsm); ··· 524 512 * Append the names of the early LSM modules now that kmalloc() is 525 513 * available 526 514 */ 527 - for (lsm = __start_early_lsm_info; lsm < __end_early_lsm_info; lsm++) { 515 + lsm_early_for_each_raw(lsm) { 528 516 init_debug(" early started: %s (%s)\n", lsm->name, 529 517 is_enabled(lsm) ? "enabled" : "disabled"); 530 518 if (lsm->enabled)