Hi Paul,
On 2020-10-30 1:37 p.m., Paul Moore wrote:
On Fri, Oct 30, 2020 at 12:43 PM Tushar Sugandhi
<tusharsu@xxxxxxxxxxxxxxxxxxx> wrote:
Unless this patch set is specifically dependent on the two patches in
the SELinux tree beyond v5.10.0-rc1, please base it on v5.10.0-rc1.
Thanks Mimi. We don't have dependencies on those two patches in SELinux
tree.
We'll base our changes on v5.10.0-rc1 in SELinux tree.
Thanks for the quick response.
I'm not as fast as Mimi, but I thought it might be worthwhile to
provide a bit more detail as to what I expect from SELinux kernel
submissions. I believe most other maintainers operate in a similar
manner, but I obviously can't speak for them.
Thanks a lot for the detailed information Paul.
Its very helpful, and we appreciate it.
Unless there is an exception due to a previous discussion, I ask that
all SELinux kernel patches be based on either the selinux/next branch
or Linus' current tree. If your patch(set) applies cleanly to either
of those branches, and passes review, I'll merge it into the
selinux/next branch taking care of any merge conflicts that may arise.
We will base on SeLinux -> next branch, as you/Mimi suggested.
If the merge is particularly tricky I may ask you to double check the
merge afterwards, but in my experience that is rare, most merge
conflicts are trivially resolved.
Based on our testing so far, there aren't any merge conflicts.
But if the need arises, we'll do our best to help you resolve/review
them.
In the case where a patch(set) being proposed for inclusion in the
SELinux tree has significant changes to another subsystem, I will ask
the affected subsystem's maintainer to review the patch(set). If the
other maintainers do not provide an ACK for the patch(set) I will not
merge the patches. If the other maintainers do not respond at all for
a few weeks, I may go ahead and merge the patch(set) anyway; that is a
decision made on a case-by-base basis.
Mimi has been actively reviewing IMA side of the changes for this
patch-set.
If the patch(set) introduces new functionality I will ask you to add
or update an existing test in the selinux-testsuite.
* https://github.com/SELinuxProject/selinux-testsuite
Lakshmi has written an SeLinux test for this feature, and it is
currently being targeted for LTP repo.
https://github.com/linux-test-project/ltp
We can work with you to also get it incorporated in selinux-testsuite.
But the concern here is we may have to pull additional dependent scripts
from LTP to selinux-testsuite to support our test.
Could you please take a look at Lakshmi's SeLinux test, and guide us
further on this? Here is the patch.
https://patchwork.kernel.org/patch/11804587/
If the patch(set) introduces new, or changed, functionality I may ask
you to update The SELinux Notebook.
* https://github.com/SELinuxProject/selinux-notebook
Will do. Thanks.
Beyond the above, the general SELinux kernel tree process is
documented in the README.md found in selinux/main:
* https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git/tree/README.md
Thanks for the pointer.
We'll go through the documentation.
~Tushar
