mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-13 23:34:05 +08:00
selinux: provide a "no sooner than" date for the checkreqprot removal
We marked /sys/fs/selinux/checkreqprot as deprecated in Linux v5.7, but didn't provide any guidance as to the timeframe. Considering the state of checkreqprot, it seems like one year should be enough time. Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
8861d0af64
commit
0d50f059c4
@ -15,7 +15,7 @@ Description:
|
||||
actual protection), and Android and Linux distributions have been
|
||||
explicitly writing a "0" to /sys/fs/selinux/checkreqprot during
|
||||
initialization for some time. Support for setting checkreqprot to 1
|
||||
will be removed in a future kernel release, at which point the kernel
|
||||
will be removed no sooner than June 2021, at which point the kernel
|
||||
will always cease using checkreqprot internally and will always
|
||||
check the actual protections being applied upon mmap/mprotect calls.
|
||||
The checkreqprot selinuxfs node will remain for backward compatibility
|
||||
|
Loading…
Reference in New Issue
Block a user