As the LSM framework only supports one LSM initcall callback for each initcall type, the init_smk_fs() and smack_nf_ip_init() functions were wrapped with a new function, smack_initcall() that is registered with the LSM framework.
Signed-off-by: Paul Moore <[email protected]> --- security/smack/smack.h | 6 ++++++ security/smack/smack_lsm.c | 16 ++++++++++++++++ security/smack/smack_netfilter.c | 4 +--- security/smack/smackfs.c | 4 +--- 4 files changed, 24 insertions(+), 6 deletions(-) diff --git a/security/smack/smack.h b/security/smack/smack.h index bf6a6ed3946c..709e0d6cd5e1 100644 --- a/security/smack/smack.h +++ b/security/smack/smack.h @@ -275,6 +275,12 @@ struct smk_audit_info { #endif }; +/* + * Initialization + */ +int init_smk_fs(void); +int smack_nf_ip_init(void); + /* * These functions are in smack_access.c */ diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index e09b33fed5f0..80b129a0c92c 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -5277,6 +5277,21 @@ static __init int smack_init(void) return 0; } +static int smack_initcall(void) +{ + int rc, rc_tmp; + + rc_tmp = init_smk_fs(); + if (rc_tmp) + rc = rc_tmp; + + rc_tmp = smack_nf_ip_init(); + if (!rc && rc_tmp) + rc = rc_tmp; + + return rc; +} + /* * Smack requires early initialization in order to label * all processes and objects when they are created. @@ -5286,4 +5301,5 @@ DEFINE_LSM(smack) = { .flags = LSM_FLAG_LEGACY_MAJOR | LSM_FLAG_EXCLUSIVE, .blobs = &smack_blob_sizes, .init = smack_init, + .initcall_device = smack_initcall, }; diff --git a/security/smack/smack_netfilter.c b/security/smack/smack_netfilter.c index 8fd747b3653a..17ba578b1308 100644 --- a/security/smack/smack_netfilter.c +++ b/security/smack/smack_netfilter.c @@ -68,7 +68,7 @@ static struct pernet_operations smack_net_ops = { .exit = smack_nf_unregister, }; -static int __init smack_nf_ip_init(void) +int __init smack_nf_ip_init(void) { if (smack_enabled == 0) return 0; @@ -76,5 +76,3 @@ static int __init smack_nf_ip_init(void) printk(KERN_DEBUG "Smack: Registering netfilter hooks\n"); return register_pernet_subsys(&smack_net_ops); } - -__initcall(smack_nf_ip_init); diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index 90a67e410808..d33dd0368807 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -2980,7 +2980,7 @@ static struct vfsmount *smackfs_mount; * Returns true if we were not chosen on boot or if * we were chosen and filesystem registration succeeded. */ -static int __init init_smk_fs(void) +int __init init_smk_fs(void) { int err; int rc; @@ -3023,5 +3023,3 @@ static int __init init_smk_fs(void) return err; } - -__initcall(init_smk_fs); -- 2.49.0
