On Tue, Sep 6, 2016 at 4:02 PM, Jason Gunthorpe
<jguntho...@obsidianresearch.com> wrote:
> On Thu, Sep 01, 2016 at 02:06:46PM -0400, Paul Moore wrote:
>
>> Jason and/or Daniel, I think it would be helpful if you could explain
>> both the InifiniBand and IP based approaches for those of us who know
>> SELinux, but not necessarily the RDMA and InfiniBand portions of this
>> discussion.  Be verbose and explain it as if we were idiots (I get
>> called that enough, it must be true).
>
> Well, I'm not really familiar with SELinux, I know a little bit about
> how labels are applied in the netstack, but not that much...
>
> The RDMA subsystem supports 4 different networking standards, and they
> each have their own objects..

All right, I'm done traveling for a bit and it seems like this
discussion has settled into a stalemate so let's try to pick things
back up and sort this out.

Starting we a better RDMA education for me.

So far the discussion has been around providing access controls at the
transport layer, are there any RDMA entities that are transport
agnostic that might be better suited for what we are trying to do?  Or
is it simply that the RDMA layer is tied so tightly to the underlying
transport that we can't separate the two and have to consider them as
one?

-- 
paul moore
www.paul-moore.com
_______________________________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.

Reply via email to