lsm: add a LSM_STARTED_ALL notification event

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Add a new LSM notifier event, LSM_STARTED_ALL, which is fired once at
boot when all of the LSMs have been started.

Reviewed-by: Kees Cook <kees@kernel.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johhansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

Paul Moore 5 months ago dfa024bc 4ab5efcc

2 changed files

expand all

include

linux

security.h

security

lsm_init.c

include/linux/security.h

··· 85 85 86 86 enum lsm_event { 87 87 LSM_POLICY_CHANGE, 88 + LSM_STARTED_ALL, 88 89 }; 89 90 90 91 struct dm_verity_digest {

security/lsm_init.c

··· 556 556 557 557 rc = lsm_initcall(late); 558 558 lsm_pr_dbg("all enabled LSMs fully activated\n"); 559 + call_blocking_lsm_notifier(LSM_STARTED_ALL, NULL); 559 560 560 561 return rc; 561 562 }