Received: by 10.223.164.221 with SMTP id h29csp3454343wrb; Tue, 10 Oct 2017 02:13:49 -0700 (PDT) X-Google-Smtp-Source: AOwi7QCTFm50SBjLRpycV6LTBiU/LbvnB9I8ZO24+sbBS4iLdYV2vvBvdC952ra5/JTc+nrtBYcn X-Received: by 10.101.93.2 with SMTP id e2mr11446124pgr.302.1507626829414; Tue, 10 Oct 2017 02:13:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1507626829; cv=none; d=google.com; s=arc-20160816; b=t7aINcklGzyJb8FDWXBSe4yNP5OSvJxTr1Kmj+eliRVfchNAMs1S09boNv4r2i8+YM xucTbBJjBA7goRSduDeGTD/YqrIUobzZ4Sn6oOHBcawnrK3Kbj0tf/edynbKQm32tTye wFkAt/GbEdvyCz+wANxYvaSfHn47YolJVkJMeEaTDVh3wiyPa5kpndUdj7rIojTPZIJS Zwm5Ii1JqV2CuIkVO5UR9mDviuWaERcxoT+jjFdS87grtsv91zA1OD+B8KLFGGaF7qo6 BUBElCA56J4/l11tOUyJiMLkGQ7uOd2M1vOk+ztkj7Zems7h23yvDYzcJeZrUbqTIDI/ 6jEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=ukXxKztKc+zuhO/QohHcN03ny5q3NKanyb0nS3AcfPs=; b=ubbEwVmNlapg6yMjs1uqJE1XlPHg97MSiAyH68R3PLPz6z/qrrlNwuaNjTfNuN60JL PwaiLFDk9BNJ0RJqntbQn0oPSmWminEqZHV3j4LV5tuJeEAXgWGCZgMjjTlzsmvclZnA SfMa2oUX/74KnQHL2o+w45P0NkN3EEaW2Kerg7OZUefL1MnEvF85DlTsOv8efpwoY7Ui /6VWzZObFZkbUGB/s8ETxrbr/msw6Eljyg2RubQeJJYUqjhLdqniG/9XSzVpAA6vHRwM y7kfdYKVxWKWg/QCW1gsoDstQ4H1VmNOEeAsuVSsWMcfjMUpOwaNqD2fl3UQWEKcdU4a A+3g== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@sirena.org.uk header.s=20170815-heliosphere header.b=ET3DcbLk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r16si8172950pgn.85.2017.10.10.02.13.35; Tue, 10 Oct 2017 02:13:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@sirena.org.uk header.s=20170815-heliosphere header.b=ET3DcbLk; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756028AbdJJJMB (ORCPT + 99 others); Tue, 10 Oct 2017 05:12:01 -0400 Received: from heliosphere.sirena.org.uk ([172.104.155.198]:50934 "EHLO heliosphere.sirena.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751826AbdJJJL6 (ORCPT ); Tue, 10 Oct 2017 05:11:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sirena.org.uk; s=20170815-heliosphere; h=In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=ukXxKztKc+zuhO/QohHcN03ny5q3NKanyb0nS3AcfPs=; b=ET3DcbLk+pddA3i3uqQixa+at EMd6p/sJUi99Gk0dUMjqLIxpDgeQfvSy+5zLbzGFJEvkFbh9GLn34Gfvz43TbDGVILFhv6gJMoe/a uFDv3wiSP6A48jGZYd5gcrR+NYbWLEaNu8IHvdZxL6ZMRXXBh7sx1eNiYcL4LtCuhRis0=; Received: from debutante.sirena.org.uk ([2001:470:1f1d:6b5::3] helo=debutante) by heliosphere.sirena.org.uk with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1e1qZr-0006wP-Uf; Tue, 10 Oct 2017 09:11:52 +0000 Received: from broonie by debutante with local (Exim 4.89) (envelope-from ) id 1e1qZr-000318-28; Tue, 10 Oct 2017 10:11:51 +0100 Date: Tue, 10 Oct 2017 10:11:51 +0100 From: Mark Brown To: Laura Abbott Cc: Benjamin Gaignard , Sandeep Patil , driverdevel , Greg Kroah-Hartman , Arve =?iso-8859-1?B?SGr4bm5lduVn?= , "dri-devel@lists.freedesktop.org" , Linux Kernel Mailing List , Riley Andrews , linux-api@vger.kernel.org, Sumit Semwal , Dan Carpenter Subject: Re: [PATCH v5 2/2] staging: ion: create one device entry per heap Message-ID: <20171010091151.rfdsphstboubm7ps@sirena.co.uk> References: <1506518409-16887-3-git-send-email-benjamin.gaignard@linaro.org> <2e15edc2-a17f-3930-7d5b-4b5b7d2e0a4d@redhat.com> <20171003164849.rcdgez6lbpmq5llt@sirena.org.uk> <2417c969-357f-d5d9-153a-2180d09b0dc6@redhat.com> <20171003230830.GA132839@sspatil-desktop.mtv.corp.google.com> <20171004101720.ob5f467tro7agpcz@sirena.co.uk> <20171009220858.zwbguqkamzmswqcq@sirena.co.uk> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="n3vr7jvy6ajpqvqm" Content-Disposition: inline In-Reply-To: X-Cookie: You are magnetic in your bearing. User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --n3vr7jvy6ajpqvqm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Oct 09, 2017 at 05:10:37PM -0700, Laura Abbott wrote: > On 10/09/2017 03:08 PM, Mark Brown wrote: > > On Mon, Oct 09, 2017 at 02:25:47PM -0700, Laura Abbott wrote: > >> Anyway, to move this forward I think we need to see a proof of concept > >> of using selinux to protect access to specific heaps. > > Aren't Unix permissions enough with separate files or am I > > misunderstanding what you're looking to see a proof of concept for? > The goal is to be able to restrict heap access to certain services > and selinux groups on Android so straight unix permissions aren't > sufficient. Oh, there's Android users for this? The users I was aware of were non-Android. Though even so I'd have thought that given that SELinux is a superset of Unix file permissions it ought to be sufficient to be able to use them. I'd been thinking people were suggesting SELinux as a replacement for file permissions, using the single file and the greater capabilities of SELinux. --n3vr7jvy6ajpqvqm Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAlncjtYACgkQJNaLcl1U h9AVAgf/aCSyn9swUrbGtIuL6I4w0UCWzbpKqT5kaZUnuvaFRp80UmbB93M90BWw vcTlqxIg6KrMiOdUnQjk2IlSlAqzncXOCvvjxWXLYQEvRvizRy4+FyxAjY09K9p8 pEb7Q1QikmTHIx7O3c92MlHaAdMslWZOf7SDKvAjXFwoV3SwvZJzDoiQn2kCUxMV MbQt70udZ8bB95CBcKP+VnxJBEIr/zQUyJTGT0wxjhb21ZynZIzyHrwBFrtINcu1 4G3Eyujed+oq2ebg9KsgXBGV5vmaDUQYIOg+sINZW3q01G8h/g9oJBk2pza7Z38E neyBZleeYFjurdhleb0gX9ksTtTqXw== =eTYq -----END PGP SIGNATURE----- --n3vr7jvy6ajpqvqm-- From 1580827185461768918@xxx Tue Oct 10 00:11:25 +0000 2017 X-GM-THRID: 1579699119100728687 X-Gmail-Labels: Inbox,Category Forums