Re: [RFC PATCH v2 17/34] lsm: cleanup initialize_lsm() and rename to lsm_init_single()

Thu, 24 Jul 2025 16:40:47 -0700 

On 7/21/2025 4:21 PM, Paul Moore wrote:
> Rename initialize_lsm() to be more consistent with the rest of the LSM
> initialization changes and rework the function itself to better fit
> with the "exit on fail" coding pattern.
>
> Reviewed-by: Kees Cook <k...@kernel.org>
> Reviewed-by: John Johansen <john.johan...@canonical.com>
> Signed-off-by: Paul Moore <p...@paul-moore.com>

Reviewed-by: Casey Schaufler <ca...@schaufler-ca.com>


> ---
>  security/lsm_init.c | 25 +++++++++++++++----------
>  1 file changed, 15 insertions(+), 10 deletions(-)
>
> diff --git a/security/lsm_init.c b/security/lsm_init.c
> index aad363e37140..49f93383e551 100644
> --- a/security/lsm_init.c
> +++ b/security/lsm_init.c
> @@ -169,6 +169,7 @@ static void __init lsm_order_append(struct lsm_info *lsm, 
> const char *src)
>                  lsm_is_enabled(lsm) ? "enabled" : "disabled");
>  }
>  
> +
>  /**
>   * lsm_blob_size_update - Update the LSM blob size and offset information
>   * @sz_req: the requested additional blob size
> @@ -222,16 +223,20 @@ static void __init lsm_prepare(struct lsm_info *lsm)
>       lsm_blob_size_update(&blobs->lbs_bdev, &blob_sizes.lbs_bdev);
>  }
>  
> -/* Initialize a given LSM, if it is enabled. */
> -static void __init initialize_lsm(struct lsm_info *lsm)
> +/**
> + * lsm_init_single - Initialize a given LSM
> + * @lsm: LSM definition
> + */
> +static void __init lsm_init_single(struct lsm_info *lsm)
>  {
> -     if (lsm_is_enabled(lsm)) {
> -             int ret;
> +     int ret;
>  
> -             init_debug("initializing %s\n", lsm->id->name);
> -             ret = lsm->init();
> -             WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret);
> -     }
> +     if (!lsm_is_enabled(lsm))
> +             return;
> +
> +     init_debug("initializing %s\n", lsm->id->name);
> +     ret = lsm->init();
> +     WARN(ret, "%s failed to initialize: %d\n", lsm->id->name, ret);
>  }
>  
>  /**
> @@ -373,7 +378,7 @@ static void __init lsm_init_ordered(void)
>               panic("%s: early task alloc failed.\n", __func__);
>  
>       lsm_order_for_each(lsm) {
> -             initialize_lsm(*lsm);
> +             lsm_init_single(*lsm);
>       }
>  }
>  
> @@ -423,7 +428,7 @@ int __init early_security_init(void)
>               lsm_enabled_set(lsm, true);
>               lsm_order_append(lsm, "early");
>               lsm_prepare(lsm);
> -             initialize_lsm(lsm);
> +             lsm_init_single(lsm);
>       }
>  
>       return 0;

Reply via email to