[RFC PATCH v1 1/5] landlock: Rename landlock_id to landlock_rule_ref

Mickaël Salaün mic at digikod.net
Tue May 27 14:53:08 UTC 2025


On Mon, May 26, 2025 at 07:38:00PM +0100, Tingmao Wang wrote:
> On 5/23/25 17:57, Mickaël Salaün wrote:
> > [RFC PATCH v1 1/5] landlock: Rename landlock_id to landlock_rule_ref
> > 
> > This avoids confusion with the new Landlock IDs.
> 
> A very very minor suggestion, but I think to someone new, landlock_rule_ref
> would sound like a reference to a specific rule (like a *struct
> landlock_rule), but really it represents the "name", or in fact, target of a
> rule... Maybe we should call it "landlock_rule_target"?
> 
> (Or maybe the confusion is resolved quickly when they look at the definition
> so maybe it doesn't matter)

You're right that the name is confusing.  What about just struct
landlock_reference?  Such structure do reference an element (an object
or a raw value), which might be in a ruleset, a domain, or none of them.

We should also probably use "ref=" instead of "object=" in the trace
event.

> 
> > 
> > TODO: Split in several commits to ease potential backports according to
> > stable branches
> > 
> > Cc: Günther Noack <gnoack at google.com>
> > Signed-off-by: Mickaël Salaün <mic at digikod.net>
> > ---
> [...]
> 



More information about the Linux-security-module-archive mailing list