On Tue, Mar 8, 2022 at 5:11 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
>
> The checkreqprot functionality was disabled by default back in
> Linux v4.4 (2015) with commit 2a35d196c160e3 ("selinux: change
> CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE default") and it was
> officially marked as deprecated in Linux v5.7. It was always a
> bit of a hack to workaround very old userspace and to the best of
> our knowledge, the checkreqprot functionality has been disabled by
> Linux distributions for quite some time.
>
> This patch moves the deprecation messages from KERN_WARNING to
> KERN_ERR and adds a five second sleep to anyone using it to help
> draw their attention to the deprecation and provide a URL which
> helps explain things in more detail.
>
> Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx>
> ---
> security/selinux/hooks.c | 4 +++-
> security/selinux/include/security.h | 6 ++++++
> security/selinux/selinuxfs.c | 4 ++--
> 3 files changed, 11 insertions(+), 3 deletions(-)
Merged into selinux/next.
--
paul-moore.com
