[RFC PATCH v1 1/5] landlock: Rename landlock_id to landlock_rule_ref
Mickaël Salaün
mic at digikod.net
Tue May 27 14:53:08 UTC 2025
On Mon, May 26, 2025 at 07:38:00PM +0100, Tingmao Wang wrote:
> On 5/23/25 17:57, Mickaël Salaün wrote:
> > [RFC PATCH v1 1/5] landlock: Rename landlock_id to landlock_rule_ref
> >
> > This avoids confusion with the new Landlock IDs.
>
> A very very minor suggestion, but I think to someone new, landlock_rule_ref
> would sound like a reference to a specific rule (like a *struct
> landlock_rule), but really it represents the "name", or in fact, target of a
> rule... Maybe we should call it "landlock_rule_target"?
>
> (Or maybe the confusion is resolved quickly when they look at the definition
> so maybe it doesn't matter)
You're right that the name is confusing. What about just struct
landlock_reference? Such structure do reference an element (an object
or a raw value), which might be in a ruleset, a domain, or none of them.
We should also probably use "ref=" instead of "object=" in the trace
event.
>
> >
> > TODO: Split in several commits to ease potential backports according to
> > stable branches
> >
> > Cc: Günther Noack <gnoack at google.com>
> > Signed-off-by: Mickaël Salaün <mic at digikod.net>
> > ---
> [...]
>
More information about the Linux-security-module-archive
mailing list