Hi,
In reviewing the audit-related patches in -mm originating from the
git-audit tree, I noticed two unexpected changes in SELinux behavior as
a result of these patches. These changes in behavior naturally need to
be corrected before these patches proceed any further, but more
generally, I think that the SELinux maintainers (James and I) should be
cc'd on every patch that touches the SELinux code when it is first
submitted to these lists and every time it has to be updated to deal
with changes upstream (one of the changes in behavior seems to have been
due to an attempt to re-base the patch against more recent upstream code
without re-submitting the revised patch for review), and none of the
SELinux modifications should go to -mm without at least an Acked-by
response from a SELinux maintainer. On our end, we can try to be more
responsive (but having an explicit cc for all patches that touch SELinux
will help significantly).
--
Stephen Smalley
National Security Agency