Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris...

[linux-2.6-microblaze.git] / security / security.c
diff --git a/security/security.c b/security/security.c

index 736e78d..04d173e 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -12,6 +12,8 @@
   *     (at your option) any later version.
   */
  
+#define pr_fmt(fmt) "LSM: " fmt
+
  #include <linux/bpf.h>
  #include <linux/capability.h>
  #include <linux/dcache.h>
@@ -30,8 +32,6 @@
  #include <linux/string.h>
  #include <net/flow.h>
  
-#include <trace/events/initcall.h>
-
  #define MAX_LSM_EVM_XATTR      2
  
  /* Maximum number of letters for an LSM name string */
@@ -45,20 +45,22 @@ char *lsm_names;
  static __initdata char chosen_lsm[SECURITY_NAME_MAX + 1] =
         CONFIG_DEFAULT_SECURITY;
  
-static void __init do_security_initcalls(void)
+static __initdata bool debug;
+#define init_debug(...)                                                \
+       do {                                                    \
+               if (debug)                                      \
+                       pr_info(__VA_ARGS__);                   \
+       } while (0)
+
+static void __init major_lsm_init(void)
  {
+       struct lsm_info *lsm;
         int ret;
-       initcall_t call;
-       initcall_entry_t *ce;
-
-       ce = __security_initcall_start;
-       trace_initcall_level("security");
-       while (ce < __security_initcall_end) {
-               call = initcall_from_entry(ce);
-               trace_initcall_start(call);
-               ret = call();
-               trace_initcall_finish(call, ret);
-               ce++;
+
+       for (lsm = __start_lsm_info; lsm < __end_lsm_info; lsm++) {
+               init_debug("initializing %s\n", lsm->name);
+               ret = lsm->init();
+               WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret);
         }
  }
  
@@ -72,10 +74,11 @@ int __init security_init(void)
         int i;
         struct hlist_head *list = (struct hlist_head *) &security_hook_heads;
  
+       pr_info("Security Framework initializing\n");
+
         for (i = 0; i < sizeof(security_hook_heads) / sizeof(struct hlist_head);
              i++)
                 INIT_HLIST_HEAD(&list[i]);
-       pr_info("Security Framework initialized\n");
  
         /*
          * Load minor LSMs, with the capability module always first.
@@ -87,7 +90,7 @@ int __init security_init(void)
         /*
          * Load all the remaining security modules.
          */
-       do_security_initcalls();
+       major_lsm_init();
  
         return 0;
  }
@@ -100,6 +103,14 @@ static int __init choose_lsm(char *str)
  }
  __setup("security=", choose_lsm);
  
+/* Enable LSM order debugging. */
+static int __init enable_debug(char *str)
+{
+       debug = true;
+       return 1;
+}
+__setup("lsm.debug", enable_debug);
+
  static bool match_last_lsm(const char *list, const char *lsm)
  {
         const char *last;
@@ -1147,7 +1158,7 @@ int security_task_movememory(struct task_struct *p)
         return call_int_hook(task_movememory, 0, p);
  }
  
-int security_task_kill(struct task_struct *p, struct siginfo *info,
+int security_task_kill(struct task_struct *p, struct kernel_siginfo *info,
                         int sig, const struct cred *cred)
  {
         return call_int_hook(task_kill, 0, p, info, sig, cred);