LSM: Make lsm_early_cred() and lsm_early_task() local functions. (1cfb2a51) · Commits · e / devices / android_kernel_fairphone_FP5

include/linux/lsm_hooks.h

+0 −5

Original line number	Diff line number	Diff line
		@@ -2112,9 +2112,4 @@ static inline void security_delete_hooks(struct security_hook_list *hooks,

		extern int lsm_inode_alloc(struct inode *inode);

		#ifdef CONFIG_SECURITY
		void __init lsm_early_cred(struct cred *cred);
		void __init lsm_early_task(struct task_struct *task);
		#endif

		#endif /* ! __LINUX_LSM_HOOKS_H */

security/apparmor/lsm.c

+0 −2

Original line number	Diff line number	Diff line
		@@ -1484,8 +1484,6 @@ static int __init set_init_ctx(void)
		{
		struct cred cred = (struct cred )current->real_cred;

		lsm_early_cred(cred);
		lsm_early_task(current);
		set_cred_label(cred, aa_get_label(ns_unconfined(root_ns)));

		return 0;

security/security.c

+11 −16

Original line number	Diff line number	Diff line
		@@ -278,6 +278,9 @@ static void __init ordered_lsm_parse(const char order, const char origin)
		kfree(sep);
		}

		static void __init lsm_early_cred(struct cred *cred);
		static void __init lsm_early_task(struct task_struct *task);

		static void __init ordered_lsm_init(void)
		{
		struct lsm_info **lsm;
		@@ -312,6 +315,8 @@ static void __init ordered_lsm_init(void)
		blob_sizes.lbs_inode, 0,
		SLAB_PANIC, NULL);

		lsm_early_cred((struct cred *) current->cred);
		lsm_early_task(current);
		for (lsm = ordered_lsms; *lsm; lsm++)
		initialize_lsm(*lsm);

		@@ -465,17 +470,12 @@ static int lsm_cred_alloc(struct cred *cred, gfp_t gfp)
		* lsm_early_cred - during initialization allocate a composite cred blob
		* @cred: the cred that needs a blob
		*
		* Allocate the cred blob for all the modules if it's not already there
		* Allocate the cred blob for all the modules
		*/
		void __init lsm_early_cred(struct cred *cred)
		static void __init lsm_early_cred(struct cred *cred)
		{
		int rc;
		int rc = lsm_cred_alloc(cred, GFP_KERNEL);

		if (cred == NULL)
		panic("%s: NULL cred.\n", __func__);
		if (cred->security != NULL)
		return;
		rc = lsm_cred_alloc(cred, GFP_KERNEL);
		if (rc)
		panic("%s: Early cred alloc failed.\n", __func__);
		}
		@@ -589,17 +589,12 @@ int lsm_msg_msg_alloc(struct msg_msg *mp)
		* lsm_early_task - during initialization allocate a composite task blob
		* @task: the task that needs a blob
		*
		* Allocate the task blob for all the modules if it's not already there
		* Allocate the task blob for all the modules
		*/
		void __init lsm_early_task(struct task_struct *task)
		static void __init lsm_early_task(struct task_struct *task)
		{
		int rc;
		int rc = lsm_task_alloc(task);

		if (task == NULL)
		panic("%s: task cred.\n", __func__);
		if (task->security != NULL)
		return;
		rc = lsm_task_alloc(task);
		if (rc)
		panic("%s: Early task alloc failed.\n", __func__);
		}

security/selinux/hooks.c

+0 −1

Original line number	Diff line number	Diff line
		@@ -207,7 +207,6 @@ static void cred_init_security(void)
		struct cred cred = (struct cred ) current->real_cred;
		struct task_security_struct *tsec;

		lsm_early_cred(cred);
		tsec = selinux_cred(cred);
		tsec->osid = tsec->sid = SECINITSID_KERNEL;
		}

security/smack/smack_lsm.c

+0 −2

Original line number	Diff line number	Diff line
		@@ -4671,8 +4671,6 @@ static __init int smack_init(void)
		if (!smack_inode_cache)
		return -ENOMEM;

		lsm_early_cred(cred);

		/*
		* Set the security state for the initial task.
		*/