On Sat, Oct 31, 2020 at 11:08 PM Tushar Sugandhi <tusharsu@xxxxxxxxxxxxxxxxxxx> wrote: > On 2020-10-30 1:37 p.m., Paul Moore wrote: ... > > If the patch(set) introduces new functionality I will ask you to add > > or update an existing test in the selinux-testsuite. > > * https://github.com/SELinuxProject/selinux-testsuite > > Lakshmi has written an SeLinux test for this feature, and it is > currently being targeted for LTP repo. > https://github.com/linux-test-project/ltp > > We can work with you to also get it incorporated in selinux-testsuite. > But the concern here is we may have to pull additional dependent scripts > from LTP to selinux-testsuite to support our test. > > Could you please take a look at Lakshmi's SeLinux test, and guide us > further on this? Here is the patch. > https://patchwork.kernel.org/patch/11804587/ As I'm looking at the test(s) above, I'm thinking that this may not be something that needs to be in the selinux-testsuite. While SELinux is obviously an important part of the test, the test is more IMA focused (which is probably the way it should be). As a bit of background, the selinux-testsuite is intended to serve as a relatively easy and quick to run test that can be used by developers to quickly test their patches; while it aims for good coverage, it does not try to be a comprehensive regression test suite. Not only would that be duplicating other efforts such as the LTP, it would go against the goal of making the test suite quick and easy to use. > > If the patch(set) introduces new, or changed, functionality I may ask > > you to update The SELinux Notebook. > > * https://github.com/SELinuxProject/selinux-notebook > > Will do. Thanks. > > > Beyond the above, the general SELinux kernel tree process is > > documented in the README.md found in selinux/main: > > * https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git/tree/README.md > > > Thanks for the pointer. > We'll go through the documentation. Can you and Lakshmi help me better understand the state of the SELinux/IMA patches? I see that you included Lakshmi's SELinux/IMA patch in your last patchset, and it appears to have included feedback from Stephen's last review. Is it your intent to continue to submit the SELinux/IMA patch as part of a larger patchset, or do you plan to split that back out into a standalone patch? -- paul moore www.paul-moore.com