Re: [PATCH v3] selinux: measure state and policy capabilities
From: Lakshmi Ramasubramanian
Date: Mon Mar 08 2021 - 19:44:56 EST
On 3/8/21 4:42 PM, Paul Moore wrote:
On Fri, Mar 5, 2021 at 2:29 PM Lakshmi Ramasubramanian
<nramas@xxxxxxxxxxxxxxxxxxx> wrote:
On 3/5/21 11:22 AM, Paul Moore wrote:
Hi Paul,
On Fri, Mar 5, 2021 at 12:57 PM James Bottomley
<James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote:
On Fri, 2021-03-05 at 12:52 -0500, Paul Moore wrote:
[...]
This draft seems fine to me, but there is a small logistical blocker
at the moment which means I can't merge this until -rc2 is released,
which likely means this coming Monday. The problem is that this
patch relies on code that went upstream via in the last merge window
via the IMA tree, not the SELinux tree; normally that wouldn't be a
problem as I typically rebase the selinux/next to Linus' -rc1 tag
once the merge window is closed, but in this particular case the -rc1
tag is dangerously broken for some system configurations (the tag has
since been renamed) so I'm not rebasing onto -rc1 this time around.
Assuming that -rc2 fixes the swapfile/fs-corruption problem, early
next week I'll rebase selinux/next to -rc2 and merge this patch.
However, if the swapfile bug continues past -rc2 we can consider
merging this via the IMA tree, but I'd assume not do that if possible
due to merge conflict and testing reasons.
If it helps, we rebased the SCSI tree on top of the merge for the
swapfile fix which is this one, without waiting for -rc2:
Considering that -rc2 is only two days away I'm not going to lose a
lot of sleep over it.
Thanks for reviewing the patch.
I can wait until the swapfile issue is resolved (in rc2 or later) and
you are able to merge this patch. Please take your time.
Thanks for your patience Lakshmi, I just merged this into my local
selinux/next branch and will be pushing it up to kernel.org later
tonight - thank you!
Thanks Paul.
-lakshmi