Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1960156pxb; Mon, 22 Feb 2021 16:04:11 -0800 (PST) X-Google-Smtp-Source: ABdhPJy91w5/WCKpu20/DTi4DwNJYRpA/wFiEg1OH02OUMAuHLcgTIPXVNU4zbnJJc2H7kX8k2mW X-Received: by 2002:aa7:db17:: with SMTP id t23mr25131225eds.310.1614038651056; Mon, 22 Feb 2021 16:04:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614038651; cv=none; d=google.com; s=arc-20160816; b=EHxCfHIT0VtXUusJjNLCc91rBAHNElHk7laT0D7jZkr5XnX0HXGiFhDnJem0eqQLU6 YZNmcb7pmMmH+6vL5zUA8wg+L6cj9VHfxjPaubikqRAiht4lgr5lisUUlnzDPjSm/D12 JFH74RxtSSCJeIBbWipv0Z0shQd5/3tm7zvORz+Zowv8XOjU6wVQhNgmt4CHJG42EnYT OAtKOFZROLcCQtZ+QS7uDsjvEpsvz9k6cR51JgXh9SFaD+GYjzqANrtomfDDt/cxzXgb Z359aXItZmASPaahDhYB/VvJRKKjfEa9+k3bFIU2WUby7jkzuz66zsxnm4upSMnK4rA3 abKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=appB3USc9BYbOHaMaLlCBWgrnFJA97ooreJNgz7Bs+E=; b=qOrmwRiE+v1ibMxGX67DigtEYz4IJghIKOPeqXirEm3a+NhcNv9YOKqbiXYpg8SzPg mX5ec+49MiYo5lzfHMcM5tWo667bL3XTdRaF5SVcrtS/EhDX5NGl4mJzBb7ZTB2R38pe 09WTNdSd6vCdsurla8eU3lbYlwUAqY3KktLgyp2+rEgJxIEtKVieKyz6ij+8TN9HrTzK hZYRh4hLSBAwLKHySlC115ZHtnsB7k8I60k9nVMIOQ1qqJdPbw0f+IEVxzD7k0HTZ/AT L6/i3kY6+zb7sOZ2karVNlwpz6C9g+8P1QUJGSaSawEHrtPDYB+ZQU69WLouskk1mpRk WhoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=NCqNpT0F; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id y16si10473064edu.391.2021.02.22.16.03.47; Mon, 22 Feb 2021 16:04:11 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b=NCqNpT0F; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232426AbhBVW6j (ORCPT + 99 others); Mon, 22 Feb 2021 17:58:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55712 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232398AbhBVW6h (ORCPT ); Mon, 22 Feb 2021 17:58:37 -0500 Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4F5D3C06178A for ; Mon, 22 Feb 2021 14:57:57 -0800 (PST) Received: by mail-ej1-x636.google.com with SMTP id d8so31856672ejc.4 for ; Mon, 22 Feb 2021 14:57:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=appB3USc9BYbOHaMaLlCBWgrnFJA97ooreJNgz7Bs+E=; b=NCqNpT0Fh4EhH+R6BF38wGXYMzGMo+UXICnd1zIuLwnjVhP3agDg9U0bBLVLtWbhCh di98VXZ9z5I5PFVSYrWLmTvH24uCvL7jWxLpC+JkbujBGazWMzzl4FGpxWKm+ZfIpyFe GccAnJGvkygmuhZNLEwFV65Sj2a2fZo4qh2SKWQeWpBgjz+EGJVQH/Y+liPFcqUiEndy T11iq+EZeoIVXIZQ6Egp5xVJMPGn9XD35fIEwLeG3ESr8MBFV07M/duyP18fbaabsFfq SPv38UaRGhO9h7dxtcdrUfxirtyw+jdUizJzvm6RAXckgtpa78iLSv9X/5T1i8mRikJQ xP7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=appB3USc9BYbOHaMaLlCBWgrnFJA97ooreJNgz7Bs+E=; b=Blj/gDF+0Let8FCKgFpXOQkje0Bk/lK2dBfx1jduKcg1gPjCcFT70+ZcIb1ZUVD+39 6hHeeRB0pSMVxcZd0S3DZ8zuQNeAFv7/TNaZWafAvWUPgJVBv2cfkixj2vBrKXcrnb5D IDbb+d0SYdRdrtbvIKcpiXo/ZGvIMydshtHNuGFXJSGgrcmweASYUzDTU5ozhtRkyoj5 sMhbXoivy5wNuaoYMCMVA2upLk3OQiWXuL17ZHHwX93OFhigy0PbfEoieCnT4Ea0wQOE OY5TargGxevaqHzf7S+PmivMKPOhFrFHyiGjaV/HpKz/3J/r+MI/BAnclLSqEhq161VU dhUg== X-Gm-Message-State: AOAM530rjGO5J+9EFSafHeLH0Dylwad9Y8TDTC8QbnOJ6XN8h2PeTH9H JBYlw1yFPJbTBP/CmZsox0qnzZZU4EvcY/zk3RFf X-Received: by 2002:a17:906:2bd6:: with SMTP id n22mr4857616ejg.91.1614034675929; Mon, 22 Feb 2021 14:57:55 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Paul Moore Date: Mon, 22 Feb 2021 17:57:44 -0500 Message-ID: Subject: Re: [GIT PULL] SELinux patches for v5.12 To: Linus Torvalds Cc: Linux Kernel Mailing List , SElinux list , LSM List Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Feb 21, 2021 at 8:07 PM Linus Torvalds wrote: > > On Mon, Feb 15, 2021 at 1:57 PM Paul Moore wrote: > > > > - Add support for labeling anonymous inodes, and extend this new > > support to userfaultfd. > > I've pulled this, but I just have to note how much I hate the function > names. "secure inode"? There's nothing particularly secure about the > resulting inode. > > It's gone through the security layer init, that doesn't make it > "secure". ALL normal inodes go through it, are all those inodes thus > "secure"? No. > > Naming matters, and I think these things are actively mis-named > implying things that they aren't. I don't disagree that naming is important, I would only add, non-sarcastically, that naming is hard (as a coworker likes to remind me on a regular basis). My personal take on the "secure" function variant is that it provides some indication that this is tied to a LSM hook. For better or worse, all of the LSM hooks start off with "security_" and most (all?) of the LSM blob void pointers in various structs throughout the kernel are named "security". While arguments can be made about the merits of that depending on how you define "security", the fact remains that they are named that way. If you, or anyone else reading this, has another suggestion for the function names I'm listening ... -- paul moore www.paul-moore.com