On Thu, Jul 24, 2025 at 11:34 AM Casey Schaufler <[email protected]> wrote: > On 7/21/2025 4:21 PM, Paul Moore wrote: > > Move the LSM active count and lsm_id list declarations out of a header > > that is visible across the kernel and into a header that is limited to > > the LSM framework. This not only helps keep the include/linux headers > > smaller and cleaner, it helps prevent misuse of these variables. > > > > Signed-off-by: Paul Moore <[email protected]>
... > > diff --git a/security/lsm_init.c b/security/lsm_init.c > > index cbdfac31ede4..03d3e140e0b1 100644 > > --- a/security/lsm_init.c > > +++ b/security/lsm_init.c > > @@ -22,8 +22,8 @@ static __initdata const char *lsm_order_cmdline; > > static __initdata const char *lsm_order_legacy; > > > > /* Ordered list of LSMs to initialize. */ > > -static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; > > static __initdata struct lsm_info *lsm_exclusive; > > +static __initdata struct lsm_info *lsm_order[MAX_LSM_COUNT + 1]; > > I can't see there's a good reason for the reordering. I'm not > objecting to it, but it's curious. I'm pretty sure this is one of those things that came about while I was upset with the state of this code and was going through it with a hatchet; a lot of code was ripped out and put back, so it's likely just an artifact of that. I'll flip it back around. -- paul-moore.com
