[PATCH] Add erofs as a SELinux capable file system

Wed Oct 6 05:50:22 AEDT 2021

On 10/3/21 11:59 PM, Gao Xiang wrote:
> EROFS supported the security xattr handler from Linux v4.19.
> Add erofs to the filesystem policy now.
> 
> Reported-by: David Michael <fedora.dm0 at gmail.com>
> Signed-off-by: Gao Xiang <xiang at kernel.org>
> ---
>   policy/modules/kernel/filesystem.te | 1 +
>   1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
> index 7282acba8537..8109348f70de 100644
> --- a/policy/modules/kernel/filesystem.te
> +++ b/policy/modules/kernel/filesystem.te
> @@ -24,6 +24,7 @@ sid fs gen_context(system_u:object_r:fs_t,s0)
>   # Requires that a security xattr handler exist for the filesystem.
>   fs_use_xattr btrfs gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr encfs gen_context(system_u:object_r:fs_t,s0);
> +fs_use_xattr erofs gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
>   fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);

Merged. Thanks!

-- 
Chris PeBenito