[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [XEN PATCH] xen: allow XSM_FLASK_POLICY only if checkpolicy binary is available
- To: Jan Beulich <jbeulich@xxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Fri, 16 Jul 2021 14:15:28 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jWQ1w12/rYNjVFUUSN6VOAOsAuUw+vdXrllb8zol+XY=; b=RrKLJn2JWtu7oPEUwIOrj33BSLJnZnaFgjOhrWL0Jy9mUorpOWgJBgBEhek5vF04xAHWrX6gBLo0uitf4CTeTTtosTeMgPU5EBH52cjskUBbuAY4Q9EPbTtp4BwztgJ27sREkjYWw25uAxw++Llve0rht1IO77o9qWgZ0U+FfWse3wQcILwDC2f2sC4IOKbP0gEZ04ivneW0qqGteTfB+jdMUL9qTAkqyioxkB92F17Anf63ADuqbWJA1R+GRK4BOQLniTF7+Is4r0B8sT48PhYg/ILuVWRDfzdh7SIdElEn0u6WmbpxgS1bJVdSHnTnviHvUt5rZx5Jncq44H2QWw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UraiKHV111KcefME0YmpKEGT+6t/Ny6CbS15AzXnuJBbwacp/XSmbeg7fW+a+ur3/U1L6efVpkuP4EyLytu0ed2xf1awmLWIe4kzppcSvWV6bYj4oBiGUXGh/Km9oraK6/1kXBnGLTSjQf8gvwcaekDSpW7TE6kdZhs0HOv1Ju55MCvhg/iZYw5uSpiODLz6TXNB3Ew7eT4y259Uf7kvK1eVyeoPywLvY3P9ZG/vlI5TNqqplRWsnEXPHfhNPbMMK4UyNw2tb3dYVgJzCasVK5fWUEAKgyCGjY3F9NWVB7X/SKVT3INN+WFSbqWVZdnkNqbb4jEM/dm5H7UnY+fpGA==
- Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
- Cc: George Dunlap <george.dunlap@xxxxxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Fri, 16 Jul 2021 13:16:43 +0000
- Ironport-hdrordr: A9a23:Ccuc6aDSAfNgKRzlHeiBsceALOsnbusQ8zAXPh9KJCC9I/bzqy nxpp8mPH7P+VAssRQb9exoV5PwJU80maQFg7X5Xo3SPzUO2lHYVb2KhLGKq1KPexEWntQtrZ uIGJIOb+EYY2IK6PoS1DPIaOrIjeP3gpyAtKP79TNAXAtqY6Zv40NQDRuaKFR/QE1jCYAiHJ SRy8Jbr374EE5nGviTNz0gZazuttfLnJXpbVovAAMm0hCHiXeN5KThGxaV8x8CW3dkwKsk80 LCjwvlj5/Txs1SnnXntlP73tBzop/M29FDDMuDhow+MTP3kDulY4xnRvmroC01iPvH0idhrP D85zMbe+hj4XLYeW+45TH33RP77Too43j+jXeFnHrYp9DjTj5SMbsNuWtgSGqU16MchqA17E sL5RPRi3NvN2K3oM0p3amCa/lo/nDE0EbK39RjwEC3arFuFYO5m7Zvgn+9IK1wZh4S17pXbN WGLPuslMq+ImnqHEwwgAFUsaORtzIIb2C7fnQ=
- Ironport-sdr: 08LKlQzwTvXen1RDD7+5zFQEhSsPcRbjyReoMiwr+QtBvEHZYxNlmQuFDYwmbT0+I/mP4Ckt3s OvFdyp1e0CyZcYTPqy70g2NjBaUSSgjKebr7nBaacqXZjX4wK6nCn4VeJltYf9dTV9TNtpsu8c AqLMLHU/eUP+8OKduhwWV8ENCfeNqutkxHI3HdUHefu9PgCqM773q6HPbPSE29+MNdLKLsnf8V zYTofPYNn8bVoL+HEw96V9j2Dah7KuYYxKoTdPt/5xLYZJOGPLo16ZgfTxCIOnbkm+lOQ2dRdy Eeg=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 15/07/2021 07:25, Jan Beulich wrote:
> On 14.07.2021 18:17, Anthony PERARD wrote:
>> --- a/xen/common/Kconfig
>> +++ b/xen/common/Kconfig
>> @@ -25,6 +25,9 @@ config GRANT_TABLE
>> config HAS_ALTERNATIVE
>> bool
>>
>> +config HAS_CHECKPOLICY
>> + def_bool $(success,$(CHECKPOLICY) -h 2>&1 | grep -q xen)
>> +
> This is no different from other aspects of "Kconfig vs tool chain
> capabilities" sent out last August to start a discussion about
> whether we really want such. Besides Jürgen no-one cared to reply
> iirc, which to me means no-one really cares one way or the other.
You know full well that upgrading Kconfig was specifically to be able to
use this functionality, and you know full well that I firmly support
using this mechanism, because we've had both of these arguments several
times before.
The absence of replies doesn't mean people agree with you, or even that
they don't care. It either means people didn't read the email, or
didn't have time to reply, or didn't feel like wasting time rehashing
the same arguments yet again with no hope for progress.
If you really insist on refusing to features specifically intended for
the improvement of our build processes, then call a vote so we can be
done with the argument for once and for all.
~Andrew
|
