Re: [PATCH v8 4/8] IMA: add policy rule to measure critical data

From: Tushar Sugandhi
Date: Sat Dec 12 2020 - 12:36:05 EST

Next message: tip-bot2 for Ingo Molnar: "[tip: timers/core] ntp: Fix build error"
Previous message: Jakub Kicinski: "Re: [PATCH v5 2/2] net: dsa: qca: ar9331: export stats64"
In reply to: Tyler Hicks: "Re: [PATCH v8 4/8] IMA: add policy rule to measure critical data"
Next in thread: Tushar Sugandhi: "[PATCH v8 2/8] IMA: add support to measure buffer data hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

+ case CRITICAL_DATA:
+ if (!rule->data_source)
+ return true;
+
+ opt_list = rule->data_source;
+ break;

I guess this case should unconditionally return true in this patch and
then the include this additional logic in the next patch.

Sorry, I missed these on my last review.

No worries.

As I mentioned above, I kept it purposefully in this patch since
my impression was rule->data_source is not part of the user facing
policy.

But I can simply return true here as you suggested, and move the logic to
the next patch.

I understand the thinking that it isn't harmful in this patch but I
think it is a bit cleaner to introduce the data_source policy language
element and all of its backend support in the same patch. Please move it
to the next patch. Thanks!

Tyler

Will do.
Thanks a lot Tyler for a detailed review. Appreciate it.

~Tushar

Next message: tip-bot2 for Ingo Molnar: "[tip: timers/core] ntp: Fix build error"
Previous message: Jakub Kicinski: "Re: [PATCH v5 2/2] net: dsa: qca: ar9331: export stats64"
In reply to: Tyler Hicks: "Re: [PATCH v8 4/8] IMA: add policy rule to measure critical data"
Next in thread: Tushar Sugandhi: "[PATCH v8 2/8] IMA: add support to measure buffer data hash"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]