On Thu, 2020-01-09 at 16:08 +0200, Janne Karhunen wrote: > Keep the ima policy rules around from the beginning even > if they appear invalid at the time of loading, as they > may become active after the lsm policy load. In other > words, now the lsm and the ima can be initialized in any > order and the handling logic is the same as with the lsm > rule reload event. > > Patch also fixes the rule re-use during the lsm policy > reload and makes some prints a bit more human readable. Thanks, Janne. What do you think about adding a single sentence at the end of this patch description? Something along the lines of, "With these changes, there no need to defer loading a custom IMA policy, based on LSM rules, until after the LSM policy has been initialized." The line length, here, is a bit short. According to section "14) the canonical path format" of Documentation/process/submitting- patches.rst, the body of the explanation shouldl be line wrapped at 75 columns. > > Cc: Casey Schaufler <casey@xxxxxxxxxxxxxxxx> > Reported-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> > Signed-off-by: Janne Karhunen <janne.karhunen@xxxxxxxxx> > Signed-off-by: Konsta Karsisto <konsta.karsisto@xxxxxxxxx> Please include a "Fixes" tag as well. Otherwise, Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
