> -----Original Message----- > From: Stephen Smalley [mailto:sds@xxxxxxxxxxxxx] > Sent: Tuesday, December 6, 2016 10:01 AM > To: Roberts, William C <william.c.roberts@xxxxxxxxx>; nnk@xxxxxxxxxx; > selinux@xxxxxxxxxxxxx > Cc: Yongqin Liu <yongqin.liu@xxxxxxxxxx>; Paul Moore <paul@xxxxxxxxxxxxxx> > Subject: Re: [PATCH] quick selinux support for tracefs > > On 12/06/2016 12:50 PM, Roberts, William C wrote: > > > > > >> -----Original Message----- > >> From: Stephen Smalley [mailto:sds@xxxxxxxxxxxxx] > >> Sent: Tuesday, December 6, 2016 9:41 AM > >> To: Roberts, William C <william.c.roberts@xxxxxxxxx>; nnk@xxxxxxxxxx; > >> selinux@xxxxxxxxxxxxx > >> Cc: Yongqin Liu <yongqin.liu@xxxxxxxxxx>; Paul Moore > >> <paul@xxxxxxxxxxxxxx> > >> Subject: Re: [PATCH] quick selinux support for tracefs > >> > >> On 12/06/2016 12:24 PM, william.c.roberts@xxxxxxxxx wrote: > >>> From: Yongqin Liu <yongqin.liu@xxxxxxxxxx> > >>> > >>> Here is just the quick fix for tracefs with selinux. > >>> just add tracefs to the list of whitelisted filesystem types in > >>> selinux_is_sblabel_mnt(), but the right fix would be to generalize > >>> this logic as described in the last item on the todo list, > >>> https://bitbucket.org/seandroid/wiki/wiki/ToDo > >>> > >>> Change-Id: I2aa803ccffbcd2802a7287514da7648e6b364157 > >> > >> Please rewrite the subject line and patch description per the > >> kernel's submission guidelines, drop the Change-Id and the link to > >> the SEAndroid todo list, and don't say that this is a quick fix but > > > > Why would anyone do that for this patch when below you say it won’t be > > merged unless we fix issue #2? > > I didn't say it couldn't be merged; I said it isn't a good idea to say "this is a quick fix > but the right fix is X" in an upstream patch submission if you want it to be > merged, unless it is for a serious security or stability bug that needs to be fixed > right away. Oh sure, but I didn't right that patch message, Liu Yonggin is tha author, ill fix up the message and resubmit preserving him as the author. > > > > > the right fix is something else if you want this to > >> actually be merged. Because in that case, you ought to just > >> implement the right fix. There is now an upstream kernel issue for the right > fix: > >> https://github.com/SELinuxProject/selinux-kernel/issues/2 > > > > The other question here is tracefs safe to label in this fashion, I would assume > yes. > > Looking through I didn't see any eviction code. > > Yes, the inodes are pinned. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
