Received: by 2002:a05:7412:518d:b0:e2:908c:2ebd with SMTP id fn13csp399483rdb;
        Thu, 5 Oct 2023 09:02:44 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFjG5fPCzE4/ZU8oDpv5G0h0yiELWo6w4b2BAtaU3IsZweNfLheFv4cVvRdXEN/AdFZZ7vI
X-Received: by 2002:a17:902:da88:b0:1c3:ed30:ce0a with SMTP id j8-20020a170902da8800b001c3ed30ce0amr7077924plx.19.1696521764630;
        Thu, 05 Oct 2023 09:02:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1696521764; cv=none;
        d=google.com; s=arc-20160816;
        b=yLbsQhRxnbaeyJcam/gEyPv0ERkFBhpsTHdyi5owwG7YEgZ6hwJT4wA4soAD+XNdwP
         Dpq1UH0SMmjlgX1+RJU7iDQKODONECi8DuDBRhW8lrwAFNtb6xI887DAgfg0wi+9sjBh
         lrZzITRejWteN1wpES9nOFmYh4vXYscNB4XGNxQrdsjzVCTL9lXzFre9j4DZIiAgT3rH
         giKzmwHo5iSpxz53DMgWng93X603tXYXu2g8E5g6JUxJRWpf2c7zxgLUabYIX2FOQTnR
         0Z3hxwAxKroUK1qHohCHQn2LhV/4fo6x8AgacSpJz7GHTkG+cgbuwIzXXJmhBT3Ajjy6
         dHnQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id:dkim-signature:dkim-filter;
        bh=Q9nbMnYwHH7f2GSlKNYYueS4IcpkI9CiL+VC8hIGotI=;
        fh=u5knsv4q2Scobrw+neOB7hLefhSAfzl1N4+ZjOF352w=;
        b=mrVWGid3Q47mpbB1dErNwnabv/TAQCeBGp41+mp8KAkc64odXVlxdHUrczV1IxYyUy
         OFFIVow3i8vOd1AsWXvc6IgYVlpzJ3C9eo4Wao/jnkyi9wBvzp6/MOd7OYOOOAWigIeR
         Fq2YYqJytDHeNMYjD0mJ2XKxhyn040kkKVl+B873EICLLVrQAK/KU9kk2gHtboLIhsja
         Ja3YRamVKPSzZknnn1Kb0jLLYGvjFHKSdSEGe/aMkT4ms4GmMQe2YMoeFbNixRbF6uT6
         QpjAVuhVaOfJPUbkWQaKEDTz7YCB3PqGqH7k5w9BN7niiOpqo52GSxQ73V7YQMIPb58c
         E7Kw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux.microsoft.com header.s=default header.b=WbyW9rxM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6])
        by mx.google.com with ESMTPS id w13-20020a170902e88d00b001c611f285aasi1878007plg.541.2023.10.05.09.02.20
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 05 Oct 2023 09:02:44 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux.microsoft.com header.s=default header.b=WbyW9rxM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by pete.vger.email (Postfix) with ESMTP id EFD6884049C9;
	Thu,  5 Oct 2023 09:01:41 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236767AbjJEP7I (ORCPT <rfc822;recursive.nomad@gmail.com>
        + 99 others); Thu, 5 Oct 2023 11:59:08 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42906 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234238AbjJEP4v (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 5 Oct 2023 11:56:51 -0400
Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 8B5D9D6E;
        Thu,  5 Oct 2023 07:05:12 -0700 (PDT)
Received: from [10.137.106.151] (unknown [131.107.159.23])
        by linux.microsoft.com (Postfix) with ESMTPSA id B993820B74C2;
        Wed,  4 Oct 2023 19:49:13 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com B993820B74C2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
        s=default; t=1696474153;
        bh=Q9nbMnYwHH7f2GSlKNYYueS4IcpkI9CiL+VC8hIGotI=;
        h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
        b=WbyW9rxMnFaT2Iu36dhbn8F+5sVeCOT8afGiKS5M3ZL0Um3gbVUZ49Mo8SCCLRpsN
         UGAMWmzNZClK+Dvzc0KLYQUXO8IZxUrjpwLkyUrxjR1L4etFdOiroBlvNu2qKxByqI
         0qEvB7/Rp9wtcn280lLIP3CbLdOdFHN3tCRQbyHs=
Message-ID: <d95c06e5-60e7-4adb-896f-5c99e7f4db52@linux.microsoft.com>
Date:   Wed, 4 Oct 2023 19:49:13 -0700
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [RFC PATCH v11 15/19] fsverity: consume builtin signature via LSM
 hook
Content-Language: en-US
To:     Eric Biggers <ebiggers@kernel.org>
Cc:     corbet@lwn.net, zohar@linux.ibm.com, jmorris@namei.org,
        serge@hallyn.com, tytso@mit.edu, axboe@kernel.dk, agk@redhat.com,
        snitzer@kernel.org, eparis@redhat.com, paul@paul-moore.com,
        linux-doc@vger.kernel.org, linux-integrity@vger.kernel.org,
        linux-security-module@vger.kernel.org,
        linux-fscrypt@vger.kernel.org, linux-block@vger.kernel.org,
        dm-devel@redhat.com, audit@vger.kernel.org,
        roberto.sassu@huawei.com, linux-kernel@vger.kernel.org,
        Deven Bowers <deven.desai@linux.microsoft.com>
References: <1696457386-3010-1-git-send-email-wufan@linux.microsoft.com>
 <1696457386-3010-16-git-send-email-wufan@linux.microsoft.com>
 <20231005022707.GA1688@quark.localdomain>
From:   Fan Wu <wufan@linux.microsoft.com>
In-Reply-To: <20231005022707.GA1688@quark.localdomain>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-7.2 required=5.0 tests=DATE_IN_PAST_06_12,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL
	autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Thu, 05 Oct 2023 09:01:42 -0700 (PDT)



On 10/4/2023 7:27 PM, Eric Biggers wrote:
> On Wed, Oct 04, 2023 at 03:09:42PM -0700, Fan Wu wrote:
>> +#ifdef CONFIG_FS_VERITY_BUILTIN_SIGNATURES
>> +static int fsverity_inode_setsecurity(struct inode *inode,
>> +				      struct fsverity_descriptor *desc)
>> +{
>> +	return security_inode_setsecurity(inode, FS_VERITY_INODE_SEC_NAME,
>> +					  desc->signature,
>> +					  le32_to_cpu(desc->sig_size), 0);
>> +}
> 
> Why isn't the type of the second argument 'const struct fsverity_descriptor *'?
> 
> - Eric

Thanks for the suggestion. I agree that adding 'const' here is a better 
approach. I will update this in the next version.

-Fan