On Tue, Aug 30, 2016 at 06:52:28PM +0000, Daniel Jurgens wrote: > On 8/30/2016 1:46 PM, Jason Gunthorpe wrote: > > On Tue, Aug 30, 2016 at 02:06:53PM +0000, Daniel Jurgens wrote: > > > >> I don't this will be useful, RoCE doesn't have partitions/PKeys > >> because it uses Ethernet as the transport instead of Infiniband. > > The vlan stuff in roce should be just as restricted as the pkey is in > > IB....
> This patch set introduces a mechanism for controlling access to > Infiniband partitions. If someone is interested in writing SELinux > tests regarding RoCE and VLANs then RXE may very well be useful for > them. It just doesn't apply here. Are subsystems usually SELinux enabled in such a piecemeal way? Are you sure the 'partition' SELinux label should not be more general to cover more of the similar RDMA cases? Jason _______________________________________________ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
