From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751988AbdJZUxW (ORCPT ); Thu, 26 Oct 2017 16:53:22 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:60290 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751929AbdJZUxR (ORCPT ); Thu, 26 Oct 2017 16:53:17 -0400 Subject: Re: [PATCH v5 00/18] Appended signatures support for IMA appraisal From: Mimi Zohar To: Thiago Jung Bauermann , linux-integrity@vger.kernel.org Cc: linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org, Dmitry Kasatkin , James Morris , "Serge E. Hallyn" , David Howells , David Woodhouse , Jessica Yu , Rusty Russell , Herbert Xu , "David S. Miller" , "AKASHI, Takahiro" Date: Thu, 26 Oct 2017 16:53:04 -0400 In-Reply-To: <20171018005331.2688-1-bauerman@linux.vnet.ibm.com> References: <20171018005331.2688-1-bauerman@linux.vnet.ibm.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.20.5 (3.20.5-1.fc24) Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 x-cbid: 17102620-0012-0000-0000-000005865936 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17102620-0013-0000-0000-00001900D6CF Message-Id: <1509051184.5886.139.camel@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-10-26_09:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=3 malwarescore=0 lowpriorityscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000 definitions=main-1710260261 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2017-10-17 at 22:53 -0200, Thiago Jung Bauermann wrote: > Hello, > > The main highlight in this version is that it fixes a bug where the modsig > wasn't being included in the measurement list if the appraised file was > already measured by another rule. The fix is in the last patch. > > Another change is that the last patch in the v4 series ("ima: Support > module-style appended signatures for appraisal") has been broken up into > smaller patches. I may have overdone it... > > Finally, I have added some patches removing superfluous parentheses from > expressions. IMO these patches make it easier (and more pleasant) to read > the code, and thus easier to understand it. Since I'm not sure how welcome > the changes are, I split them in 3 "levels" in increasing potential for > conflict with patches from other people (they can be squashed together when > applied): > > 1. patch 2 contains the bare minimum, changing only lines that are also > touched by other patches in the series; > > 2. patch 3 cleans up all the files that are touched by this patch series; > > 3. patch 4 cleans up all other EVM and IMA files that weren't already fixed > by the previous patches. > > If unwanted, patches 3 and 4 can be simply skipped without affecting the > rest of the patches. I have already rebased them from v4.13-rc2 to > v4.14-rc3 and now to linux-integrity/next with very few easy to resolve > conflicts, so I think they are worth keeping. > > These patches apply on top of today's linux-integrity/next. This cover letter and the patch descriptions are well written, explaining what and why you're making this change.  The problem is that I don't agree that fewer parentheses makes the code more readable.  When you repost the patches (for other reasons), please don't include these changes. thanks, Mimi