Received: by 2002:a05:6500:1b8f:b0:1fa:5c73:8e2d with SMTP id df15csp1087518lqb;
        Wed, 29 May 2024 22:51:44 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCWbPqhT1eACArjzrEGckxh26BfJb0SO6omGbuDNq3KCdrjNngqYCb05sNQJWg4M9T5I2co20JCfMaTzsLdYegEDywSvc+KeQesVzOJDTA==
X-Google-Smtp-Source: AGHT+IGEULZZ7qnpMLyBruQ9hko5rvzi8fowcqIqZ24UmzXy4jKqQ4PeSBAl9QDl7lfngrpEw5nJ
X-Received: by 2002:a17:902:e743:b0:1f6:138e:59ed with SMTP id d9443c01a7336-1f6194021femr14794915ad.25.1717048303990;
        Wed, 29 May 2024 22:51:43 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1717048303; cv=pass;
        d=google.com; s=arc-20160816;
        b=JfMpCK/VjY7dVPsY+g+kLKbhyX+fgjrTiHIFZws8Ggdti5lcTGlzYxQsF6v3oUjVIN
         FvJF64h/p6YyGAy0eCzK4asqMRcuYHlnnjU7kAiqOpu0wpXAxM8/5Sk0dRUFe3H7oI2J
         O7VeFTfbifXrX8YEhNQ2cVusllespgPHlGJQZOsmRCh8gImxKsxpBYow8GTxyY0pJ1mT
         YaIAk0ZtvszEuKEfJjv4dNrmmHgNJFhGXqKdr7BLeUmzcl++bwOK6JtNXnWXmU9q6cyH
         hJgC86vrLOGgQC57HIL1zXhSxTWArI3jKe2JXcwtnV9V908rRQu71S6NhP6FqpVfkrmd
         3W9w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:references:subject:cc:to:from:message-id:date
         :content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:dkim-signature;
        bh=4FJS9CS/eIiw6NHsGtOtM9QY6QL5EHY2QcYInllik0k=;
        fh=Y3SbZxENBmTgm/IkGjpu9BcHjfdAKAF23rWUFk7RgKY=;
        b=Nvd3cf/RE9ykIjf/9QBrXACN0do1bL1Du6hg+wCkRaeyc5TCovdiT4zD3eG29m87XB
         IoQ2/4eLSTHma6sB/S1D38EzO5+DkNkgtFUjMFC9mSsZ6/79k9G4DiOeJZGvBlFlcFO1
         scoiSy3Cac+zqNJ1nCFTlOKMggI+kYvekqZPIlv8uKoLv26SCjVEZWAN20Tt5PXL2cE9
         Mn+mImlbDrD72KrCZUISL63BtlsBP9NBuoWIE6iiAj/mAoqoblIq+9ld9L3myG0X9HOt
         CQmSwxhTttSZvhdev0cQ3QEk6Ih0vm0j7ZwcsJLCeh6JmYz+e2MnSjaOaogdE5F7O0K6
         ZdpA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UhXGdTib;
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-194957-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-194957-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel+bounces-194957-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id d9443c01a7336-1f61c6f7634si6239375ad.156.2024.05.29.22.51.43
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 29 May 2024 22:51:43 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-194957-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=UhXGdTib;
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-194957-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-194957-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 9AE34283A18
	for <linux.lists.archive@gmail.com>; Thu, 30 May 2024 05:51:43 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 56FAA143733;
	Thu, 30 May 2024 05:51:33 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="UhXGdTib"
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F27A847A;
	Thu, 30 May 2024 05:51:32 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1717048292; cv=none; b=pbDzCRkCjpZZhCH3yyp1aZLzV4SsJRp5ygtnvBTAF3HZJsJyTDziwKxBVvGWalwDBSDmhHu5J4TQcyClwTocR5rdrX2N570H1r0rtGAL/cvGxLcvcuLO9mgvOAtfkL9kuk8LQXb7QaR4ZlqlfcMEw3HiDooE9bD8LHRKdF1q+3o=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1717048292; c=relaxed/simple;
	bh=RE4inK9HYK9j9DUP4tuPAf2yjJTVUeaHvDhqFSuDHW8=;
	h=Mime-Version:Content-Type:Date:Message-Id:From:To:Cc:Subject:
	 References:In-Reply-To; b=hnVdpPxNznb8f8DI0SxBWbUTLpDtB7oG+G7fFjxDHe1CElSNIQOSbzllsRhrJWtvm3nMrOfQ7H+TdHdqrQARtG/vgpUuAZP+yqmb0WgrGTVOlGfZcxZuzaKwsEa1p+XhSFdyINyjUvU+fcbTcwIgodW9uM4Iykr3VoENPO571gg=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=UhXGdTib; arc=none smtp.client-ip=10.30.226.201
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8E86AC2BBFC;
	Thu, 30 May 2024 05:51:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1717048291;
	bh=RE4inK9HYK9j9DUP4tuPAf2yjJTVUeaHvDhqFSuDHW8=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=UhXGdTib12y9KsK2WUfE+QIvMiSUn4rTn07uYaUvBm18G3IehM/EALLRk9j6TzTg3
	 z3LZ+UlCmORNsbmPD5eoPDhdG6DONJybPzYLzg1M/4io7sUS9FC0jGMWADAlguMxL1
	 4k0IFOzLCjJFfCysKuCRnkLU1R6rYX+ciz4lX4lp0FIgDjwJGnR8R+t7G2STE8KJFu
	 gVKMYhvoNjR2/83IGvkF/JuvgOnrLhHspFjB163EUonxrV4kSrC4v+nqwRVtnoVxYg
	 vAIJNfD7Jtlfx3sS7g7PizG7ZlerW+IGXHZvjXUr6saTSiAwuXyp88rNdnCfgTbiNc
	 KUBiw3sJlVrmA==
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
Date: Thu, 30 May 2024 08:51:21 +0300
Message-Id: <D1MQTEW77RY8.36THC7YDK7CZO@kernel.org>
From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Paul Moore" <paul@paul-moore.com>, "Fan Wu"
 <wufan@linux.microsoft.com>, <corbet@lwn.net>, <zohar@linux.ibm.com>,
 <jmorris@namei.org>, <serge@hallyn.com>, <tytso@mit.edu>,
 <ebiggers@kernel.org>, <axboe@kernel.dk>, <agk@redhat.com>,
 <snitzer@kernel.org>, <mpatocka@redhat.com>, <eparis@redhat.com>
Cc: <linux-doc@vger.kernel.org>, <linux-integrity@vger.kernel.org>,
 <linux-security-module@vger.kernel.org>, <fsverity@lists.linux.dev>,
 <linux-block@vger.kernel.org>, <dm-devel@lists.linux.dev>,
 <audit@vger.kernel.org>, <linux-kernel@vger.kernel.org>, "Deven Bowers"
 <deven.desai@linux.microsoft.com>
Subject: Re: [PATCH v19 15/20] fsverity: expose verified fsverity built-in
 signatures to LSMs
X-Mailer: aerc 0.17.0
References: <1716583609-21790-16-git-send-email-wufan@linux.microsoft.com>
 <06bb61dc838eeff63bb5f11cea6d4b53@paul-moore.com>
In-Reply-To: <06bb61dc838eeff63bb5f11cea6d4b53@paul-moore.com>

On Thu May 30, 2024 at 4:44 AM EEST, Paul Moore wrote:
> > +	err =3D security_inode_setintegrity(inode,
> > +					  LSM_INT_FSVERITY_BUILTINSIG_VALID,
> > +					  signature,
> > +					  le32_to_cpu(sig_size));
>
> I like this much better without the explicit inode cast :)

Would be nice btw if that was 'ret' or 'rc' because err is such
a common name for exception handler alike goto-labels... Looks
confusing just because of that :-)

BR, Jarkko