Red Hat Bugzilla – Bug 1464489
RFE: backport SELinux/InfiniBand userspace support
Last modified: 2018-04-10 08:52:01 EDT
Description of problem:
Backport the SELinux userspace patches to enable the InfiniBand access controls. See BZ #1449326 for the RHEL-7.x customer request.
Additional patches may also be necessary, but at a minimum the backport should include the upstream commits below:
a2fe1861 semanage: Fix manpage author for ibpkey and ibendport pages.
b217ffd7 semanage: Update man pages for infiniband
9a3d2c7a semanage: Update semanage to allow runtime labeling of ibendports
6a7a5aaf semanage: Update semanage to allow runtime labeling of Infiniband Pkeys
28663ff1 libsepol: Add IB end port handling to CIL
118c0cd1 libsepol: Add ibendport ocontext handling
5bc05dd2 checkpolicy: Add support for ibendportcon labels
e564f7b5 libsepol: Add Infiniband Pkey handling to CIL
9fbb3112 libsepol: Add ibpkey ocontext handling
5b203145 checkpolicy: Add support for ibpkeycon labels
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.