Re: [PATCH v2 3/6] integrity: remove global variable from machine_keyring.c
From: Jarkko Sakkinen
Date: Thu Aug 10 2023 - 11:38:53 EST
On Wed Aug 9, 2023 at 10:53 PM EEST, Nayna Jain wrote:
> trust_mok variable is accessed within a single function locally.
>
> Change trust_mok from global to local static variable.
>
> Signed-off-by: Nayna Jain <nayna@xxxxxxxxxxxxx>
> Reviewed-and-tested-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> ---
> security/integrity/platform_certs/machine_keyring.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/security/integrity/platform_certs/machine_keyring.c b/security/integrity/platform_certs/machine_keyring.c
> index 389a6e7c9245..9482e16cb2ca 100644
> --- a/security/integrity/platform_certs/machine_keyring.c
> +++ b/security/integrity/platform_certs/machine_keyring.c
> @@ -8,8 +8,6 @@
> #include <linux/efi.h>
> #include "../integrity.h"
>
> -static bool trust_mok;
> -
> static __init int machine_keyring_init(void)
> {
> int rc;
> @@ -65,9 +63,11 @@ static __init bool uefi_check_trust_mok_keys(void)
> bool __init trust_moklist(void)
> {
> static bool initialized;
> + static bool trust_mok;
>
> if (!initialized) {
> initialized = true;
> + trust_mok = false;
>
> if (uefi_check_trust_mok_keys())
> trust_mok = true;
Nice catch.
Reviewed-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
BR, Jarkko