[PATCH v2] docs: security: ipe: fix typos and grammar

public inbox for linux-doc@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH v2] docs: security: ipe: fix typos and grammar
@ 2026-03-08 18:07 Evan Ducas
  2026-03-08 19:41 ` Randy Dunlap
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Evan Ducas @ 2026-03-08 18:07 UTC (permalink / raw)
  To: wufan, corbet, skhan
  Cc: rdunlap, bagasdotme, linux-security-module, linux-doc,
	linux-kernel, Evan Ducas

Fix several spelling and grammar mistakes in the IPE
documentation.

No functional change.

Signed-off-by: Evan Ducas <evan.j.ducas@gmail.com>
---
 Documentation/security/ipe.rst | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Documentation/security/ipe.rst b/Documentation/security/ipe.rst
index 4a7d953abcdc..5eb3e6265fbd 100644
--- a/Documentation/security/ipe.rst
+++ b/Documentation/security/ipe.rst
@@ -18,7 +18,7 @@ strong integrity guarantees over both the executable code, and specific
 *data files* on the system, that were critical to its function. These
 specific data files would not be readable unless they passed integrity
 policy. A mandatory access control system would be present, and
-as a result, xattrs would have to be protected. This lead to a selection
+as a result, xattrs would have to be protected. This led to a selection
 of what would provide the integrity claims. At the time, there were two
 main mechanisms considered that could guarantee integrity for the system
 with these requirements:
@@ -195,7 +195,7 @@ of the policy to apply the minute usermode starts. Generally, that storage
 can be handled in one of three ways:
 
   1. The policy file(s) live on disk and the kernel loads the policy prior
-     to an code path that would result in an enforcement decision.
+     to a code path that would result in an enforcement decision.
   2. The policy file(s) are passed by the bootloader to the kernel, who
      parses the policy.
   3. There is a policy file that is compiled into the kernel that is
@@ -235,8 +235,8 @@ Updatable, Rebootless Policy
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 As requirements change over time (vulnerabilities are found in previously
-trusted applications, keys roll, etcetera). Updating a kernel to change the
-meet those security goals is not always a suitable option, as updates are not
+trusted applications, keys roll, etcetera), updating a kernel to meet
+those security goals is not always a suitable option, as updates are not
 always risk-free, and blocking a security update leaves systems vulnerable.
 This means IPE requires a policy that can be completely updated (allowing
 revocations of existing policy) from a source external to the kernel (allowing
@@ -370,7 +370,7 @@ Simplified Policy:
 Finally, IPE's policy is designed for sysadmins, not kernel developers. Instead
 of covering individual LSM hooks (or syscalls), IPE covers operations. This means
 instead of sysadmins needing to know that the syscalls ``mmap``, ``mprotect``,
-``execve``, and ``uselib`` must have rules protecting them, they must simple know
+``execve``, and ``uselib`` must have rules protecting them, they must simply know
 that they want to restrict code execution. This limits the amount of bypasses that
 could occur due to a lack of knowledge of the underlying system; whereas the
 maintainers of IPE, being kernel developers can make the correct choice to determine
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH v2] docs: security: ipe: fix typos and grammar
  2026-03-08 18:07 [PATCH v2] docs: security: ipe: fix typos and grammar Evan Ducas
@ 2026-03-08 19:41 ` Randy Dunlap
  2026-03-09 12:15 ` Bagas Sanjaya
  2026-03-10  4:48 ` Fan Wu
  2 siblings, 0 replies; 4+ messages in thread
From: Randy Dunlap @ 2026-03-08 19:41 UTC (permalink / raw)
  To: Evan Ducas, wufan, corbet, skhan
  Cc: bagasdotme, linux-security-module, linux-doc, linux-kernel



On 3/8/26 11:07 AM, Evan Ducas wrote:
> Fix several spelling and grammar mistakes in the IPE
> documentation.
> 
> No functional change.
> 
> Signed-off-by: Evan Ducas <evan.j.ducas@gmail.com>

Acked-by: Randy Dunlap <rdunlap@infradead.org>
Thanks.

> ---
>  Documentation/security/ipe.rst | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/Documentation/security/ipe.rst b/Documentation/security/ipe.rst
> index 4a7d953abcdc..5eb3e6265fbd 100644
> --- a/Documentation/security/ipe.rst
> +++ b/Documentation/security/ipe.rst
> @@ -18,7 +18,7 @@ strong integrity guarantees over both the executable code, and specific
>  *data files* on the system, that were critical to its function. These
>  specific data files would not be readable unless they passed integrity
>  policy. A mandatory access control system would be present, and
> -as a result, xattrs would have to be protected. This lead to a selection
> +as a result, xattrs would have to be protected. This led to a selection
>  of what would provide the integrity claims. At the time, there were two
>  main mechanisms considered that could guarantee integrity for the system
>  with these requirements:
> @@ -195,7 +195,7 @@ of the policy to apply the minute usermode starts. Generally, that storage
>  can be handled in one of three ways:
>  
>    1. The policy file(s) live on disk and the kernel loads the policy prior
> -     to an code path that would result in an enforcement decision.
> +     to a code path that would result in an enforcement decision.
>    2. The policy file(s) are passed by the bootloader to the kernel, who
>       parses the policy.
>    3. There is a policy file that is compiled into the kernel that is
> @@ -235,8 +235,8 @@ Updatable, Rebootless Policy
>  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>  
>  As requirements change over time (vulnerabilities are found in previously
> -trusted applications, keys roll, etcetera). Updating a kernel to change the
> -meet those security goals is not always a suitable option, as updates are not
> +trusted applications, keys roll, etcetera), updating a kernel to meet
> +those security goals is not always a suitable option, as updates are not
>  always risk-free, and blocking a security update leaves systems vulnerable.
>  This means IPE requires a policy that can be completely updated (allowing
>  revocations of existing policy) from a source external to the kernel (allowing
> @@ -370,7 +370,7 @@ Simplified Policy:
>  Finally, IPE's policy is designed for sysadmins, not kernel developers. Instead
>  of covering individual LSM hooks (or syscalls), IPE covers operations. This means
>  instead of sysadmins needing to know that the syscalls ``mmap``, ``mprotect``,
> -``execve``, and ``uselib`` must have rules protecting them, they must simple know
> +``execve``, and ``uselib`` must have rules protecting them, they must simply know
>  that they want to restrict code execution. This limits the amount of bypasses that
>  could occur due to a lack of knowledge of the underlying system; whereas the
>  maintainers of IPE, being kernel developers can make the correct choice to determine

-- 
~Randy

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH v2] docs: security: ipe: fix typos and grammar
  2026-03-08 18:07 [PATCH v2] docs: security: ipe: fix typos and grammar Evan Ducas
  2026-03-08 19:41 ` Randy Dunlap
@ 2026-03-09 12:15 ` Bagas Sanjaya
  2026-03-10  4:48 ` Fan Wu
  2 siblings, 0 replies; 4+ messages in thread
From: Bagas Sanjaya @ 2026-03-09 12:15 UTC (permalink / raw)
  To: Evan Ducas, wufan, corbet, skhan
  Cc: rdunlap, linux-security-module, linux-doc, linux-kernel

[-- Attachment #1: Type: text/plain, Size: 247 bytes --]

On Sun, Mar 08, 2026 at 02:07:34PM -0400, Evan Ducas wrote:
> Fix several spelling and grammar mistakes in the IPE
> documentation.

Acked-by: Bagas Sanjaya <bagasdotme@gmail.com>

-- 
An old man doll... just what I always wanted! - Clara

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH v2] docs: security: ipe: fix typos and grammar
  2026-03-08 18:07 [PATCH v2] docs: security: ipe: fix typos and grammar Evan Ducas
  2026-03-08 19:41 ` Randy Dunlap
  2026-03-09 12:15 ` Bagas Sanjaya
@ 2026-03-10  4:48 ` Fan Wu
  2 siblings, 0 replies; 4+ messages in thread
From: Fan Wu @ 2026-03-10  4:48 UTC (permalink / raw)
  To: Evan Ducas
  Cc: wufan, corbet, skhan, rdunlap, bagasdotme, linux-security-module,
	linux-doc, linux-kernel

On Sun, Mar 8, 2026 at 11:09 AM Evan Ducas <evan.j.ducas@gmail.com> wrote:
>
> Fix several spelling and grammar mistakes in the IPE
> documentation.
>
> No functional change.
>
> Signed-off-by: Evan Ducas <evan.j.ducas@gmail.com>
> ---
Applied to ipe/next. Thanks.

-Fan

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2026-03-10  4:47 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-08 18:07 [PATCH v2] docs: security: ipe: fix typos and grammar Evan Ducas
2026-03-08 19:41 ` Randy Dunlap
2026-03-09 12:15 ` Bagas Sanjaya
2026-03-10  4:48 ` Fan Wu

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox