lsm: mark the lsm_id variables are marked as static

As the kernel test robot helpfully reminded us, all of the lsm_id
instances defined inside the various LSMs should be marked as static.
The one exception is Landlock which uses its lsm_id variable across
multiple source files with an extern declaration in a header file.

Reported-by: kernel test robot <lkp@intel.com>
Suggested-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 332198e0a017ce62b2cd259612ed67f71bde1788..e490a70004089f102335e17d77c7d5005e90db03 100644 (file)
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -1454,7 +1454,7 @@ struct lsm_blob_sizes apparmor_blob_sizes __ro_after_init = {
        .lbs_task = sizeof(struct aa_task_ctx),
 };
 
-const struct lsm_id apparmor_lsmid = {
+static const struct lsm_id apparmor_lsmid = {
        .name = "apparmor",
        .id = LSM_ID_APPARMOR,
 };

diff --git a/security/bpf/hooks.c b/security/bpf/hooks.c
index 91011e0c361ac0f1157b0f077a0e1d333b492bf0..57b9ffd53c98aec5e63e172d60f7174c4870d9c1 100644 (file)
--- a/security/bpf/hooks.c
+++ b/security/bpf/hooks.c
@@ -16,7 +16,7 @@ static struct security_hook_list bpf_lsm_hooks[] __ro_after_init = {
        LSM_HOOK_INIT(task_free, bpf_task_storage_free),
 };
 
-const struct lsm_id bpf_lsmid = {
+static const struct lsm_id bpf_lsmid = {
        .name = "bpf",
        .id = LSM_ID_BPF,
 };

diff --git a/security/commoncap.c b/security/commoncap.c
index a64c0c8592bb3146f88c1ab1e558277f00dda704..162d96b3a6768bc66c235c4233ef9f274ddf0c49 100644 (file)
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -1441,7 +1441,7 @@ int cap_mmap_file(struct file *file, unsigned long reqprot,
 
 #ifdef CONFIG_SECURITY
 
-const struct lsm_id capability_lsmid = {
+static const struct lsm_id capability_lsmid = {
        .name = "capability",
        .id = LSM_ID_CAPABILITY,
 };

diff --git a/security/loadpin/loadpin.c b/security/loadpin/loadpin.c
index d682a851de58aa5fa84fa34da97177815612669d..8e93cda130f13c334f33add8ee7ae98e53534ae7 100644 (file)
--- a/security/loadpin/loadpin.c
+++ b/security/loadpin/loadpin.c
@@ -209,7 +209,7 @@ static int loadpin_load_data(enum kernel_load_data_id id, bool contents)
        return loadpin_check(NULL, (enum kernel_read_file_id) id);
 }
 
-const struct lsm_id loadpin_lsmid = {
+static const struct lsm_id loadpin_lsmid = {
        .name = "loadpin",
        .id = LSM_ID_LOADPIN,
 };

diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c
index f42d5af5ffb0584c9c5b34b1dc63054b0ca08210..1ba564f097f57da82e360f0acad06749665e43f3 100644 (file)
--- a/security/safesetid/lsm.c
+++ b/security/safesetid/lsm.c
@@ -262,7 +262,7 @@ static int safesetid_task_fix_setgroups(struct cred *new, const struct cred *old
        return 0;
 }
 
-const struct lsm_id safesetid_lsmid = {
+static const struct lsm_id safesetid_lsmid = {
        .name = "safesetid",
        .id = LSM_ID_SAFESETID,
 };

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 942f2b8c4ebb2f0136491f31d63c81138ad4fba5..b340425ccfae1c82bd4fbd7d9eb9985d558274f0 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -7031,7 +7031,7 @@ static int selinux_uring_cmd(struct io_uring_cmd *ioucmd)
 }
 #endif /* CONFIG_IO_URING */
 
-const struct lsm_id selinux_lsmid = {
+static const struct lsm_id selinux_lsmid = {
        .name = "selinux",
        .id = LSM_ID_SELINUX,
 };

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 99664c8cf86759cfd856a2ba566ab77f1dbba5b0..53336d7daa93324cc72d66c928e3a34fc6edfdbb 100644 (file)
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -5006,7 +5006,7 @@ struct lsm_blob_sizes smack_blob_sizes __ro_after_init = {
        .lbs_xattr_count = SMACK_INODE_INIT_XATTRS,
 };
 
-const struct lsm_id smack_lsmid = {
+static const struct lsm_id smack_lsmid = {
        .name = "smack",
        .id = LSM_ID_SMACK,
 };

diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 7222054331052ef553500729dbade5c73cd61611..e10491f155a5cd3707f137dd6979c2a25fecaad5 100644 (file)
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -543,7 +543,7 @@ static void tomoyo_task_free(struct task_struct *task)
        }
 }
 
-const struct lsm_id tomoyo_lsmid = {
+static const struct lsm_id tomoyo_lsmid = {
        .name = "tomoyo",
        .id = LSM_ID_TOMOYO,
 };

diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index 5cdff292fcae8eb98073b2c647e324b8624ee141..49dc52b454efaa19e4207e4b55569597f5475ad2 100644 (file)
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -422,7 +422,7 @@ static int yama_ptrace_traceme(struct task_struct *parent)
        return rc;
 }
 
-const struct lsm_id yama_lsmid = {
+static const struct lsm_id yama_lsmid = {
        .name = "yama",
        .id = LSM_ID_YAMA,
 };