Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp1594316rwb;
        Fri, 28 Jul 2023 11:44:14 -0700 (PDT)
X-Google-Smtp-Source: APBJJlHQnak+NB4FNgqpoXviSlNwd3Hyuv5XDfxV5SKAdkRCWkXNpBPxBUllKRkxL9GCioGnnAps
X-Received: by 2002:a17:902:e5c6:b0:1b8:50a9:6869 with SMTP id u6-20020a170902e5c600b001b850a96869mr2775004plf.66.1690569853905;
        Fri, 28 Jul 2023 11:44:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690569853; cv=none;
        d=google.com; s=arc-20160816;
        b=lZ7yXPKgrP7AAQkDA373eKYiZH0bkPB1+BXzGv/U1wGbAPC8ccgbMrFfrfQl3M+FaW
         weMEbP1R5eQ4u3Ii5Q4Ag712q2r9zbBQB0OfUIKWM5GN6eBg8LkukIXiV5bZwhWtpOA0
         9ysYkLrN2MId9KHkwjq3BPRi+XgM15+DvTWyS6en84P+HDCbzdxNOvEIXZ40iRhTOmo8
         iF88k/LKYMFVLuSZI70bX2zAz2re10S7ZtXIXWBPu/NXgJuNf7bZTpKS8UkRRPs5xyre
         EaJFS2Rb90znQkFdO54iUIoKd3JCjCF0XCdEHnTFUjb2alJ5HTvJgA1Titl1oBwXbfBe
         mJxw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:references:subject:cc:to:from
         :message-id:date:dkim-signature;
        bh=hsd4ZqBI4xP964JP2IzxDEKVHRiOs6KK7KEA7coO+NA=;
        fh=zOdTh2zTjJiNrBG1kFVcf98gVI/1jQma2FGYQ18uIgo=;
        b=YAqkyH76/LgeR5mBDeWJduWgKS2d/+6Eg6D8tCiUfM+rJRIBBRW6/cRBMSDGA7WChK
         upPoW3zdNGtKjPaHJkVmehklkvn9Tsbh0JC8JkAiqkTVD3XHCgxatKaSVKOPbRIxEE4S
         sarxgY+OGb1t+EsOmJtgXO0xftJrc0g8XHtP+rr1LmVGzq75YPYazxHlad5e8QokDA+V
         iDHB/8rqGC1V0i+LX45vvhG8xrTPGlqRoaNkOWf7s+l3SCMaUf99gbEEm2q12Q4cCJrX
         0Y4NFJgDwfJ21ervFqbZruq5sowSGxCVPIuK+1tk6omLFdtkKYQUpFw0bmgQzKAFd+yb
         77mQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore.com header.s=google header.b=FCnfKzOB;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id j9-20020a170902da8900b001bbaa259eddsi3513489plx.356.2023.07.28.11.44.00;
        Fri, 28 Jul 2023 11:44:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore.com header.s=google header.b=FCnfKzOB;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=paul-moore.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S235118AbjG1SER (ORCPT <rfc822;anothersharkwizard@gmail.com>
        + 99 others); Fri, 28 Jul 2023 14:04:17 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51104 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230371AbjG1SEQ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 28 Jul 2023 14:04:16 -0400
Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01C763C21
        for <linux-kernel@vger.kernel.org>; Fri, 28 Jul 2023 11:04:15 -0700 (PDT)
Received: by mail-qt1-x82b.google.com with SMTP id d75a77b69052e-4039a42467fso15931591cf.3
        for <linux-kernel@vger.kernel.org>; Fri, 28 Jul 2023 11:04:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore.com; s=google; t=1690567454; x=1691172254;
        h=in-reply-to:references:subject:cc:to:from:message-id:date:from:to
         :cc:subject:date:message-id:reply-to;
        bh=hsd4ZqBI4xP964JP2IzxDEKVHRiOs6KK7KEA7coO+NA=;
        b=FCnfKzOBu2qoAXdB9XtZdunKOn0MXAkA8dVhWdgztvF8+bk55rb2XWixkZkU7PdcsJ
         OmCSkxh7GUyEPw7WUm+vNQ+8nsh9v14HoBFlflB+9ENNAfruHQBlSr/Ls43dm0lMCnwY
         gMhGlZkWucdeUpkjPpyctbNMKMnZ0Rre+DuSCvGVmnwu19kPzpj6mduy6wjgGr7sA+Am
         zpXqqwyctg9X/l0u9SV1jmIpIpyV19Lm83rFgTwlW1gsZTVaUxPbLqvYU7lnfhtZTCT6
         ckK8pL9KWL9qh2ztqGl8c1+KAOlLert0kr++PQ/qo6LLGfdrfmjBPvZ8RanIIeeX++Yq
         Hh7A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20221208; t=1690567454; x=1691172254;
        h=in-reply-to:references:subject:cc:to:from:message-id:date
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=hsd4ZqBI4xP964JP2IzxDEKVHRiOs6KK7KEA7coO+NA=;
        b=jNFfNPr4Pf1e1RtcVS0ZvfEEcKxapGyRA3FzQWwbaI/0nn4VIdfeWWO3tJXrme5+Ak
         zWoWvzPzVba3RSbxxYNEIjnuqwIA5+gSLzC86URnpOJiIuEkHd0DHxUKVbdHIUxpJFjX
         tFIcTxxjkwNVIZUBGjIRfFOTHmFTbqTdmq025ul3paZsDf1Y0O1RatXX+/0ixiMQvwVM
         wg8UZou4t+WJOgHfUvU3fWE+1igzU2epir5ywVWTz8Zkgaz5HxxHEpdXQeUHt5E0FfFJ
         5cY6mMR87FopQjqvsIf0B4pfrekKJ2gHnIWrS7y3Pze2vQB63jCbqf5r34bGAJEGCzqc
         UVNQ==
X-Gm-Message-State: ABy/qLZ789uR7pmFhjHCY1qiIKAfcQZbAdemeuK9ENRjk7uRx01TmCJC
        Ne/AwwL2NpuSzRIi7rYFGmPK
X-Received: by 2002:ac8:7f56:0:b0:403:fcd9:963 with SMTP id g22-20020ac87f56000000b00403fcd90963mr4002198qtk.67.1690567454121;
        Fri, 28 Jul 2023 11:04:14 -0700 (PDT)
Received: from localhost ([70.22.175.108])
        by smtp.gmail.com with ESMTPSA id i16-20020ac84890000000b0040554ed322dsm1303332qtq.62.2023.07.28.11.04.13
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 28 Jul 2023 11:04:13 -0700 (PDT)
Date:   Fri, 28 Jul 2023 14:04:12 -0400
Message-ID: <375a357fce825c3d6b6d32e7a6396c62.paul@paul-moore.com>
From:   Paul Moore <paul@paul-moore.com>
To:     =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>,
        selinux@vger.kernel.org
Cc:     Stephen Smalley <stephen.smalley.work@gmail.com>,
        Eric Paris <eparis@parisplace.org>,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] selinux: log about VM being executable by default
References: <20230728150150.16224-1-cgzones@googlemail.com>
In-Reply-To: <20230728150150.16224-1-cgzones@googlemail.com>
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,PP_MIME_FAKE_ASCII_TEXT,
        RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Jul 28, 2023 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com> wrote:
> 
> In case virtual memory is being marked as executable by default, SELinux
> checks regarding explicit potential dangerous use are disabled.
> 
> Inform the user about it.
> 
> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
> ---
> v2:
>    shorten message as suggested by Paul
> ---
>  security/selinux/hooks.c | 2 ++
>  1 file changed, 2 insertions(+)

Merged into selinux/next, thanks.

--
paul-moore.com