Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp3272817pxb; Sun, 3 Oct 2021 21:01:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy6MdBcarfGRNAd2/XXaNsxlRmLe9cB0cnLFS0GmsB3rgDp/sIeMKiXRfbG1lFPGt5ZrymA X-Received: by 2002:a17:902:9687:b0:13d:b848:479d with SMTP id n7-20020a170902968700b0013db848479dmr22486740plp.59.1633320064716; Sun, 03 Oct 2021 21:01:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633320064; cv=none; d=google.com; s=arc-20160816; b=uAQkqdLV6sUJnEhMidmsZyV02CYGT76HtROZgl2nJoM9Sb/2fcHyQA1nFwsQKTYb1m p2IXTJQRsyxIK1BgzWAHo/wzTgisI7fLdaRR5oj7526XM2y0Z0LIzCgqI34GqyLvsdQf 4fRsH/tKHdy1YWsKZwIuukeGAIVlV6eDiCTOZf5ylcY2EOWFt+uLbSeu6Nh2MRjC/qft mDvvWDlTP8hVItp05857U31yDDLqLeP0qOfivGqKt93CMy7ZJ/VZiwpDnEsnDuB9VUTW BxfK3pG3tdYH0mvQC6g3B74FMyM8Wl76lyBr3ex6Y2IiQVp3xcAhJ1T70sb/XB6dA+Pq jQCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=KPA7PTN9rac6mtp1TxDzmUybrjJbNdh7wMsLso3btwk=; b=o2y4Vrdey0IsXnFknzK6V3/h/nfhinb/Ki9mdg6Fk0ZHarNpxQW5WDjQRjb+hNQ2Ff ZkYnwzzfzn2U3QdkEmH5IBWL/v479fpItfZq78p1Oy2imjtgBO9t91TLwEEMLu29qpP1 DFJBiqPLBjAKSjqOoV/SC4QNHyRU6eqwY1ZkxVX/PAxV+YwdzyIKpVAplnUcNXvtT+90 IWBDCDB2WyN+HYn3wU3/LyKxlqK8M3X9SJuRazq6e5UybKSjMb6Vgdg5SUkTpn3a4IUb 2kGXct9CirKe7VTlzREytyVfTTDAyuoug9E4WxRs6p7TgR0haM4/dCqo9papFFoJ9ig4 4S8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gpEE9tML; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i2si14904995pjl.80.2021.10.03.21.00.56; Sun, 03 Oct 2021 21:01:04 -0700 (PDT) Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=gpEE9tML; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229494AbhJDEAz (ORCPT + 21 others); Mon, 4 Oct 2021 00:00:55 -0400 Received: from mail.kernel.org ([198.145.29.99]:59624 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229463AbhJDEAz (ORCPT ); Mon, 4 Oct 2021 00:00:55 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 9B11B611C7; Mon, 4 Oct 2021 03:59:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1633319946; bh=+OnX9C5RMPpZh6BJMQow0X2L5eo6zl0R5BRIINNtYxo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gpEE9tMLL5CQu9q58pIQe7Oo44yPxsvEWm9xdYUhxeUSKuAnTl+ZfBmG2qjlYBYqY MiAHwA5fRML8/VzkRNREp3SEjEflVIukEnCHLCmi44HTOdJmcgQs9Ca89p4IqG1FGZ IbtEeTpEfnTBWSVUNHqVSo7r5f8VMSEdGmv/SKibJPHAWcDAG/ZnFhtG7yIxGeJzUb EIq2Pso8nSIEm2TDqEBqPyI8V3WdUVZdojuA/JL1nHOpHl9dX7y5Ggvoi1tigWqCsf a2xSnT46BnKFhK+T7sPhzCJcWw12DiCoXJYBGy0sU+sPnnH7cSHsfcyXKBf1S8Rsag NcCmPC0VApZag== From: Gao Xiang To: selinux-refpolicy@vger.kernel.org Cc: linux-erofs@lists.ozlabs.org, Gao Xiang , David Michael Subject: [PATCH] Add erofs as a SELinux capable file system Date: Mon, 4 Oct 2021 11:59:01 +0800 Message-Id: <20211004035901.5428-1-xiang@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <8735pjoxbk.fsf@gmail.com> References: <8735pjoxbk.fsf@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org EROFS supported the security xattr handler from Linux v4.19. Add erofs to the filesystem policy now. Reported-by: David Michael Signed-off-by: Gao Xiang --- policy/modules/kernel/filesystem.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te index 7282acba8537..8109348f70de 100644 --- a/policy/modules/kernel/filesystem.te +++ b/policy/modules/kernel/filesystem.te @@ -24,6 +24,7 @@ sid fs gen_context(system_u:object_r:fs_t,s0) # Requires that a security xattr handler exist for the filesystem. fs_use_xattr btrfs gen_context(system_u:object_r:fs_t,s0); fs_use_xattr encfs gen_context(system_u:object_r:fs_t,s0); +fs_use_xattr erofs gen_context(system_u:object_r:fs_t,s0); fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0); fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0); fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0); -- 2.20.1