[PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks

James Morris jmorris at namei.org
Thu May 27 04:28:11 UTC 2021


On Wed, 26 May 2021, Ondrej Mosnacek wrote:

> Thanks, Michael!
> 
> James/Paul, is there anything blocking this patch from being merged?
> Especially the BPF case is causing real trouble for people and the
> only workaround is to broadly allow lockdown::confidentiality in the
> policy.

It would be good to see more signoffs/reviews, especially from Paul, but 
he is busy with the io_uring stuff.

Let's see if anyone else can look at this in the next couple of days.

-- 
James Morris
<jmorris at namei.org>



More information about the Linux-security-module-archive mailing list