Re: [RFC] Finding the right target branch for patches that span IMA and SeLinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Oct 31, 2020 at 11:08 PM Tushar Sugandhi
<tusharsu@xxxxxxxxxxxxxxxxxxx> wrote:
> On 2020-10-30 1:37 p.m., Paul Moore wrote:

...

> > If the patch(set) introduces new functionality I will ask you to add
> > or update an existing test in the selinux-testsuite.
> > * https://github.com/SELinuxProject/selinux-testsuite
>
> Lakshmi has written an SeLinux test for this feature, and it is
> currently being targeted for LTP repo.
> https://github.com/linux-test-project/ltp
>
> We can work with you to also get it incorporated in selinux-testsuite.
> But the concern here is we may have to pull additional dependent scripts
> from LTP to selinux-testsuite to support our test.
>
> Could you please take a look at Lakshmi's SeLinux test, and guide us
> further on this? Here is the patch.
> https://patchwork.kernel.org/patch/11804587/

As I'm looking at the test(s) above, I'm thinking that this may not be
something that needs to be in the selinux-testsuite.  While SELinux is
obviously an important part of the test, the test is more IMA focused
(which is probably the way it should be).

As a bit of background, the selinux-testsuite is intended to serve as
a relatively easy and quick to run test that can be used by developers
to quickly test their patches; while it aims for good coverage, it
does not try to be a comprehensive regression test suite.  Not only
would that be duplicating other efforts such as the LTP, it would go
against the goal of making the test suite quick and easy to use.

> > If the patch(set) introduces new, or changed, functionality I may ask
> > you to update The SELinux Notebook.
> > * https://github.com/SELinuxProject/selinux-notebook
>
> Will do. Thanks.
>
> > Beyond the above, the general SELinux kernel tree process is
> > documented in the README.md found in selinux/main:
> > * https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git/tree/README.md
> >
> Thanks for the pointer.
> We'll go through the documentation.

Can you and Lakshmi help me better understand the state of the
SELinux/IMA patches?  I see that you included Lakshmi's SELinux/IMA
patch in your last patchset, and it appears to have included feedback
from Stephen's last review.  Is it your intent to continue to submit
the SELinux/IMA patch as part of a larger patchset, or do you plan to
split that back out into a standalone patch?

-- 
paul moore
www.paul-moore.com



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux