[PATCH v8 4/8] IMA: add policy rule to measure critical data
tusharsu at linux.microsoft.com
Sat Dec 12 17:34:28 UTC 2020
>>>> + case CRITICAL_DATA:
>>>> + if (!rule->data_source)
>>>> + return true;
>>>> + opt_list = rule->data_source;
>>>> + break;
>>> I guess this case should unconditionally return true in this patch and
>>> then the include this additional logic in the next patch.
>>> Sorry, I missed these on my last review.
>> No worries.
>> As I mentioned above, I kept it purposefully in this patch since
>> my impression was rule->data_source is not part of the user facing
>> But I can simply return true here as you suggested, and move the logic to
>> the next patch.
> I understand the thinking that it isn't harmful in this patch but I
> think it is a bit cleaner to introduce the data_source policy language
> element and all of its backend support in the same patch. Please move it
> to the next patch. Thanks!
Thanks a lot Tyler for a detailed review. Appreciate it.
More information about the Linux-security-module-archive