Re: [GIT PULL] SELinux patches for v5.12
From: Paul Moore
Date: Mon Feb 22 2021 - 17:59:05 EST
On Sun, Feb 21, 2021 at 8:07 PM Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Mon, Feb 15, 2021 at 1:57 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> >
> > - Add support for labeling anonymous inodes, and extend this new
> > support to userfaultfd.
>
> I've pulled this, but I just have to note how much I hate the function
> names. "secure inode"? There's nothing particularly secure about the
> resulting inode.
>
> It's gone through the security layer init, that doesn't make it
> "secure". ALL normal inodes go through it, are all those inodes thus
> "secure"? No.
>
> Naming matters, and I think these things are actively mis-named
> implying things that they aren't.
I don't disagree that naming is important, I would only add,
non-sarcastically, that naming is hard (as a coworker likes to remind
me on a regular basis).
My personal take on the "secure" function variant is that it provides
some indication that this is tied to a LSM hook. For better or worse,
all of the LSM hooks start off with "security_" and most (all?) of the
LSM blob void pointers in various structs throughout the kernel are
named "security". While arguments can be made about the merits of
that depending on how you define "security", the fact remains that
they are named that way. If you, or anyone else reading this, has
another suggestion for the function names I'm listening ...
--
paul moore
www.paul-moore.com