| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 19 Jul 2020 07:02:06 -0400
From: Mimi Zohar <zohar@...ux.ibm.com>
To: Tyler Hicks <tyhicks@...ux.microsoft.com>,
Nayna <nayna@...ux.vnet.ibm.com>
Cc: Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
James Morris <jmorris@...ei.org>,
"Serge E . Hallyn" <serge@...lyn.com>,
Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>,
Prakhar Srivastava <prsriva02@...il.com>,
linux-kernel@...r.kernel.org, linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org,
Janne Karhunen <janne.karhunen@...il.com>,
Casey Schaufler <casey@...aufler-ca.com>
Subject: Re: [PATCH v3 01/12] ima: Have the LSM free its audit rule
On Fri, 2020-07-17 at 14:24 -0500, Tyler Hicks wrote:
> On 2020-07-17 15:20:22, Nayna wrote:
> >
> > On 7/9/20 2:19 AM, Tyler Hicks wrote:
> > > Ask the LSM to free its audit rule rather than directly calling kfree().
> >
> > Is it to be called audit rule or filter rule ? Likewise in subject line.
> gt
> The security hooks call this "audit rule" but Mimi explained the
> reasoning for IMA referring to this as an "audit filter" here:
>
> https://lore.kernel.org/lkml/1593466203.5085.62.camel@linux.ibm.com/
>
> I would be fine with her renaming/rewording this patch, accordingly, in
> next-integrity-testing.
Both here and "ima: AppArmor satisfies the audit rule requirements",
the subject is AppArmor/LSM, which do refer to the rules as "audit"
rules. In the "ima: Rename internal audit rule functions" case, the
rule rename is internal to IMA. Here it makes sense to replace
"audit" with "filter". Tyler, I've gone ahead and made the change.
Mimi
Powered by blists - more mailing lists