Re: [PATCH v19 15/20] fsverity: expose verified fsverity built-in signatures to LSMs

From: Eric Biggers
Date: Thu May 30 2024 - 02:01:35 EST

Next message: Riwen Lu: "Re: [PATCH v2] cpufreq/cppc: Take policy->cur into judge when set target"
Previous message: John Johansen: "Re: [RFC 0/9] Nginx refcount scalability issue with Apparmor enabled and potential solutions"
In reply to: Jarkko Sakkinen: "Re: [PATCH v19 15/20] fsverity: expose verified fsverity built-in signatures to LSMs"
Next in thread: Jarkko Sakkinen: "Re: [PATCH v19 15/20] fsverity: expose verified fsverity built-in signatures to LSMs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 30, 2024 at 08:51:21AM +0300, Jarkko Sakkinen wrote:
> On Thu May 30, 2024 at 4:44 AM EEST, Paul Moore wrote:
> > > + err = security_inode_setintegrity(inode,
> > > + LSM_INT_FSVERITY_BUILTINSIG_VALID,
> > > + signature,
> > > + le32_to_cpu(sig_size));
> >
> > I like this much better without the explicit inode cast :)
>
> Would be nice btw if that was 'ret' or 'rc' because err is such
> a common name for exception handler alike goto-labels... Looks
> confusing just because of that :-)
>

A lot of kernel code, including the rest of fs/verity/, uses the convention that
"0 or negative errno" return values are named 'err' (and return values that
aren't necessarily an errno are named something else). So it's fine as-is.

- Eric

Next message: Riwen Lu: "Re: [PATCH v2] cpufreq/cppc: Take policy->cur into judge when set target"
Previous message: John Johansen: "Re: [RFC 0/9] Nginx refcount scalability issue with Apparmor enabled and potential solutions"
In reply to: Jarkko Sakkinen: "Re: [PATCH v19 15/20] fsverity: expose verified fsverity built-in signatures to LSMs"
Next in thread: Jarkko Sakkinen: "Re: [PATCH v19 15/20] fsverity: expose verified fsverity built-in signatures to LSMs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]