On Wed, Apr 09, 2025 at 02:49:50PM -0400, Paul Moore wrote: > Reduce the duplication between the lsm_id struct and the DEFINE_LSM() > definition by linking the lsm_id struct directly into the individual > LSM's DEFINE_LSM() instance. > > Linking the lsm_id into the LSM definition also allows us to simplify > the security_add_hooks() function by removing the code which populates > the lsm_idlist[] array and moving it into the normal LSM startup code > where the LSM list is parsed and the individual LSMs are enabled, > making for a cleaner implementation with less overhead at boot. > > Signed-off-by: Paul Moore <p...@paul-moore.com>
Love it! Much cleaner. Reviewed-by: Kees Cook <k...@kernel.org> -- Kees Cook
