Re: [PATCH 0/6] Labeled networking patches for 2.6.30

From: Paul Moore <paul.moore_at_nospam>
Date: Sat Mar 28 2009 - 12:01:47 GMT
To: James Morris <jmorris@namei.org>

On Friday 27 March 2009 08:58:52 pm James Morris wrote:
> On Fri, 27 Mar 2009, David Miller wrote:
> > From: Paul Moore <paul.moore@hp.com>
> > Date: Fri, 27 Mar 2009 17:10:20 -0400
> >
> > > This patchset wraps up all the new labeled networking bits for 2.6.30.
> > > This is mostly a fixup/cleanup release with the main focus being to
> > > correct the TCP labeling of both SELinux and Smack; expect some of this
> > > to get backported to the -stable trees but there will need to be a bit
> > > of rework first so it may take a few weeks for that to happen. Other
> > > than the TCP issue there is a new Smack feature to configure CIPSO
> > > aware hosts in "/smack/netlabel" which should make the host/network
> > > label configuration much more flexible. The last change is to get rid
> > > of the security_socket_post_accept() hook which isn't currently being
> > > used by anything in-tree and seems to act as a magnet for bad ideas; if
> > > things change we can always add it back later.
> >
> > Is James Morris going to take this stuff? Just curious...
>
> I will unless you specifically want it.

Since James had pulled the labeled networking patches the past few times I figured he would do the same this time around. I was posting these to netdev more as an FYI since there were some core networking changes, although they were pretty minor and previously ACKd.

> Paul: it's probably a good idea to have this in my tree before the merge
> window opens.

Okay, I'll make sure you have the lblnet-2.6_next stuff before the merge window opens in the future. Regardless, thanks for pulling in the patches. -- paul moore linux @ hp -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

This message: [ Message body ]
Next message: Vikram Noel Ambrose: "xine_init() causes segfault in libselinux"
Previous message: Andy Warner: "Re: Some ideas in SE-PostgreSQL enhancement (Re: The status of SE-PostgreSQL)"
In reply to: James Morris: "Re: [PATCH 0/6] Labeled networking patches for 2.6.30"
Next in thread: James Morris: "Re: [PATCH 0/6] Labeled networking patches for 2.6.30"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]