On Tue, Aug 30, 2016 at 10:46 AM, Leon Romanovsky <leon@xxxxxxxxxx> wrote: > On Mon, Aug 29, 2016 at 08:00:32PM -0400, Paul Moore wrote: >> On Mon, Aug 29, 2016 at 5:48 PM, Daniel Jurgens <danielj@xxxxxxxxxxxx> wrote: >> > On 8/29/2016 4:40 PM, Paul Moore wrote: >> >> On Fri, Jul 29, 2016 at 9:53 AM, Dan Jurgens <danielj@xxxxxxxxxxxx> wrote: >> >>> From: Daniel Jurgens <danielj@xxxxxxxxxxxx> >> >> ... >> >> >> >>> Daniel Jurgens (9): >> >>> IB/core: IB cache enhancements to support Infiniband security >> >>> IB/core: Enforce PKey security on QPs >> >>> selinux lsm IB/core: Implement LSM notification system >> >>> IB/core: Enforce security on management datagrams >> >>> selinux: Create policydb version for Infiniband support >> >>> selinux: Allocate and free infiniband security hooks >> >>> selinux: Implement Infiniband PKey "Access" access vector >> >>> selinux: Add IB Port SMP access vector >> >>> selinux: Add a cache for quicker retreival of PKey SIDs >> >> Hi Daniel, >> >> >> >> My apologies for such a long delay in responding to this latest >> >> patchset; conferences, travel, and vacation have made for a very busy >> >> August. After you posted the v2 patchset we had an off-list >> >> discussion regarding testing the SELinux/IB integration; unfortunately >> >> we realized that IB hardware would be needed to test this (no IB >> >> loopback device), but we agreed that having tests would be beneficial. >> >> >> >> Have you done any work yet towards adding SELinux/IB tests to the >> >> selinux-testsuite project? >> >> >> >> * https://github.com/SELinuxProject/selinux-testsuite >> > >> > Hi Paul, I've not started doing that yet. I've been waiting for feedback of any kind from the RDMA list. I thought the test updates would be more appropriate around the time I'm submitting the changes to the user space utilities to allow labeling the new types. >> Okay, no problem. I just want the tests in place and functional when >> we merge the kernel code. > Hi Paul, > IMHO, you can use Soft RoCE (RXE) [1] for it. If I got it right, little if not nothing of this patch set is applicable to RoCE ports, this is about IB ports, Daniel, can you comment? Or. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
