[PATCH v3 01/12] ima: Have the LSM free its audit rule
Mimi Zohar
zohar at linux.ibm.com
Sun Jul 19 11:02:06 UTC 2020
On Fri, 2020-07-17 at 14:24 -0500, Tyler Hicks wrote:
> On 2020-07-17 15:20:22, Nayna wrote:
> >
> > On 7/9/20 2:19 AM, Tyler Hicks wrote:
> > > Ask the LSM to free its audit rule rather than directly calling kfree().
> >
> > Is it to be called audit rule or filter rule ? Likewise in subject line.
> gt
> The security hooks call this "audit rule" but Mimi explained the
> reasoning for IMA referring to this as an "audit filter" here:
>
> https://lore.kernel.org/lkml/1593466203.5085.62.camel@linux.ibm.com/
>
> I would be fine with her renaming/rewording this patch, accordingly, in
> next-integrity-testing.
Both here and "ima: AppArmor satisfies the audit rule requirements",
the subject is AppArmor/LSM, which do refer to the rules as "audit"
rules. In the "ima: Rename internal audit rule functions" case, the
rule rename is internal to IMA. Here it makes sense to replace
"audit" with "filter". Tyler, I've gone ahead and made the change.
Mimi
More information about the Linux-security-module-archive
mailing list