Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends

All of lore.kernel.org
 help / color / mirror / Atom feed

From: James Morris <jmorris@namei.org>
To: Randy Dunlap <randy.dunlap@oracle.com>,
	Linus Torvalds <torvalds@linux-foundation.org>
Cc: linux-kernel@vger.kernel.org, Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [PATCH 1/6] SELinux: change Kconfig to use select instead of depends
Date: Wed, 10 Oct 2007 09:50:49 +1000 (EST)	[thread overview]
Message-ID: <Xine.LNX.4.64.0710100937390.20449@us.intercode.com.au> (raw)
In-Reply-To: <20071009162812.00e80a0c.randy.dunlap@oracle.com>

On Tue, 9 Oct 2007, Randy Dunlap wrote:

> I doth protest.  Enabling the entire NET subsystem thru a hidden
> select is awful.  Select should be used (sparingly) to enable
> library code only.  If someone wants NET enabled, they should
> enable it overtly, not covertly.

Ok, fair enough.

I've dropped the patch and rebased the branch.  Please pull per:


The following changes since commit bbf25010f1a6b761914430f5fca081ec8c7accd1:
  Linus Torvalds (1):
        Linux 2.6.23

are available in the git repository at:

ssh://master.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6.git for-linus

Eric Paris (1):
      SELinux: policy selectable handling of unknown classes and perms

KaiGai Kohei (2):
      SELinux: improve performance when AVC misses.
      SELinux: kills warnings in Improve SELinux performance when AVC misses

Yuichi Nakamura (2):
      SELinux: tune avtab to reduce memory usage
      SELinux: Improve read/write performance

 fs/open.c                           |    4 +
 include/linux/security.h            |   18 +++
 security/dummy.c                    |    6 +
 security/selinux/avc.c              |    5 +
 security/selinux/hooks.c            |   53 +++++++-
 security/selinux/include/avc.h      |    2 +
 security/selinux/include/objsec.h   |    2 +
 security/selinux/include/security.h |    2 +
 security/selinux/selinuxfs.c        |   26 ++++
 security/selinux/ss/avtab.c         |   91 ++++++++----
 security/selinux/ss/avtab.h         |   16 ++-
 security/selinux/ss/conditional.c   |    4 +
 security/selinux/ss/ebitmap.c       |  282 +++++++++++++++++++---------------
 security/selinux/ss/ebitmap.h       |   89 +++++++++---
 security/selinux/ss/mls.c           |  156 +++++++++----------
 security/selinux/ss/policydb.c      |   11 +-
 security/selinux/ss/policydb.h      |    8 +
 security/selinux/ss/services.c      |   91 +++++++++---
 18 files changed, 582 insertions(+), 284 deletions(-)
 



-- 
James Morris
<jmorris@namei.org>

next prev parent reply	other threads:[~2007-10-09 23:52 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-10-09 23:18 [PATCH 0/6] SELinux patches for 2.6.24 James Morris
2007-10-09 23:19 ` [PATCH 1/6] SELinux: change Kconfig to use select instead of depends James Morris
2007-10-09 23:28   ` Randy Dunlap
2007-10-09 23:50     ` James Morris [this message]
2007-10-10  0:16       ` Randy Dunlap
2007-10-10 12:12     ` Stephen Smalley
2007-10-10 15:40       ` Randy Dunlap
2007-10-10 19:53         ` Valdis.Kletnieks
2007-10-10 19:57           ` Randy Dunlap
2007-10-09 23:20 ` [PATCH 2/6] SELinux: tune avtab to reduce memory usage James Morris
2007-10-09 23:21 ` [PATCH 3/6] SELinux: Improve read/write performance James Morris
2007-10-09 23:22 ` [PATCH 4/6] SELinux: policy selectable handling of unknown classes and perms James Morris
2007-10-09 23:23 ` [PATCH 5/6] SELinux: improve performance when AVC misses James Morris
2007-10-09 23:23 ` [PATCH 6/6] SELinux: kills warnings in Improve SELinux " James Morris

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Xine.LNX.4.64.0710100937390.20449@us.intercode.com.au \
    --to=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=randy.dunlap@oracle.com \
    --cc=sds@tycho.nsa.gov \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.