Re: [Patch v4 13/18] security: Update security level of a process when modifying its dumpability

From: Tim Chen
Date: Tue Oct 30 2018 - 17:30:48 EST

On 10/30/2018 01:57 PM, Schaufler, Casey wrote:

> This isn't an LSM hook and hence does not belong in this file.
> arch_set_security() isn't descriptive, and is in fact a bad choice
> as task_struct has a field "security". This function has nothing
> to do with the task->security field, which is what I would expect
> based on the name.

What file will be a logical place for this function?

>> +
>> +int update_process_security(struct task_struct *task)
> Again, this isn't an LSM hook and does not belong in this file.
> Also again, "security" isn't descriptive in the name.