From: Austin Kim <[email protected]>
The evm_fixmode is only configurable by command-line option and it is never
modified outside initcalls, so declaring it with __ro_after_init is better.
Signed-off-by: Austin Kim <[email protected]>
---
security/integrity/evm/evm_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index 1c8435dfabee..08f907382c61 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -78,7 +78,7 @@ static struct xattr_list evm_config_default_xattrnames[] = {
LIST_HEAD(evm_config_xattrnames);
-static int evm_fixmode;
+static int evm_fixmode __ro_after_init;
static int __init evm_set_fixmode(char *str)
{
if (strncmp(str, "fix", 3) == 0)
--
2.20.1
On Thu, 2021-10-28 at 12:26 +0100, Austin Kim wrote:
> From: Austin Kim <[email protected]>
>
> The evm_fixmode is only configurable by command-line option and it is never
> modified outside initcalls, so declaring it with __ro_after_init is better.
>
> Signed-off-by: Austin Kim <[email protected]>
Thanks, Austin. This patch set is now applied to the next-integrity
branch.
Mimi