On 10/2/2015 6:15 AM, José Bollo wrote: > This change has two goals: > - delay the setting of 'smack_enabled' until > it will be really effective > - ensure that smackfs is valid only if 'smack_enabled' > is set (it is already the case in smack_netfilter.c) > > Signed-off-by: José Bollo <jose.bo...@iot.bzh>
Acked-by: Casey Schaufler <ca...@schaufler-ca.com> Applied to https://github.com/cschaufler/smack-next.git#smack-for-4.4 > --- > security/smack/smack_lsm.c | 4 ++-- > security/smack/smackfs.c | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index 996c889..dd0f0a6 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -4708,8 +4708,6 @@ static __init int smack_init(void) > if (!security_module_enable("smack")) > return 0; > > - smack_enabled = 1; > - > smack_inode_cache = KMEM_CACHE(inode_smack, 0); > if (!smack_inode_cache) > return -ENOMEM; > @@ -4721,6 +4719,8 @@ static __init int smack_init(void) > return -ENOMEM; > } > > + smack_enabled = 1; > + > pr_info("Smack: Initializing.\n"); > #ifdef CONFIG_SECURITY_SMACK_NETFILTER > pr_info("Smack: Netfilter enabled.\n"); > diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c > index c20b154..d2bb5ee 100644 > --- a/security/smack/smackfs.c > +++ b/security/smack/smackfs.c > @@ -2892,7 +2892,7 @@ static int __init init_smk_fs(void) > int err; > int rc; > > - if (!security_module_enable("smack")) > + if (smack_enabled == 0) > return 0; > > err = smk_init_sysfs(); -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
