On Thursday, October 29, 2015 07:36:13 PM Josh Boyer wrote: > Hi All, > > We will be removing the kdbus driver from Rawhide kernels before the > 4.3 final release upstream. Realistically, this means kdbus will be > gone from Fedora by Monday November 2nd at the latest. If you have a > setup using kdbus, please adjust it accordingly. > > The upstream developers asked me to remove the module from Fedora > while they rethink some of the approach they are taking with kdbus. This is just a heads-up ... In the future we need to be careful when re-enabling kdbus in Fedora kernels so that we ensure the necessary SELinux access controls are in place at the same time. Without the proper LSM/SELinux access controls, kdbus provides a communication channel which could violate SELinux security policies and prevent a nasty regression with respect to access control. I've been trying to work with the upstream kdbus developers on better notification/review of their next attempt, but the results thus far have been less than inspiring. There is a non-trivial chance that we may end up with kdbus in an upstream kernel release before we have the LSM/SELinux hooks ready for inclusion. -- paul moore security @ redhat _______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
