Rename initialize_lsm() to be more consistent with the rest of the LSM
initialization changes and rework the function itself to better fit
with the "exit on fail" coding pattern.
Reviewed-by: Kees Cook <k...@kernel.org>
Reviewed-by: John Johansen <john.johan...@canonical.com>
Signed-off-by: Paul Moore <p...@paul-moore.com>
---
security/lsm_init.c | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/security/lsm_init.c b/security/lsm_init.c
index aad363e37140..49f93383e551 100644
--- a/security/lsm_init.c
+++ b/security/lsm_init.c
@@ -169,6 +169,7 @@ static void __init lsm_order_append(struct lsm_info *lsm,
const char *src)
lsm_is_enabled(lsm) ? "enabled" : "disabled");
}
+
/**
* lsm_blob_size_update - Update the LSM blob size and offset information
* @sz_req: the requested additional blob size
@@ -222,16 +223,20 @@ static void __init lsm_prepare(struct lsm_info *lsm)
lsm_blob_size_update(&blobs->lbs_bdev, &blob_sizes.lbs_bdev);
}
-/* Initialize a given LSM, if it is enabled. */
-static void __init initialize_lsm(struct lsm_info *lsm)
+/**
+ * lsm_init_single - Initialize a given LSM
+ * @lsm: LSM definition
+ */
+static void __init lsm_init_single(struct lsm_info *lsm)
{
- if (lsm_is_enabled(lsm)) {
- int ret;
+ int ret;
- init_debug("initializing %s\n", lsm->id->name);
- ret = lsm->init();
- WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret);
- }
+ if (!lsm_is_enabled(lsm))
+ return;
+
+ init_debug("initializing %s\n", lsm->id->name);
+ ret = lsm->init();
+ WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret);
}
/**
@@ -373,7 +378,7 @@ static void __init lsm_init_ordered(void)
panic("%s: early task alloc failed.\n", __func__);
lsm_order_for_each(lsm) {
- initialize_lsm(*lsm);
+ lsm_init_single(*lsm);
}
}
@@ -423,7 +428,7 @@ int __init early_security_init(void)
lsm_enabled_set(lsm, true);
lsm_order_append(lsm, "early");
lsm_prepare(lsm);
- initialize_lsm(lsm);
+ lsm_init_single(lsm);
}
return 0;
--
2.50.1
