]> Gentwo Git Trees - linux/.git/commitdiff
gentwo / linux / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4ab5efc)
lsm: add a LSM_STARTED_ALL notification event
authorPaul Moore <paul@paul-moore.com>
Fri, 21 Feb 2025 16:53:29 +0000 (11:53 -0500)
committerPaul Moore <paul@paul-moore.com>
Wed, 22 Oct 2025 23:24:29 +0000 (19:24 -0400)
Add a new LSM notifier event, LSM_STARTED_ALL, which is fired once at
boot when all of the LSMs have been started.

Reviewed-by: Kees Cook <kees@kernel.org>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: John Johansen <john.johhansen@canonical.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
include/linux/security.h patch | blob | blame | history
security/lsm_init.c patch | blob | blame | history

diff --git a/include/linux/security.h b/include/linux/security.h
index 556890ea2e838475266dbe3cd1d500d76291be30..eb36451ce41fafc8737d3e8bc26d70c513e8f4a2 100644 (file)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -85,6 +85,7 @@ struct timezone;
 
 enum lsm_event {
        LSM_POLICY_CHANGE,
+       LSM_STARTED_ALL,
 };
 
 struct dm_verity_digest {
diff --git a/security/lsm_init.c b/security/lsm_init.c
index 0f668bca98f915c356fdebc8ef2449b6e16fa5ea..6bb67d41ce52bb116a401474832c2afaa64fbf25 100644 (file)
--- a/security/lsm_init.c
+++ b/security/lsm_init.c
@@ -556,6 +556,7 @@ static int __init security_initcall_late(void)
 
        rc = lsm_initcall(late);
        lsm_pr_dbg("all enabled LSMs fully activated\n");
+       call_blocking_lsm_notifier(LSM_STARTED_ALL, NULL);
 
        return rc;
 }
Development tree.