Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp947870ybh; Sun, 19 Jul 2020 04:05:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzWtwahe6oH0avYvmhnDa50H6DBXuetQMV57Y3HoGfZ8tpUsZ//svpzilkaUF3TixjvGAKY X-Received: by 2002:a17:906:d78f:: with SMTP id pj15mr14659608ejb.283.1595156743104; Sun, 19 Jul 2020 04:05:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595156743; cv=none; d=google.com; s=arc-20160816; b=CLHOW2aBNRHt6Ehugg9keCopsJkXPAvm5AqLzAurLVU7ACKPvtj0V4Tl78Un8IaxoG 38JpgEpEwn/6yW3fe0oxZJk9OAbTO6CZy4bEBcLiElzwK+u4VteoHpn+PJbY9Iy/ZmD/ al9KkG7dm2qH31jZm4+5WI+N2pKb73Itue2H+1jsyKIFXg9SEEtiJOcWvDCzbfAGMytP ofdNUjEU6vbqcNQtS6eqPs2t5ChVaeLrP2s8fGS/ka6pbF3EpQvBFzyWtDZIKdpCB1U0 3sRDEI/KsEsCqpEkBGXtGhtpWxFgnRQAoKjhlX154Y+pZ1HPowQIU9r3hd2xzXbLsgCf QmAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id; bh=T//LVJO3z1HbSwt5cXOLj7y7Yz54R/o8s2mVePIXFMA=; b=M82HzRGwsSXexkI8eLJltomIT5tu+5W1lBrA89vf3CGAW4JecvoC21xn2ZDkO3Aari MJ8l/8AtiHl1eyWCPc0zzhSoDThFGmpDY1CI74AqQxILCH6L15ZwJ6iM/vOYXVwL6B6G blKwsTkY2MNf/Kn0Qe+hDgSFAP19NSx4/gQKMFcykHIx433DyGnvyzz7HrqdcfaScQ2H D9xUmBmc8Xf4wOUykpwQWg61Xx83CaSfIJ/f2w0sEErwgrj3RXRdSTfVNBoJvX7sNFdR zhV1SCg+SQd9RAQ6ShSC1QvZyj78cb/kRX50xX4C41iED/i147rO8rE0qLtgv2lw6v7M UjKA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k18si8717756ejk.113.2020.07.19.04.05.19; Sun, 19 Jul 2020 04:05:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726307AbgGSLCs (ORCPT + 99 others); Sun, 19 Jul 2020 07:02:48 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:24682 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725988AbgGSLCr (ORCPT ); Sun, 19 Jul 2020 07:02:47 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 06JB2W16014314; Sun, 19 Jul 2020 07:02:34 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 32bw7y757y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 19 Jul 2020 07:02:34 -0400 Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 06JB2YWp014459; Sun, 19 Jul 2020 07:02:34 -0400 Received: from ppma05fra.de.ibm.com (6c.4a.5195.ip4.static.sl-reverse.com [149.81.74.108]) by mx0a-001b2d01.pphosted.com with ESMTP id 32bw7y752t-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 19 Jul 2020 07:02:34 -0400 Received: from pps.filterd (ppma05fra.de.ibm.com [127.0.0.1]) by ppma05fra.de.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 06JB0ZJ2021800; Sun, 19 Jul 2020 11:02:11 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma05fra.de.ibm.com with ESMTP id 32brq80mhu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 19 Jul 2020 11:02:10 +0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 06JB28MX29557122 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Sun, 19 Jul 2020 11:02:08 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 789F6A4051; Sun, 19 Jul 2020 11:02:08 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 22C19A405D; Sun, 19 Jul 2020 11:02:07 +0000 (GMT) Received: from localhost.localdomain (unknown [9.85.150.54]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Sun, 19 Jul 2020 11:02:07 +0000 (GMT) Message-ID: <1595156526.27397.67.camel@linux.ibm.com> Subject: Re: [PATCH v3 01/12] ima: Have the LSM free its audit rule From: Mimi Zohar To: Tyler Hicks , Nayna Cc: Dmitry Kasatkin , James Morris , "Serge E . Hallyn" , Lakshmi Ramasubramanian , Prakhar Srivastava , linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, Janne Karhunen , Casey Schaufler Date: Sun, 19 Jul 2020 07:02:06 -0400 In-Reply-To: <20200717192447.GO3673@sequoia> References: <20200709061911.954326-1-tyhicks@linux.microsoft.com> <20200709061911.954326-2-tyhicks@linux.microsoft.com> <5ee27a51-7ff9-5763-c85f-e99e62458657@linux.vnet.ibm.com> <20200717192447.GO3673@sequoia> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235,18.0.687 definitions=2020-07-19_01:2020-07-17,2020-07-19 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 adultscore=0 spamscore=0 bulkscore=0 impostorscore=0 clxscore=1015 suspectscore=0 lowpriorityscore=0 priorityscore=1501 mlxlogscore=999 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2007190080 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 2020-07-17 at 14:24 -0500, Tyler Hicks wrote: > On 2020-07-17 15:20:22, Nayna wrote: > > > > On 7/9/20 2:19 AM, Tyler Hicks wrote: > > > Ask the LSM to free its audit rule rather than directly calling kfree(). > > > > Is it to be called audit rule or filter rule ?  Likewise in subject line. > gt > The security hooks call this "audit rule" but Mimi explained the > reasoning for IMA referring to this as an "audit filter" here: > > https://lore.kernel.org/lkml/1593466203.5085.62.camel@linux.ibm.com/ > > I would be fine with her renaming/rewording this patch, accordingly, in > next-integrity-testing. Both here and "ima: AppArmor satisfies the audit rule requirements", the subject is AppArmor/LSM, which do refer to the rules as "audit" rules.  In the "ima: Rename internal audit rule functions" case, the rule rename is internal to IMA.  Here it makes sense to replace "audit" with "filter".  Tyler, I've gone ahead and made the change. Mimi