Paul Moore wrote: > Venkat Yekkirala wrote: >>Paul, if you could respin your patchset relative to this one I would >>appreciate it. While doing so, can you look for NetLabel only when >>there's no xfrm label on a packet, since we now know that using both >>is redundant? This way we don't have to worry about NetLabel code >>bugs/side effects when someone is using just xfrm. Thanks. > > As far as I can tell there are no problems with the latest NetLabel/secid > patch > when layered on top of the secid patches. There was a lot of testing and > debate > on this last Friday but it turned out to be a problem with the secid patch not > clearing the secmark on exit as well as some confusion around policy and > multicast traffic. All of the NetLabel bugs from the past month or two have > only occurred on communication channels when NetLabel was in use - there was > some thought that the recent Bluetooth bug was NetLabel related but it wasn't, > it was a fault with the MLSXFRM patchset. > > If there is some issue I'm not aware of send me some mail or give me a call > (XXX-XXX-XXXX) and we can work it out.
Please disregard the phone number I send out earlier, it was the wrong number - if you need to get ahold of me please call me at 603-884-5056. -- paul moore linux security @ hp -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
