On Sun, 12 Jul 2020 11:38:21 -0000, GitLab Bridge on behalf of pbrobinson wrote:
> From: Jonathan Lebon <jlebon@xxxxxxxxxx>
>
> This patch does for `getxattr` what commit 3e3e24b42043 ("selinux: allow
> labeling before policy is loaded") did for `setxattr`; it allows
> querying the current SELinux label on disk before the policy is loaded.
>
> One of the motivations described in that commit message also drives this
> patch: for Fedora CoreOS (and eventually RHEL CoreOS), we want to be
> able to move the root filesystem for example, from xfs to ext4 on RAID,
> on first boot, at initrd time.[1]
>
> Because such an operation works at the filesystem level, we need to be
> able to read the SELinux labels first from the original root, and apply
> them to the files of the new root. The previous commit enabled the
> second part of this process; this commit enables the first part.
>
> [1] https://github.com/coreos/fedora-coreos-tracker/issues/94
>
> Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
> Signed-off-by: Jonathan Lebon <jlebon@xxxxxxxxxx>
> Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx>
It doesn't seem the patch has been accepted upstream? Could you please
clarify that?
Politely,
Nacked-by: Jiri Benc <jbenc@xxxxxxxxxx>
_______________________________________________
kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
