* Lets start with 3.4 userspace release @ 2022-03-29 16:56 Petr Lautrbach 2022-03-30 15:16 ` James Carter 0 siblings, 1 reply; 4+ messages in thread From: Petr Lautrbach @ 2022-03-29 16:56 UTC (permalink / raw) To: SElinux list Hello, after 142 commits and 5 months since last SELinux userspace release, it's time to think about another release. The current backlog of patches is bellow. Please take a look. This time, I'd like to release rcX every 14 days - rc1 - 04-06-2022 rc2 - 04-20-2022 ... I'll try send patches with the release number change on Mondays before every release. Also when rc1 is out, please consider postponing non-bugfix patches after the release or provide a comment that the change is not necessary for this release. * https://patchwork.kernel.org/patch/12617693/ New [v2] Support static-only builds - v2 of https://lore.kernel.org/selinux/87lf1scgd6.fsf@alyssa.is/ - waits for another review * https://patchwork.kernel.org/patch/12639767/ New libsepol: free ebitmap on end of function * https://patchwork.kernel.org/project/selinux/list/?series=590259 add not-self neverallow support * https://patchwork.kernel.org/patch/12672523/ New [v2] secilc: kernel policy language is infix * https://patchwork.kernel.org/project/selinux/list/?series=604679 libsepol: Adding support for not-self rules * https://patchwork.kernel.org/patch/12718352/ New [libselinux] libselinux: make threadsafe for discover_class_cache * https://patchwork.kernel.org/patch/12726783/ New libselinux: Prevent cached context giving wrong results * https://patchwork.kernel.org/project/selinux/list/?series=616731 libsepol: add sepol_av_perm_to_string | """ Since most of these functions are used in either checkpolicy or audit2why (or both), it is probably fine to export these, but I would appreciate any thoughts that Chris and others might have. """ * https://patchwork.kernel.org/patch/12775701/ New libsepol/cil: Write a message when a log message is truncated * https://patchwork.kernel.org/patch/12780657/ New libsepol: Use calloc when initializing bool_val_to_struct array * https://patchwork.kernel.org/patch/12783189/ New libsepol: Validate conditional expressions * https://patchwork.kernel.org/patch/12790631/ New [v3] libsemanage: Fall back to semanage_copy_dir when rename() fails Petr ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Lets start with 3.4 userspace release 2022-03-29 16:56 Lets start with 3.4 userspace release Petr Lautrbach @ 2022-03-30 15:16 ` James Carter 2022-03-31 11:41 ` Petr Lautrbach 0 siblings, 1 reply; 4+ messages in thread From: James Carter @ 2022-03-30 15:16 UTC (permalink / raw) To: Petr Lautrbach; +Cc: SElinux list On Tue, Mar 29, 2022 at 3:06 PM Petr Lautrbach <plautrba@redhat.com> wrote: > > Hello, > > after 142 commits and 5 months since last SELinux userspace release, > it's time to think about another release. > > The current backlog of patches is bellow. Please take a look. > > This time, I'd like to release rcX every 14 days - > rc1 - 04-06-2022 > rc2 - 04-20-2022 > ... > > I'll try send patches with the release number change on Mondays before every > release. > > > Also when rc1 is out, please consider postponing non-bugfix patches > after the release or provide a comment that the change is not necessary > for this release. > > > > * https://patchwork.kernel.org/patch/12617693/ New [v2] Support static-only builds > > - v2 of https://lore.kernel.org/selinux/87lf1scgd6.fsf@alyssa.is/ > - waits for another review > > * https://patchwork.kernel.org/patch/12639767/ New libsepol: free ebitmap on end of function > This is part of the notself patches which will not be ready for this release. > * https://patchwork.kernel.org/project/selinux/list/?series=590259 add not-self neverallow support > Still working, but not for this release. > * https://patchwork.kernel.org/patch/12672523/ New [v2] secilc: kernel policy language is infix > This one fell off my radar. I can ack and merge it. > * https://patchwork.kernel.org/project/selinux/list/?series=604679 libsepol: Adding support for not-self rules > Still working, but not for this release. > * https://patchwork.kernel.org/patch/12718352/ New [libselinux] libselinux: make threadsafe for discover_class_cache > > * https://patchwork.kernel.org/patch/12726783/ New libselinux: Prevent cached context giving wrong results > > * https://patchwork.kernel.org/project/selinux/list/?series=616731 libsepol: add sepol_av_perm_to_string | > > """ > Since most of these functions are used in either checkpolicy or > audit2why (or both), it is probably fine to export these, but I would > appreciate any thoughts that Chris and others might have. > """ > I need to think about this one. > * https://patchwork.kernel.org/patch/12775701/ New libsepol/cil: Write a message when a log message is truncated > I will merge this. > * https://patchwork.kernel.org/patch/12780657/ New libsepol: Use calloc when initializing bool_val_to_struct array > I will merge this. > * https://patchwork.kernel.org/patch/12783189/ New libsepol: Validate conditional expressions > I will merge this. > * https://patchwork.kernel.org/patch/12790631/ New [v3] libsemanage: Fall back to semanage_copy_dir when rename() fails > I don't know if Ondrej was planning on ack'ing it, but it seems like he is satisfied. Jim > > > Petr > ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Lets start with 3.4 userspace release 2022-03-30 15:16 ` James Carter @ 2022-03-31 11:41 ` Petr Lautrbach 2022-03-31 15:15 ` Christian Göttsche 0 siblings, 1 reply; 4+ messages in thread From: Petr Lautrbach @ 2022-03-31 11:41 UTC (permalink / raw) To: James Carter; +Cc: SElinux list James Carter <jwcart2@gmail.com> writes: > On Tue, Mar 29, 2022 at 3:06 PM Petr Lautrbach <plautrba@redhat.com> wrote: >> >> Hello, >> >> after 142 commits and 5 months since last SELinux userspace release, >> it's time to think about another release. >> >> The current backlog of patches is bellow. Please take a look. >> >> This time, I'd like to release rcX every 14 days - >> rc1 - 04-06-2022 >> rc2 - 04-20-2022 >> ... >> >> I'll try send patches with the release number change on Mondays before every >> release. >> >> >> Also when rc1 is out, please consider postponing non-bugfix patches >> after the release or provide a comment that the change is not necessary >> for this release. >> >> >> >> * https://patchwork.kernel.org/patch/12617693/ New [v2] Support static-only builds >> >> - v2 of https://lore.kernel.org/selinux/87lf1scgd6.fsf@alyssa.is/ >> - waits for another review >> >> * https://patchwork.kernel.org/patch/12639767/ New libsepol: free ebitmap on end of function >> > This is part of the notself patches which will not be ready for this release. > >> * https://patchwork.kernel.org/project/selinux/list/?series=590259 add not-self neverallow support >> > Still working, but not for this release. > >> * https://patchwork.kernel.org/patch/12672523/ New [v2] secilc: kernel policy language is infix >> > This one fell off my radar. I can ack and merge it. > >> * https://patchwork.kernel.org/project/selinux/list/?series=604679 libsepol: Adding support for not-self rules >> > Still working, but not for this release. > >> * https://patchwork.kernel.org/patch/12718352/ New [libselinux] libselinux: make threadsafe for discover_class_cache >> >> * https://patchwork.kernel.org/patch/12726783/ New libselinux: Prevent cached context giving wrong results >> >> * https://patchwork.kernel.org/project/selinux/list/?series=616731 libsepol: add sepol_av_perm_to_string | >> >> """ >> Since most of these functions are used in either checkpolicy or >> audit2why (or both), it is probably fine to export these, but I would >> appreciate any thoughts that Chris and others might have. >> """ >> > I need to think about this one. > >> * https://patchwork.kernel.org/patch/12775701/ New libsepol/cil: Write a message when a log message is truncated >> > I will merge this. > >> * https://patchwork.kernel.org/patch/12780657/ New libsepol: Use calloc when initializing bool_val_to_struct array >> > I will merge this. > >> * https://patchwork.kernel.org/patch/12783189/ New libsepol: Validate conditional expressions >> > I will merge this. > >> * https://patchwork.kernel.org/patch/12790631/ New [v3] libsemanage: Fall back to semanage_copy_dir when rename() fails >> > I don't know if Ondrej was planning on ack'ing it, but it seems like > he is satisfied. > Thank You! > >> >> >> Petr >> ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Lets start with 3.4 userspace release 2022-03-31 11:41 ` Petr Lautrbach @ 2022-03-31 15:15 ` Christian Göttsche 0 siblings, 0 replies; 4+ messages in thread From: Christian Göttsche @ 2022-03-31 15:15 UTC (permalink / raw) To: Petr Lautrbach; +Cc: James Carter, SElinux list On Thu, 31 Mar 2022 at 13:41, Petr Lautrbach <plautrba@redhat.com> wrote: > > James Carter <jwcart2@gmail.com> writes: > > > On Tue, Mar 29, 2022 at 3:06 PM Petr Lautrbach <plautrba@redhat.com> wrote: > >> > >> Hello, > >> > >> after 142 commits and 5 months since last SELinux userspace release, > >> it's time to think about another release. > >> > >> The current backlog of patches is bellow. Please take a look. > >> > >> This time, I'd like to release rcX every 14 days - > >> rc1 - 04-06-2022 > >> rc2 - 04-20-2022 > >> ... > >> > >> I'll try send patches with the release number change on Mondays before every > >> release. > >> > >> > >> Also when rc1 is out, please consider postponing non-bugfix patches > >> after the release or provide a comment that the change is not necessary > >> for this release. > >> > >> > >> > >> * https://patchwork.kernel.org/patch/12617693/ New [v2] Support static-only builds > >> > >> - v2 of https://lore.kernel.org/selinux/87lf1scgd6.fsf@alyssa.is/ > >> - waits for another review > >> > >> * https://patchwork.kernel.org/patch/12639767/ New libsepol: free ebitmap on end of function > >> > > This is part of the notself patches which will not be ready for this release. It was not specific to the not-self patches, but it is rendered obsolete by 3b71e516 ("libsepol: Make use of previously created ebitmap when checking self "). > > > >> * https://patchwork.kernel.org/project/selinux/list/?series=590259 add not-self neverallow support > >> > > Still working, but not for this release. > > > >> * https://patchwork.kernel.org/patch/12672523/ New [v2] secilc: kernel policy language is infix > >> > > This one fell off my radar. I can ack and merge it. > > > >> * https://patchwork.kernel.org/project/selinux/list/?series=604679 libsepol: Adding support for not-self rules > >> > > Still working, but not for this release. What is missing, it worked fine for me. > >> * https://patchwork.kernel.org/patch/12718352/ New [libselinux] libselinux: make threadsafe for discover_class_cache > >> > >> * https://patchwork.kernel.org/patch/12726783/ New libselinux: Prevent cached context giving wrong results > >> > >> * https://patchwork.kernel.org/project/selinux/list/?series=616731 libsepol: add sepol_av_perm_to_string | > >> > >> """ > >> Since most of these functions are used in either checkpolicy or > >> audit2why (or both), it is probably fine to export these, but I would > >> appreciate any thoughts that Chris and others might have. > >> """ > >> > > I need to think about this one. > > > >> * https://patchwork.kernel.org/patch/12775701/ New libsepol/cil: Write a message when a log message is truncated > >> > > I will merge this. > > > >> * https://patchwork.kernel.org/patch/12780657/ New libsepol: Use calloc when initializing bool_val_to_struct array > >> > > I will merge this. > > > >> * https://patchwork.kernel.org/patch/12783189/ New libsepol: Validate conditional expressions > >> > > I will merge this. > > > >> * https://patchwork.kernel.org/patch/12790631/ New [v3] libsemanage: Fall back to semanage_copy_dir when rename() fails > >> > > I don't know if Ondrej was planning on ack'ing it, but it seems like > > he is satisfied. > > > > Thank You! > > > > > >> > >> > >> Petr > >> > The Fedora fork[1] seems to contain several Coverity related fixes. Any chance of upstreaming those? The permission map[2], used to weight the interface permissions in the database generated by sepolgen-ifgen used by `audit2allow(1) -R`, is quite out of date, while the one from setools[3] is. Could it get synced by a maintainer, as a patch would be more than 3000 lines and hard to review. [1]: https://github.com/fedora-selinux/selinux/commits/rawhide [2]: https://github.com/SELinuxProject/selinux/blob/master/python/sepolgen/src/share/perm_map [3]: https://github.com/SELinuxProject/setools/blob/master/setools/perm_map ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-03-31 15:15 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-03-29 16:56 Lets start with 3.4 userspace release Petr Lautrbach 2022-03-30 15:16 ` James Carter 2022-03-31 11:41 ` Petr Lautrbach 2022-03-31 15:15 ` Christian Göttsche
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.