[ovs-git] [openvswitch/ovs] d2675a: selinux: changes to support newer hugetlbfs restri...
GitHub
noreply at github.com
Mon Jul 30 00:35:04 UTC 2018
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: d2675a14613024b6cdcd4d4c5c3355570be124da
https://github.com/openvswitch/ovs/commit/d2675a14613024b6cdcd4d4c5c3355570be124da
Author: Aaron Conole <aconole at redhat.com>
Date: 2018-07-29 (Sun, 29 Jul 2018)
Changed paths:
M selinux/openvswitch-custom.te.in
Log Message:
-----------
selinux: changes to support newer hugetlbfs restrictions
Newer selinux base policies now split out 'map' actions, as well as
adding more explicit checks for hugetlbfs objects. Where previously these
weren't required, recent changes have flagged the allocation of hugepages
and subsequent clearing. This means that the hugepage storage information
for the DPDK .rte_config, and clearing actions copying from /dev/zero will
trigger selinux denials.
This commit allows openvswitch to have more permissions for the hugetlbfs
allocation and use.
Signed-off-by: Aaron Conole <aconole at redhat.com>
Acked-by: Ansis Atteka <aatteka at ovn.org>
**NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the git
mailing list