Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp4857797pxb;
        Tue, 5 Oct 2021 11:50:33 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyXkDk64sJAvb+IuQOAycZCUn210f4iwD0gmhhIuPnEbTxORXxOYZFcuTbtJspi7SnUSs4u
X-Received: by 2002:a62:7e4e:0:b0:44c:51f5:5895 with SMTP id z75-20020a627e4e000000b0044c51f55895mr15840381pfc.73.1633459833710;
        Tue, 05 Oct 2021 11:50:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1633459833; cv=none;
        d=google.com; s=arc-20160816;
        b=q+bUGgHgicc+cGpS42gU+byAgxqCXfNjrNtvMQHJqnl0Wp93Nz+EvJgR4IU6nwHwnN
         EsBAJfvwCNrPijoUSFU9iKld+U2UoL/H0XScke1wCIMo8m240Kn/TuuYoO+rXqeS720G
         AuZBoaCEqU3DsjOUIVsua4e8A/zsfw/qvc4AkjzpDQN6+hGgcOrBtdSUycugUDfD7SC+
         eOt7BxVSraCPm5aBHFUgmwdFZLwnODF0mmj95V48q8Nda4NUMNPKHHriwP5W7GLrL1BS
         uXTQ2SkovJnCz/m5ByJcizKtix0uwpUuZuneLWBG3DNREa8LQJrPQq5jY+YNrC175rzm
         wBIw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:content-language
         :in-reply-to:mime-version:user-agent:date:message-id:from:references
         :cc:to:subject:dkim-signature;
        bh=NhJmJ2GhjrChFePNVIANkzFcmmBCmTxHwcluBZ+z/ho=;
        b=gzeEc8s08nO+lX7YbO+ZRO3BfvNzBa9p+c/Mbg/ybJlC50jZogH+2QkjO9NpWJuK88
         95QeFBYOQoYPlpLgUitZzxh6JtPkNcnSulT+9TmWS2JrAlsKBac0/h9uQ/vJ17U83XSB
         4ei0PHASdTE9XcDfObQ565c/caNDIzyGXY+nMNZBlmkzSEDnSO1Cj1wQKRPdbhvzgrpA
         4FQRdLGp9ufEZnyHfnEtdpgBWjhlUNtxCaB11QmmaB1EwumTT2fB35ZPRIJsWdAiXD8i
         frX2qSSm5bDbXe+21Ld2HfPRVlWXPZBoS/97dETZXD0KlcZROCzjQDNCfrlactlW2ysy
         4cJA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@ieee.org header.s=google header.b=FUPHd3CI;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=ieee.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id l22si20202226pff.260.2021.10.05.11.50.26;
        Tue, 05 Oct 2021 11:50:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@ieee.org header.s=google header.b=FUPHd3CI;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=ieee.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229679AbhJESwQ (ORCPT <rfc822;apot1624@gmail.com> + 21 others);
        Tue, 5 Oct 2021 14:52:16 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50688 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229662AbhJESwQ (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Tue, 5 Oct 2021 14:52:16 -0400
Received: from mail-qv1-xf31.google.com (mail-qv1-xf31.google.com [IPv6:2607:f8b0:4864:20::f31])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4DCCEC061749
        for <selinux-refpolicy@vger.kernel.org>; Tue,  5 Oct 2021 11:50:25 -0700 (PDT)
Received: by mail-qv1-xf31.google.com with SMTP id a9so343465qvf.0
        for <selinux-refpolicy@vger.kernel.org>; Tue, 05 Oct 2021 11:50:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=ieee.org; s=google;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=NhJmJ2GhjrChFePNVIANkzFcmmBCmTxHwcluBZ+z/ho=;
        b=FUPHd3CI91XKB+MJOJLhYCmhjmLrPpxJRRuiiBneb/gtLytW7sD8KIffDhsij00tDi
         DEjAnVEbRqq4+r7r6rVRicbWKh4q52YMEjcsaUZ2RRkRAHoKLL+SD7G+af+pHIBRTrH1
         vL7GvdgQUZVucQyW/JQrbwBo3JWyMe5kd6fbg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=NhJmJ2GhjrChFePNVIANkzFcmmBCmTxHwcluBZ+z/ho=;
        b=arBcWG44cyW9LP9JpAuu4JpUWsnvcP5O2oVgTv53JPGZmP7r9FzmYNW3fRaTZ48OuU
         L+QvT82xUfz79Cc/QNYZKqefbGxZBOV/L5PXJAzeiYXAG8/xbtg3IdmD2PhENO/GfpJT
         lgi2kpbqxZLgzuI8zA9+zkYArgOyDkxBVT2zs9JXLVtVv4YM5xaW2cUdRhHoUP9SQ/Fd
         Mr4JHs1shpscCAqNEQTG7G0Jtt/DiyK8Kqg3Avq0iiY4m/YFS2x2cxn3bI2sS8zLTXMp
         3zaty5d+MrM6wAWzXfal7Wbt9srm0xbBvhEfahhdxkcGl7d6doAMzq7GWCJpVs9gkb2i
         Kl0A==
X-Gm-Message-State: AOAM530nNr71BG4Y6KI0Us2i8cpKitmSoAAXIMTohPVCvOEXybfGv4Xa
        Xff/O9oxRk4jc2rVAIVtic2Wzg==
X-Received: by 2002:a0c:f450:: with SMTP id h16mr29454818qvm.28.1633459824167;
        Tue, 05 Oct 2021 11:50:24 -0700 (PDT)
Received: from fedora.pebenito.net ([72.85.44.115])
        by smtp.gmail.com with ESMTPSA id p19sm9711660qkk.83.2021.10.05.11.50.23
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 05 Oct 2021 11:50:23 -0700 (PDT)
Subject: Re: [PATCH] Add erofs as a SELinux capable file system
To:     Gao Xiang <xiang@kernel.org>, selinux-refpolicy@vger.kernel.org
Cc:     linux-erofs@lists.ozlabs.org, David Michael <fedora.dm0@gmail.com>
References: <8735pjoxbk.fsf@gmail.com>
 <20211004035901.5428-1-xiang@kernel.org>
From:   Chris PeBenito <pebenito@ieee.org>
Message-ID: <26267281-d183-6d5c-6490-57c7376625ab@ieee.org>
Date:   Tue, 5 Oct 2021 14:50:22 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <20211004035901.5428-1-xiang@kernel.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

On 10/3/21 11:59 PM, Gao Xiang wrote:
> EROFS supported the security xattr handler from Linux v4.19.
> Add erofs to the filesystem policy now.
> 
> Reported-by: David Michael <fedora.dm0@gmail.com>
> Signed-off-by: Gao Xiang <xiang@kernel.org>
> ---
>   policy/modules/kernel/filesystem.te | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
> index 7282acba8537..8109348f70de 100644
> --- a/policy/modules/kernel/filesystem.te
> +++ b/policy/modules/kernel/filesystem.te
> @@ -24,6 +24,7 @@ sid fs gen_context(system_u:object_r:fs_t,s0)
>   # Requires that a security xattr handler exist for the filesystem.
>   fs_use_xattr btrfs gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr encfs gen_context(system_u:object_r:fs_t,s0);
> +fs_use_xattr erofs gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);


Merged. Thanks!

-- 
Chris PeBenito