Re: [PATCH v5 2/2] staging: ion: create one device entry per heap

From: Laura Abbott
Date: Mon Oct 09 2017 - 20:10:48 EST

Next message: Steve Grubb: "Re: [PATCH ALT4 V3 2/2] audit: filter PATH records keyed on filesystem magic"
Previous message: Kees Cook: "[PATCH] timer: Remove meaningless .data/.function assignments"
In reply to: Mark Brown: "Re: [PATCH v5 2/2] staging: ion: create one device entry per heap"
Next in thread: Mark Brown: "Re: [PATCH v5 2/2] staging: ion: create one device entry per heap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/09/2017 03:08 PM, Mark Brown wrote:
> On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote:
>
>> Anyway, to move this forward I think we need to see a proof of concept
>> of using selinux to protect access to specific heaps.
>
> Aren't Unix permissions enough with separate files or am I
> misunderstanding what you're looking to see a proof of concept for?
>

The goal is to be able to restrict heap access to certain services
and selinux groups on Android so straight unix permissions aren't
sufficient.

Thanks,
Laura

Next message: Steve Grubb: "Re: [PATCH ALT4 V3 2/2] audit: filter PATH records keyed on filesystem magic"
Previous message: Kees Cook: "[PATCH] timer: Remove meaningless .data/.function assignments"
In reply to: Mark Brown: "Re: [PATCH v5 2/2] staging: ion: create one device entry per heap"
Next in thread: Mark Brown: "Re: [PATCH v5 2/2] staging: ion: create one device entry per heap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]