[PATCH v5 3/7] security: policy: remove global active_policy var

[Fabian Pflug]

Replace with a getter function called security_policy_get_active(), that
automatically initializes the active_policy, if an initial policy is
set.

Signed-off-by: Fabian Pflug <f.pflug at pengutronix.de>
---
 commands/sconfig.c        |  2 ++
 include/security/policy.h |  3 +--
 security/Kconfig.policy   |  3 ++-
 security/policy.c         | 16 ++++++++++------
 4 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/commands/sconfig.c b/commands/sconfig.c
index 3ca4478270..7afb24366b 100644
--- a/commands/sconfig.c
+++ b/commands/sconfig.c
@@ -114,6 +114,7 @@ static int do_sconfig_flags(int argc, char *argv[])
 static struct security_policy *alloc_policy(void)
 {
 	struct security_policy *override;
+	const struct security_policy *active_policy = security_policy_get_active();
 
 	override = xmalloc(sizeof(*override));
 
@@ -137,6 +138,7 @@ static void free_policy(struct security_policy *policy)
 
 static int do_sconfig(int argc, char *argv[])
 {
+	const struct security_policy *active_policy = security_policy_get_active();
 	struct security_policy *override;
 	bool allow_color;
 	int i, ret;
diff --git a/include/security/policy.h b/include/security/policy.h
index c41220ef3b..11490bf173 100644
--- a/include/security/policy.h
+++ b/include/security/policy.h
@@ -25,9 +25,8 @@
 #define POLICY_TAMPER		"tamper"
 #define POLICY_FIELD_RETURN	"return"
 
-extern const struct security_policy *active_policy;
-
 const struct security_policy *security_policy_get(const char *name);
+const struct security_policy *security_policy_get_active(void);
 
 int security_policy_activate(const struct security_policy *policy);
 int security_policy_select(const char *name);
diff --git a/security/Kconfig.policy b/security/Kconfig.policy
index 9ea52e91da..e778327b0d 100644
--- a/security/Kconfig.policy
+++ b/security/Kconfig.policy
@@ -49,7 +49,8 @@ config SECURITY_POLICY_INIT
 	prompt "Initial security policy"
 	help
 	  The policy named here will be automatically selected the first
-	  time a security policy is to be consulted.
+	  time a security policy is to be consulted or the currently active
+	  policy is queried.
 	  It's recommended to use a restrictive policy here and remove
 	  the restrictions if needed instead of the other way round.
 
diff --git a/security/policy.c b/security/policy.c
index 95e7bf99a2..fce527df67 100644
--- a/security/policy.c
+++ b/security/policy.c
@@ -60,15 +60,12 @@ static bool __is_allowed(const struct security_policy *policy, unsigned option)
 
 bool is_allowed(const struct security_policy *policy, unsigned option)
 {
-	policy = policy ?: active_policy;
-
 	if (WARN(option > SCONFIG_NUM))
 		return false;
 
-	if (!policy && *CONFIG_SECURITY_POLICY_INIT) {
-		security_policy_select(CONFIG_SECURITY_POLICY_INIT);
-		policy = active_policy;
-	}
+	/* initialize and use active policy if none is selected */
+	if (!policy)
+		policy = security_policy_get_active();
 
 	if (policy) {
 		bool allow = __is_allowed(policy, option);
@@ -108,6 +105,13 @@ int security_policy_activate(const struct security_policy *policy)
 	return 0;
 }
 
+const struct security_policy *security_policy_get_active(void)
+{
+	if (!active_policy && *CONFIG_SECURITY_POLICY_INIT)
+		security_policy_select(CONFIG_SECURITY_POLICY_INIT);
+	return active_policy;
+}
+
 const struct security_policy *security_policy_get(const char *name)
 {
 	const struct policy_list_entry *entry;

-- 
2.47.3