Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S3000421AbdD3CMY (ORCPT ); Sat, 29 Apr 2017 22:12:24 -0400 Received: from www262.sakura.ne.jp ([202.181.97.72]:40936 "EHLO www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1162801AbdD3CMP (ORCPT ); Sat, 29 Apr 2017 22:12:15 -0400 To: casey@schaufler-ca.com, mic@digikod.net, linux-kernel@vger.kernel.org Cc: james.l.morris@oracle.com, keescook@chromium.org, serge@hallyn.com, linux-security-module@vger.kernel.org Subject: Re: [PATCH v1] LSM: Enable multiple calls to security_add_hooks() for the same LSM From: Tetsuo Handa References: <20170429190257.27137-1-mic@digikod.net> In-Reply-To: Message-Id: <201704301111.CFC52113.LFVFQJtFOOMHOS@I-love.SAKURA.ne.jp> X-Mailer: Winbiff [Version 2.51 PL2] X-Accept-Language: ja,en,zh Date: Sun, 30 Apr 2017 11:11:41 +0900 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 806 Lines: 24 Casey Schaufler wrote: > On 4/29/2017 12:02 PM, Mickael Salaun wrote: > > Check if the registering LSM already registered hooks just before. This > > enable to split hook declarations into multiple files without > > registering multiple time the same LSM name, starting from commit > > d69dece5f5b6 ("LSM: Add /sys/kernel/security/lsm"). > > What's special about the previous registration? Keep it > simple and check it the name is already anywhere on the > list and only add it if it's not already there. I don't > see advantage to: > > % cat /sys/kernel/security/lsm > capability,yama,spiffy,selinux,spiffy > > over > % cat /sys/kernel/security/lsm > capability,yama,spiffy,selinux > - if (lsm_append(lsm, &lsm_names) < 0) + if (lsm && lsm_append(lsm, &lsm_names) < 0) in security_add_hooks()?