<html> <head> <base href="https://bugs.freedesktop.org/" /> </head> <body><table border="1" cellspacing="0" cellpadding="8"> <tr> <th>Priority</th> <td>medium </td> </tr> <tr> <th>Bug ID</th> <td><a class="bz_bug_link bz_status_NEW " title="NEW --- - Please do not hardcode SELinux identifiers in the code" href="https://bugs.freedesktop.org/show_bug.cgi?id=80185">80185</a> </td> </tr> <tr> <th>Assignee</th> <td>mesa-dev@lists.freedesktop.org </td> </tr> <tr> <th>Summary</th> <td>Please do not hardcode SELinux identifiers in the code </td> </tr> <tr> <th>Severity</th> <td>normal </td> </tr> <tr> <th>Classification</th> <td>Unclassified </td> </tr> <tr> <th>OS</th> <td>All </td> </tr> <tr> <th>Reporter</th> <td>l.bigonville@edpnet.be </td> </tr> <tr> <th>Hardware</th> <td>Other </td> </tr> <tr> <th>Status</th> <td>NEW </td> </tr> <tr> <th>Version</th> <td>10.2 </td> </tr> <tr> <th>Component</th> <td>Mesa core </td> </tr> <tr> <th>Product</th> <td>Mesa </td> </tr></table> <p> <div> <pre>Hello, Currently the mesa code is checking for SELinux booleans ("allow_execmem") to check whether SELinux will allow mapped memory to be executed and otherwise turns the function in a noop. Hardcoding such booleans (and other identifiers) is probably a bad habit, since custom policies might be written and may perfectly omit these identifiers. Fedora policy for example doesn't have this boolean anymore. You should probably to try to mmap() in all cases and react accordingly in case of failure when SELinux is enabled (by checking errno maybe?)</pre> </div> </p> <hr> <span>You are receiving this mail because:</span> <ul> <li>You are the assignee for the bug.</li> </ul> </body> </html>