On Fri, Feb 12, 2021 at 6:58 AM Daniel Walsh <dwalsh@xxxxxxxxxx> wrote: > On 2/11/21 18:28, Paul Moore wrote: > > It will get merged into selinux/next *after* this upcoming merge > > window. I'm sorry, but -rc7 is just too late for new functionality; > > kernel changes need to soak before hitting Linus' tree and with the > > merge window opening in about three days that simply isn't enough > > time. Come on Dan, even you have to know that ... > > Well if that is ASAP, then fine, next window. Sadly this delays us three > months from getting this feature out and tested, but we can live with this. It's consistent with the policy I've been following for years at this point, regular SELinux (and audit) kernel contributors as well as people who follow the related lists should be well aware of this by now. If you look at the SELinux kernel tree you'll find this documented in the README.md file in the top level directory; here is the relevant excerpt: "Patches will be merged into the subsystem's next branch during the development cycle which extends from merge window close up until the merge window reopens. However, it is important to note that large, complicated, or invasive patches sent late in the development cycle may be deferred until the next cycle. As a general rule, only small patches or critical fixes will be merged after -rc5/-rc6." https://github.com/SELinuxProject/selinux-kernel https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git/tree/README.md > Once it gets into a Release candidate we can push people to Rawhide to begin testing it. As a reminder, once a patch hits the selinux/next branch it should show up in my kernel-secnext builds within about an hour (+/- 30m depending on the time and day). Currently packages are only built for Fedora Rawhide (source, x86_64, aarch64), but I still have aspirations for providing Debian sid packages someday. https://paul-moore.com/blog/d/2019/04/kernel_secnext_repo.html -- paul moore www.paul-moore.com
