| 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
|---|---|
| 2 | |
| 3 | /* |
| 4 | * Copyright (C) 2023 Google LLC. |
| 5 | */ |
| 6 | |
| 7 | #ifndef __LINUX_LSM_COUNT_H |
| 8 | #define __LINUX_LSM_COUNT_H |
| 9 | |
| 10 | #include <linux/args.h> |
| 11 | |
| 12 | #ifdef CONFIG_SECURITY |
| 13 | |
| 14 | /* |
| 15 | * Macros to count the number of LSMs enabled in the kernel at compile time. |
| 16 | */ |
| 17 | |
| 18 | /* |
| 19 | * Capabilities is enabled when CONFIG_SECURITY is enabled. |
| 20 | */ |
| 21 | #if IS_ENABLED(CONFIG_SECURITY) |
| 22 | #define CAPABILITIES_ENABLED 1, |
| 23 | #else |
| 24 | #define CAPABILITIES_ENABLED |
| 25 | #endif |
| 26 | |
| 27 | #if IS_ENABLED(CONFIG_SECURITY_SELINUX) |
| 28 | #define SELINUX_ENABLED 1, |
| 29 | #else |
| 30 | #define SELINUX_ENABLED |
| 31 | #endif |
| 32 | |
| 33 | #if IS_ENABLED(CONFIG_SECURITY_SMACK) |
| 34 | #define SMACK_ENABLED 1, |
| 35 | #else |
| 36 | #define SMACK_ENABLED |
| 37 | #endif |
| 38 | |
| 39 | #if IS_ENABLED(CONFIG_SECURITY_APPARMOR) |
| 40 | #define APPARMOR_ENABLED 1, |
| 41 | #else |
| 42 | #define APPARMOR_ENABLED |
| 43 | #endif |
| 44 | |
| 45 | #if IS_ENABLED(CONFIG_SECURITY_TOMOYO) |
| 46 | #define TOMOYO_ENABLED 1, |
| 47 | #else |
| 48 | #define TOMOYO_ENABLED |
| 49 | #endif |
| 50 | |
| 51 | #if IS_ENABLED(CONFIG_SECURITY_YAMA) |
| 52 | #define YAMA_ENABLED 1, |
| 53 | #else |
| 54 | #define YAMA_ENABLED |
| 55 | #endif |
| 56 | |
| 57 | #if IS_ENABLED(CONFIG_SECURITY_LOADPIN) |
| 58 | #define LOADPIN_ENABLED 1, |
| 59 | #else |
| 60 | #define LOADPIN_ENABLED |
| 61 | #endif |
| 62 | |
| 63 | #if IS_ENABLED(CONFIG_SECURITY_LOCKDOWN_LSM) |
| 64 | #define LOCKDOWN_ENABLED 1, |
| 65 | #else |
| 66 | #define LOCKDOWN_ENABLED |
| 67 | #endif |
| 68 | |
| 69 | #if IS_ENABLED(CONFIG_SECURITY_SAFESETID) |
| 70 | #define SAFESETID_ENABLED 1, |
| 71 | #else |
| 72 | #define SAFESETID_ENABLED |
| 73 | #endif |
| 74 | |
| 75 | #if IS_ENABLED(CONFIG_BPF_LSM) |
| 76 | #define BPF_LSM_ENABLED 1, |
| 77 | #else |
| 78 | #define BPF_LSM_ENABLED |
| 79 | #endif |
| 80 | |
| 81 | #if IS_ENABLED(CONFIG_SECURITY_LANDLOCK) |
| 82 | #define LANDLOCK_ENABLED 1, |
| 83 | #else |
| 84 | #define LANDLOCK_ENABLED |
| 85 | #endif |
| 86 | |
| 87 | #if IS_ENABLED(CONFIG_IMA) |
| 88 | #define IMA_ENABLED 1, |
| 89 | #else |
| 90 | #define IMA_ENABLED |
| 91 | #endif |
| 92 | |
| 93 | #if IS_ENABLED(CONFIG_EVM) |
| 94 | #define EVM_ENABLED 1, |
| 95 | #else |
| 96 | #define EVM_ENABLED |
| 97 | #endif |
| 98 | |
| 99 | #if IS_ENABLED(CONFIG_SECURITY_IPE) |
| 100 | #define IPE_ENABLED 1, |
| 101 | #else |
| 102 | #define IPE_ENABLED |
| 103 | #endif |
| 104 | |
| 105 | /* |
| 106 | * There is a trailing comma that we need to be accounted for. This is done by |
| 107 | * using a skipped argument in __COUNT_LSMS |
| 108 | */ |
| 109 | #define __COUNT_LSMS(skipped_arg, args...) COUNT_ARGS(args...) |
| 110 | #define COUNT_LSMS(args...) __COUNT_LSMS(args) |
| 111 | |
| 112 | #define MAX_LSM_COUNT \ |
| 113 | COUNT_LSMS( \ |
| 114 | CAPABILITIES_ENABLED \ |
| 115 | SELINUX_ENABLED \ |
| 116 | SMACK_ENABLED \ |
| 117 | APPARMOR_ENABLED \ |
| 118 | TOMOYO_ENABLED \ |
| 119 | YAMA_ENABLED \ |
| 120 | LOADPIN_ENABLED \ |
| 121 | LOCKDOWN_ENABLED \ |
| 122 | SAFESETID_ENABLED \ |
| 123 | BPF_LSM_ENABLED \ |
| 124 | LANDLOCK_ENABLED \ |
| 125 | IMA_ENABLED \ |
| 126 | EVM_ENABLED \ |
| 127 | IPE_ENABLED) |
| 128 | |
| 129 | #else |
| 130 | |
| 131 | #define MAX_LSM_COUNT 0 |
| 132 | |
| 133 | #endif /* CONFIG_SECURITY */ |
| 134 | |
| 135 | #endif /* __LINUX_LSM_COUNT_H */ |
| 136 |
Generated while processing Linux/kernel/audit.c
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.