Re: [PATCH v5 3/3] Allows reading back the current IMA policy;

Tue, 10 Nov 2015 08:01:46 -0800 

On 15-11-09 09:30:58, Mimi Zohar wrote:
> On Mon, 2015-11-02 at 00:39 +0200, Petko Manolov wrote:
> 
> > +
> > +#ifdef     CONFIG_IMA_READ_POLICY
> > +enum {
> > +   mask_err = -1,
> > +   mask_exec = 1, mask_write, mask_read, mask_append
> > +};
> > +
> > +static match_table_t mask_tokens = {
> > +   {mask_exec, "MAY_EXEC"},
> > +   {mask_write, "MAY_WRITE"},
> > +   {mask_read, "MAY_READ"},
> > +   {mask_append, "MAY_APPEND"},
> > +   {mask_err, NULL}
> > +};
> > +
> > +enum {
> > +   func_err = -1,
> > +   func_file = 1, func_mmap, func_bprm,
> > +   func_module, func_firmware, func_post
> > +};
> > +
> > +static match_table_t func_tokens = {
> > +   {func_file, "FILE_CHECK"},
> > +   {func_mmap, "MMAP_CHECK"},
> > +   {func_bprm, "BPRM_CHECK"},
> > +   {func_module, "MODULE_CHECK"},
> > +   {func_firmware, "FIRMWARE_CHECK"},
> > +   {func_post, "POST_SETATTR"},
> > +   {func_err, NULL}
> > +};
> 
> Why are we using match_table_t?  Why not define an array of strings which 
> corresponds to the function hooks or use the __stringify macro?

Because you used match_table_t in your code.  Having too many style differences 
does not help it's readability.

> static const char *ima_hooks_string[] = {"", "FILE_CHECK", "MMAP_CHECK",
>         "BPRM_CHECK", "MODULE_CHECK", "FIRMWARE_CHECK", "POST_SETATTR"};
> 
> In the first case, to display the function hook string would be 
> "ima_hooks_string[func]".  Using __stringify requires the hook name (eg. 
> __stringify(FILE_CHECK)).
> 
> In either case, there would be a lot less code.

It is always speed vs size.  It is going to be more code or more data.  It is a 
matter of taste which one we'll chose.

If we look at ima_policy.c after the original IMA policy read patch we'll end 
up 
with a source that is littered with strings like "fowner=%s", "fowner" and 
"fowner=%d".  I assumed you want this cleaned up, which i did.

Another example, "FILE_CHECK" was used just once prior to introducing of policy 
read.  Now we use it twice.  Do we want to rely on GCC literals optimization 
and 
use the same string multiple times or hand-optimize it?  What do we do with 
almost the same strings like "fowner=%d", "fowner=%s" and "fowner"?

The answer to the above will determine whether we use an array of strings or 
__stringify.  I kind of lean towards the first option but as a maintainer the 
choice is up to you.


                Petko
--
To unsubscribe from this list: send the line "unsubscribe 
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to