Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp1703211ybm; Tue, 21 May 2019 19:50:17 -0700 (PDT) X-Google-Smtp-Source: APXvYqxcjkVJkvIBxE36w7+tZZ9/k+MMp3+oyOWWg1E0PfgM43QXoB/ZiVMCF7T1y9pNJePtJpxM X-Received: by 2002:a63:5404:: with SMTP id i4mr56801811pgb.347.1558493417608; Tue, 21 May 2019 19:50:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558493417; cv=none; d=google.com; s=arc-20160816; b=zKfnvFvtPSvpaq0Wd7f5d/4aC5DSSYWj/Y0NXTabu4dj6DAjHI5OxguU4OdikJZ/Fd FRneapkk5NtGdgVJvC17C89T0WFVasrlihC5JIC4S/EGAv2qLUmD70YA8ZMKAEfbQ4eO QFUzkw5NPr9tH0rLXLB4fi1pgcZbP35j/Rermm8Q366xBRZd6zCepxDGxoz6urpboM+h Ugv7CpxQG6KUI7vP/InQUMmqII9bNRo2nTInvSGJ0Q/39qBEL8HOdbRe4E6uZhEwt1pR oYb9OmzQGWWgGY3WskwC+PhqlmWG7qw7B46B6Nfzv9/W4aBpPZ2oxxgujAFo1b77PaoF xhuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=P83pa93kxL2Xe4u56zou0V1eUQ5bysOFSoGVJBOCDUk=; b=huiJxxt/tLpopAZNxwruA7fNO+E2sNyyeKpXpA1x12bIqTxqt7Ldl2WCrTG+vNZyRK /A5YCmZz787rAFT3558xdkVhKgjd6r867hXugZulcdzpI+JviTVmIXR7VZFVrufyXAse z4rKsoYRH9IkDUm69CtHm3xyNmLSbYKCU56tQZs+2rvr2IUwMDSk1Fl7vii/6N0KejX+ DYk+02kQq9U0ysmmsBBBntOPCuLja4/CYY8pjqLln+C7QdedpYnqX9sPn7HhtHMBO39C esX9QAvCKLz2NdZZmoqBp0lrqkeOOTCNHevRHnCO0F3EcuyeptnaqqJT57VRX6VoN7Nl zGug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v5si16416020pgs.285.2019.05.21.19.50.01; Tue, 21 May 2019 19:50:17 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728156AbfEVCsy (ORCPT + 99 others); Tue, 21 May 2019 22:48:54 -0400 Received: from namei.org ([65.99.196.166]:33706 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727424AbfEVCsy (ORCPT ); Tue, 21 May 2019 22:48:54 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id x4M2mnNd006699; Wed, 22 May 2019 02:48:49 GMT Date: Wed, 22 May 2019 12:48:49 +1000 (AEST) From: James Morris To: Matthew Garrett cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, David Howells Subject: Re: [RFC 2/2] Add the ability to lock down access to the running kernel image In-Reply-To: <20190521224013.3782-3-matthewgarrett@google.com> Message-ID: References: <20190521224013.3782-1-matthewgarrett@google.com> <20190521224013.3782-3-matthewgarrett@google.com> User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 21 May 2019, Matthew Garrett wrote: > + int (*locked_down)(const char *where, enum lockdown_level level); > +static int lockdown_is_locked_down(const char *what, enum lockdown_level level) I'm guessing 'what' is the best option here. -- James Morris