diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/security.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/security/security.c b/security/security.c index b6d3456978a4..1e1f34285e96 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -34,9 +34,6 @@ | |||
| 34 | 34 | ||
| 35 | #define MAX_LSM_EVM_XATTR 2 | 35 | #define MAX_LSM_EVM_XATTR 2 |
| 36 | 36 | ||
| 37 | /* Maximum number of letters for an LSM name string */ | ||
| 38 | #define SECURITY_NAME_MAX 10 | ||
| 39 | |||
| 40 | /* How many LSMs were built into the kernel? */ | 37 | /* How many LSMs were built into the kernel? */ |
| 41 | #define LSM_COUNT (__end_lsm_info - __start_lsm_info) | 38 | #define LSM_COUNT (__end_lsm_info - __start_lsm_info) |
| 42 | 39 | ||
| @@ -45,9 +42,8 @@ static ATOMIC_NOTIFIER_HEAD(lsm_notifier_chain); | |||
| 45 | 42 | ||
| 46 | char *lsm_names; | 43 | char *lsm_names; |
| 47 | /* Boot-time LSM user choice */ | 44 | /* Boot-time LSM user choice */ |
| 48 | static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] = | ||
| 49 | CONFIG_DEFAULT_SECURITY; | ||
| 50 | static __initdata const char *chosen_lsm_order; | 45 | static __initdata const char *chosen_lsm_order; |
| 46 | static __initdata const char *chosen_major_lsm; | ||
| 51 | 47 | ||
| 52 | static __initconst const char * const builtin_lsm_order = CONFIG_LSM; | 48 | static __initconst const char * const builtin_lsm_order = CONFIG_LSM; |
| 53 | 49 | ||
| @@ -138,7 +134,7 @@ static bool __init lsm_allowed(struct lsm_info *lsm) | |||
| 138 | return true; | 134 | return true; |
| 139 | 135 | ||
| 140 | /* Disabled if this LSM isn't the chosen one. */ | 136 | /* Disabled if this LSM isn't the chosen one. */ |
| 141 | if (strcmp(lsm->name, chosen_lsm) != 0) | 137 | if (strcmp(lsm->name, chosen_major_lsm) != 0) |
| 142 | return false; | 138 | return false; |
| 143 | 139 | ||
| 144 | return true; | 140 | return true; |
| @@ -168,6 +164,9 @@ static void __init ordered_lsm_parse(const char *order, const char *origin) | |||
| 168 | struct lsm_info *lsm; | 164 | struct lsm_info *lsm; |
| 169 | char *sep, *name, *next; | 165 | char *sep, *name, *next; |
| 170 | 166 | ||
| 167 | if (!chosen_major_lsm) | ||
| 168 | chosen_major_lsm = CONFIG_DEFAULT_SECURITY; | ||
| 169 | |||
| 171 | sep = kstrdup(order, GFP_KERNEL); | 170 | sep = kstrdup(order, GFP_KERNEL); |
| 172 | next = sep; | 171 | next = sep; |
| 173 | /* Walk the list, looking for matching LSMs. */ | 172 | /* Walk the list, looking for matching LSMs. */ |
| @@ -257,12 +256,12 @@ int __init security_init(void) | |||
| 257 | } | 256 | } |
| 258 | 257 | ||
| 259 | /* Save user chosen LSM */ | 258 | /* Save user chosen LSM */ |
| 260 | static int __init choose_lsm(char *str) | 259 | static int __init choose_major_lsm(char *str) |
| 261 | { | 260 | { |
| 262 | strncpy(chosen_lsm, str, SECURITY_NAME_MAX); | 261 | chosen_major_lsm = str; |
| 263 | return 1; | 262 | return 1; |
| 264 | } | 263 | } |
| 265 | __setup("security=", choose_lsm); | 264 | __setup("security=", choose_major_lsm); |
| 266 | 265 | ||
| 267 | /* Explicitly choose LSM initialization order. */ | 266 | /* Explicitly choose LSM initialization order. */ |
| 268 | static int __init choose_lsm_order(char *str) | 267 | static int __init choose_lsm_order(char *str) |