diff options
| author | Kees Cook <[email protected]> | 2018-09-13 22:28:48 -0700 |
|---|---|---|
| committer | Kees Cook <[email protected]> | 2019-01-08 13:18:42 -0800 |
| commit | c5459b829b716dafd226ad270f25c9a3050f7586 (patch) | |
| tree | 30b2d5de7327a8b6a5532e8a017b641c6684f6b2 /security/selinux/hooks.c | |
| parent | 657d910b52a38c5e0d753c2a5448c6ae26ec85d0 (diff) | |
LSM: Plumb visibility into optional "enabled" state
In preparation for lifting the "is this LSM enabled?" logic out of the
individual LSMs, pass in any special enabled state tracking (as needed
for SELinux, AppArmor, and LoadPin). This should be an "int" to include
handling any future cases where "enabled" is exposed via sysctl which
has no "bool" type.
Signed-off-by: Kees Cook <[email protected]>
Reviewed-by: Casey Schaufler <[email protected]>
Reviewed-by: John Johansen <[email protected]>
Diffstat (limited to 'security/selinux/hooks.c')
| -rw-r--r-- | security/selinux/hooks.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 41908d2d6149..f847514d6f03 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -7000,6 +7000,7 @@ void selinux_complete_init(void) DEFINE_LSM(selinux) = { .name = "selinux", .flags = LSM_FLAG_LEGACY_MAJOR, + .enabled = &selinux_enabled, .init = selinux_init, }; |