On Sun, Feb 21, 2021 at 8:07 PM Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Mon, Feb 15, 2021 at 1:57 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > > > - Add support for labeling anonymous inodes, and extend this new > > support to userfaultfd. > > I've pulled this, but I just have to note how much I hate the function > names. "secure inode"? There's nothing particularly secure about the > resulting inode. > > It's gone through the security layer init, that doesn't make it > "secure". ALL normal inodes go through it, are all those inodes thus > "secure"? No. > > Naming matters, and I think these things are actively mis-named > implying things that they aren't. I don't disagree that naming is important, I would only add, non-sarcastically, that naming is hard (as a coworker likes to remind me on a regular basis). My personal take on the "secure" function variant is that it provides some indication that this is tied to a LSM hook. For better or worse, all of the LSM hooks start off with "security_" and most (all?) of the LSM blob void pointers in various structs throughout the kernel are named "security". While arguments can be made about the merits of that depending on how you define "security", the fact remains that they are named that way. If you, or anyone else reading this, has another suggestion for the function names I'm listening ... -- paul moore www.paul-moore.com