Re: [PATCH v3 0/9] SELinux support for Infiniband RDMA
From: Or Gerlitz <hidden>
Date: 2016-08-30 15:02:44
Also in:
selinux
Possibly related (same subject, not in this thread)
- 2016-09-30 · Re: [PATCH v3 0/9] SELinux support for Infiniband RDMA · Jason Gunthorpe <hidden>
- 2016-09-30 · Re: [PATCH v3 0/9] SELinux support for Infiniband RDMA · Paul Moore <paul@paul-moore.com>
- 2016-09-29 · Re: [PATCH v3 0/9] SELinux support for Infiniband RDMA · Jason Gunthorpe <hidden>
- 2016-09-29 · Re: [PATCH v3 0/9] SELinux support for Infiniband RDMA · Paul Moore <hidden>
- 2016-09-26 · Re: [PATCH v3 0/9] SELinux support for Infiniband RDMA · Jason Gunthorpe <hidden>
On Tue, Aug 30, 2016 at 10:46 AM, Leon Romanovsky [off-list ref] wrote:
On Mon, Aug 29, 2016 at 08:00:32PM -0400, Paul Moore wrote:quoted
On Mon, Aug 29, 2016 at 5:48 PM, Daniel Jurgens [off-list ref] wrote:quoted
On 8/29/2016 4:40 PM, Paul Moore wrote:quoted
On Fri, Jul 29, 2016 at 9:53 AM, Dan Jurgens [off-list ref] wrote:quoted
From: Daniel Jurgens <danielj-VPRAkNaXOzVWk0Htik3J/w@public.gmane.org>...quoted
Daniel Jurgens (9): IB/core: IB cache enhancements to support Infiniband security IB/core: Enforce PKey security on QPs selinux lsm IB/core: Implement LSM notification system IB/core: Enforce security on management datagrams selinux: Create policydb version for Infiniband support selinux: Allocate and free infiniband security hooks selinux: Implement Infiniband PKey "Access" access vector selinux: Add IB Port SMP access vector selinux: Add a cache for quicker retreival of PKey SIDsHi Daniel, My apologies for such a long delay in responding to this latest patchset; conferences, travel, and vacation have made for a very busy August. After you posted the v2 patchset we had an off-list discussion regarding testing the SELinux/IB integration; unfortunately we realized that IB hardware would be needed to test this (no IB loopback device), but we agreed that having tests would be beneficial. Have you done any work yet towards adding SELinux/IB tests to the selinux-testsuite project? * https://github.com/SELinuxProject/selinux-testsuiteHi Paul, I've not started doing that yet. I've been waiting for feedback of any kind from the RDMA list. I thought the test updates would be more appropriate around the time I'm submitting the changes to the user space utilities to allow labeling the new types.
quoted
Okay, no problem. I just want the tests in place and functional when we merge the kernel code.
Hi Paul, IMHO, you can use Soft RoCE (RXE) [1] for it.
If I got it right, little if not nothing of this patch set is applicable to RoCE ports, this is about IB ports, Daniel, can you comment? Or. -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org More majordomo info at http://vger.kernel.org/majordomo-info.html