LSM: Lift LSM selection out of individual LSMs

As a prerequisite to adjusting LSM selection logic in the future, this moves the selection logic up out of the individual major LSMs, making their init functions only run when actually enabled. This considers all LSMs enabled by default unless they specified an external "enable" variable. Signed-off-by: Kees Cook <[email protected]> Reviewed-by: Casey Schaufler <[email protected]> Reviewed-by: John Johansen <[email protected]>
author: Kees Cook <[email protected]> 2018-09-13 23:17:50 -0700
committer: Kees Cook <[email protected]> 2019-01-08 13:18:42 -0800
commit: f4941d75b9cba5e1fae1aebe0139dcca0703a294 (patch)
tree: fca97d9b39b5291c138795b7e6262faba2dbec5b /security/selinux/hooks.c
parent: c5459b829b716dafd226ad270f25c9a3050f7586 (diff)
1 files changed, 0 insertions, 10 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index f847514d6f03..0f8ae2fbd14a 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -6928,16 +6928,6 @@ static struct security_hook_list selinux_hooks[] __lsm_ro_after_init = {
 
 static __init int selinux_init(void)
 {
-	if (!security_module_enable("selinux")) {
-		selinux_enabled = 0;
-		return 0;
-	}
-
-	if (!selinux_enabled) {
-		pr_info("SELinux:  Disabled at boot.\n");
-		return 0;
-	}
-
 	pr_info("SELinux:  Initializing.\n");
 
 	memset(&selinux_state, 0, sizeof(selinux_state));
author	Kees Cook <[email protected]>	2018-09-13 23:17:50 -0700
committer	Kees Cook <[email protected]>	2019-01-08 13:18:42 -0800
commit	f4941d75b9cba5e1fae1aebe0139dcca0703a294 (patch)
tree	fca97d9b39b5291c138795b7e6262faba2dbec5b /security/selinux/hooks.c
parent	c5459b829b716dafd226ad270f25c9a3050f7586 (diff)