Re: [RFC PATCH 11/12] certs: Add a secondary system keyring that can be added to dynamically [ver #2]

From: Mimi Zohar
Date: Tue Mar 08 2016 - 09:32:29 EST

Next message: Steven Rostedt: "Re: [PATCH 1/2] tracing: make tracer_flags use the right set_flag callback"
Previous message: Vineet Gupta: "[PATCH] mm: slub: Ensure that slab_unlock() is atomic"
In reply to: Petko Manolov: "Re: [RFC PATCH 11/12] certs: Add a secondary system keyring that can be added to dynamically [ver #2]"
Next in thread: David Howells: "Re: [RFC PATCH 11/12] certs: Add a secondary system keyring that can be added to dynamically [ver #2]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2016-03-08 at 13:13 +0000, David Howells wrote:
> Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx> wrote:
>
> > but we're left with a lot of references to "system_trusted" (eg.
> > restrict_link_to_system_trusted, depends on SYSTEM_TRUSTED_KEYRING
>
> How about I pluralise it to SYSTEM_TRUSTED_KEYRINGS? The fact that one is
> called builtin and the other secondary doesn't detract from the fact that
> they're both system-wide rings of trusted keys.

Would then restrict_link_to_system_trusted imply both the builtin and
secondary keyrings or just the builtin keyrings? Changing the system
keyring name to builtin keys, without changing the corresponding
restrict_link name, obfuscates what is really happening.

Mimi

Next message: Steven Rostedt: "Re: [PATCH 1/2] tracing: make tracer_flags use the right set_flag callback"
Previous message: Vineet Gupta: "[PATCH] mm: slub: Ensure that slab_unlock() is atomic"
In reply to: Petko Manolov: "Re: [RFC PATCH 11/12] certs: Add a secondary system keyring that can be added to dynamically [ver #2]"
Next in thread: David Howells: "Re: [RFC PATCH 11/12] certs: Add a secondary system keyring that can be added to dynamically [ver #2]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]