security/landlock/setup.c

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * Landlock LSM - Security framework setup
   4  *
   5  * Copyright © 2016-2020 Mickaël Salaün <mic@digikod.net>
   6  * Copyright © 2018-2020 ANSSI
   7  */
   8
   9 #include <linux/init.h>
  10 #include <linux/lsm_hooks.h>
  11 #include <uapi/linux/lsm.h>
  12
  13 #include "common.h"
  14 #include "cred.h"
  15 #include "fs.h"
  16 #include "net.h"
  17 #include "setup.h"
  18 #include "task.h"
  19
  20 bool landlock_initialized __ro_after_init = false;
  21
  22 struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = {
  23         .lbs_cred = sizeof(struct landlock_cred_security),
  24         .lbs_file = sizeof(struct landlock_file_security),
  25         .lbs_inode = sizeof(struct landlock_inode_security),
  26         .lbs_superblock = sizeof(struct landlock_superblock_security),
  27 };
  28
  29 const struct lsm_id landlock_lsmid = {
  30         .name = LANDLOCK_NAME,
  31         .id = LSM_ID_LANDLOCK,
  32 };
  33
  34 static int __init landlock_init(void)
  35 {
  36         landlock_add_cred_hooks();
  37         landlock_add_task_hooks();
  38         landlock_add_fs_hooks();
  39         landlock_add_net_hooks();
  40         landlock_initialized = true;
  41         pr_info("Up and running.\n");
  42         return 0;
  43 }
  44
  45 DEFINE_LSM(LANDLOCK_NAME) = {
  46         .name = LANDLOCK_NAME,
  47         .init = landlock_init,
  48         .blobs = &landlock_blob_sizes,
  49 };