Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp3272817pxb;
        Sun, 3 Oct 2021 21:01:05 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJy6MdBcarfGRNAd2/XXaNsxlRmLe9cB0cnLFS0GmsB3rgDp/sIeMKiXRfbG1lFPGt5ZrymA
X-Received: by 2002:a17:902:9687:b0:13d:b848:479d with SMTP id n7-20020a170902968700b0013db848479dmr22486740plp.59.1633320064716;
        Sun, 03 Oct 2021 21:01:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1633320064; cv=none;
        d=google.com; s=arc-20160816;
        b=uAQkqdLV6sUJnEhMidmsZyV02CYGT76HtROZgl2nJoM9Sb/2fcHyQA1nFwsQKTYb1m
         p2IXTJQRsyxIK1BgzWAHo/wzTgisI7fLdaRR5oj7526XM2y0Z0LIzCgqI34GqyLvsdQf
         4fRsH/tKHdy1YWsKZwIuukeGAIVlV6eDiCTOZf5ylcY2EOWFt+uLbSeu6Nh2MRjC/qft
         mDvvWDlTP8hVItp05857U31yDDLqLeP0qOfivGqKt93CMy7ZJ/VZiwpDnEsnDuB9VUTW
         BxfK3pG3tdYH0mvQC6g3B74FMyM8Wl76lyBr3ex6Y2IiQVp3xcAhJ1T70sb/XB6dA+Pq
         jQCw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=KPA7PTN9rac6mtp1TxDzmUybrjJbNdh7wMsLso3btwk=;
        b=o2y4Vrdey0IsXnFknzK6V3/h/nfhinb/Ki9mdg6Fk0ZHarNpxQW5WDjQRjb+hNQ2Ff
         ZkYnwzzfzn2U3QdkEmH5IBWL/v479fpItfZq78p1Oy2imjtgBO9t91TLwEEMLu29qpP1
         DFJBiqPLBjAKSjqOoV/SC4QNHyRU6eqwY1ZkxVX/PAxV+YwdzyIKpVAplnUcNXvtT+90
         IWBDCDB2WyN+HYn3wU3/LyKxlqK8M3X9SJuRazq6e5UybKSjMb6Vgdg5SUkTpn3a4IUb
         2kGXct9CirKe7VTlzREytyVfTTDAyuoug9E4WxRs6p7TgR0haM4/dCqo9papFFoJ9ig4
         4S8w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gpEE9tML;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id i2si14904995pjl.80.2021.10.03.21.00.56;
        Sun, 03 Oct 2021 21:01:04 -0700 (PDT)
Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gpEE9tML;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229494AbhJDEAz (ORCPT <rfc822;apot1624@gmail.com> + 21 others);
        Mon, 4 Oct 2021 00:00:55 -0400
Received: from mail.kernel.org ([198.145.29.99]:59624 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S229463AbhJDEAz (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Mon, 4 Oct 2021 00:00:55 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 9B11B611C7;
        Mon,  4 Oct 2021 03:59:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1633319946;
        bh=+OnX9C5RMPpZh6BJMQow0X2L5eo6zl0R5BRIINNtYxo=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=gpEE9tMLL5CQu9q58pIQe7Oo44yPxsvEWm9xdYUhxeUSKuAnTl+ZfBmG2qjlYBYqY
         MiAHwA5fRML8/VzkRNREp3SEjEflVIukEnCHLCmi44HTOdJmcgQs9Ca89p4IqG1FGZ
         IbtEeTpEfnTBWSVUNHqVSo7r5f8VMSEdGmv/SKibJPHAWcDAG/ZnFhtG7yIxGeJzUb
         EIq2Pso8nSIEm2TDqEBqPyI8V3WdUVZdojuA/JL1nHOpHl9dX7y5Ggvoi1tigWqCsf
         a2xSnT46BnKFhK+T7sPhzCJcWw12DiCoXJYBGy0sU+sPnnH7cSHsfcyXKBf1S8Rsag
         NcCmPC0VApZag==
From:   Gao Xiang <xiang@kernel.org>
To:     selinux-refpolicy@vger.kernel.org
Cc:     linux-erofs@lists.ozlabs.org, Gao Xiang <xiang@kernel.org>,
        David Michael <fedora.dm0@gmail.com>
Subject: [PATCH] Add erofs as a SELinux capable file system
Date:   Mon,  4 Oct 2021 11:59:01 +0800
Message-Id: <20211004035901.5428-1-xiang@kernel.org>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <8735pjoxbk.fsf@gmail.com>
References: <8735pjoxbk.fsf@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

EROFS supported the security xattr handler from Linux v4.19.
Add erofs to the filesystem policy now.

Reported-by: David Michael <fedora.dm0@gmail.com>
Signed-off-by: Gao Xiang <xiang@kernel.org>
---
 policy/modules/kernel/filesystem.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 7282acba8537..8109348f70de 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -24,6 +24,7 @@ sid fs gen_context(system_u:object_r:fs_t,s0)
 # Requires that a security xattr handler exist for the filesystem.
 fs_use_xattr btrfs gen_context(system_u:object_r:fs_t,s0);
 fs_use_xattr encfs gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr erofs gen_context(system_u:object_r:fs_t,s0);
 fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
 fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
 fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);
-- 
2.20.1