| Message ID | 160126062161.7010.15501362260483844999.stgit@sifl (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | selinux: provide a "no sooner than" date for the checkreqprot removal | expand |
On Sun, Sep 27, 2020 at 10:37 PM Paul Moore <paul@paul-moore.com> wrote: > > We marked /sys/fs/selinux/checkreqprot as deprecated in Linux v5.7, > but didn't provide any guidance as to the timeframe. Considering > the state of checkreqprot, it seems like one year should be enough > time. > > Signed-off-by: Paul Moore <paul@paul-moore.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
On Sun, Sep 27, 2020 at 10:37 PM Paul Moore <paul@paul-moore.com> wrote: > > We marked /sys/fs/selinux/checkreqprot as deprecated in Linux v5.7, > but didn't provide any guidance as to the timeframe. Considering > the state of checkreqprot, it seems like one year should be enough > time. > > Signed-off-by: Paul Moore <paul@paul-moore.com> > --- > .../ABI/obsolete/sysfs-selinux-checkreqprot | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot b/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot > index 49ed9c8fd1e5..ed6b52ca210f 100644 > --- a/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot > +++ b/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot > @@ -15,7 +15,7 @@ Description: > actual protection), and Android and Linux distributions have been > explicitly writing a "0" to /sys/fs/selinux/checkreqprot during > initialization for some time. Support for setting checkreqprot to 1 > - will be removed in a future kernel release, at which point the kernel > + will be removed no sooner than June 2021, at which point the kernel > will always cease using checkreqprot internally and will always > check the actual protections being applied upon mmap/mprotect calls. > The checkreqprot selinuxfs node will remain for backward compatibility As this is a minor documentation change and not anything more significant I've gone ahead and merged this into selinux/next.
diff --git a/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot b/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot index 49ed9c8fd1e5..ed6b52ca210f 100644 --- a/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot +++ b/Documentation/ABI/obsolete/sysfs-selinux-checkreqprot @@ -15,7 +15,7 @@ Description: actual protection), and Android and Linux distributions have been explicitly writing a "0" to /sys/fs/selinux/checkreqprot during initialization for some time. Support for setting checkreqprot to 1 - will be removed in a future kernel release, at which point the kernel + will be removed no sooner than June 2021, at which point the kernel will always cease using checkreqprot internally and will always check the actual protections being applied upon mmap/mprotect calls. The checkreqprot selinuxfs node will remain for backward compatibility
We marked /sys/fs/selinux/checkreqprot as deprecated in Linux v5.7, but didn't provide any guidance as to the timeframe. Considering the state of checkreqprot, it seems like one year should be enough time. Signed-off-by: Paul Moore <paul@paul-moore.com> --- .../ABI/obsolete/sysfs-selinux-checkreqprot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)