GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/patches/686671/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 686671,
    "url": "http://patchwork.ozlabs.org/api/patches/686671/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/buildroot/patch/1477423570-15694-6-git-send-email-bryce.ferguson@rockwellcollins.com/",
    "project": {
        "id": 27,
        "url": "http://patchwork.ozlabs.org/api/projects/27/?format=api",
        "name": "Buildroot development",
        "link_name": "buildroot",
        "list_id": "buildroot.buildroot.org",
        "list_email": "buildroot@buildroot.org",
        "web_url": "",
        "scm_url": "",
        "webscm_url": "",
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<1477423570-15694-6-git-send-email-bryce.ferguson@rockwellcollins.com>",
    "list_archive_url": null,
    "date": "2016-10-25T19:26:08",
    "name": "[v13,6/8] qemu x86 selinux: base br defconfig",
    "commit_ref": null,
    "pull_url": null,
    "state": "superseded",
    "archived": false,
    "hash": "2c5c4ba566cd6f65f6a8317512d018e29f10ad19",
    "submitter": {
        "id": 70083,
        "url": "http://patchwork.ozlabs.org/api/people/70083/?format=api",
        "name": "Bryce Ferguson",
        "email": "bryce.ferguson@rockwellcollins.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/buildroot/patch/1477423570-15694-6-git-send-email-bryce.ferguson@rockwellcollins.com/mbox/",
    "series": [],
    "comments": "http://patchwork.ozlabs.org/api/patches/686671/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/686671/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<buildroot-bounces@busybox.net>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "buildroot@lists.busybox.net"
        ],
        "Delivered-To": [
            "patchwork-incoming@bilbo.ozlabs.org",
            "buildroot@osuosl.org"
        ],
        "Received": [
            "from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3t3NSj5HXrz9svs\n\tfor <incoming@patchwork.ozlabs.org>;\n\tWed, 26 Oct 2016 06:27:01 +1100 (AEDT)",
            "from localhost (localhost [127.0.0.1])\n\tby whitealder.osuosl.org (Postfix) with ESMTP id 3D5A791FFA;\n\tTue, 25 Oct 2016 19:27:00 +0000 (UTC)",
            "from whitealder.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id G01k3NxYcbxe; Tue, 25 Oct 2016 19:26:55 +0000 (UTC)",
            "from ash.osuosl.org (ash.osuosl.org [140.211.166.34])\n\tby whitealder.osuosl.org (Postfix) with ESMTP id A5F3D91FF2;\n\tTue, 25 Oct 2016 19:26:37 +0000 (UTC)",
            "from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])\n\tby ash.osuosl.org (Postfix) with ESMTP id AC31C1C1E97\n\tfor <buildroot@lists.busybox.net>;\n\tTue, 25 Oct 2016 19:26:34 +0000 (UTC)",
            "from localhost (localhost [127.0.0.1])\n\tby hemlock.osuosl.org (Postfix) with ESMTP id 9CF268AD5F\n\tfor <buildroot@lists.busybox.net>;\n\tTue, 25 Oct 2016 19:26:34 +0000 (UTC)",
            "from hemlock.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id 5kITEH3pnkA6 for <buildroot@lists.busybox.net>;\n\tTue, 25 Oct 2016 19:26:34 +0000 (UTC)",
            "from ch3vs02.rockwellcollins.com (ch3vs02.rockwellcollins.com\n\t[205.175.226.29])\n\tby hemlock.osuosl.org (Postfix) with ESMTPS id D44238AD85\n\tfor <buildroot@buildroot.org>; Tue, 25 Oct 2016 19:26:33 +0000 (UTC)",
            "from ofwch3n02.rockwellcollins.com (HELO\n\tdtulimr01.rockwellcollins.com) ([205.175.226.14])\n\tby ch3vs02.rockwellcollins.com with ESMTP; 25 Oct 2016 14:26:35 -0500"
        ],
        "X-Virus-Scanned": [
            "amavisd-new at osuosl.org",
            "amavisd-new at osuosl.org"
        ],
        "X-Greylist": "domain auto-whitelisted by SQLgrey-1.7.6",
        "X-Received": "from largo.rockwellcollins.com (unknown [192.168.140.76])\n\tby dtulimr01.rockwellcollins.com (Postfix) with ESMTP id 2BD8E60266; \n\tTue, 25 Oct 2016 14:26:33 -0500 (CDT)",
        "From": "Bryce Ferguson <bryce.ferguson@rockwellcollins.com>",
        "To": "buildroot@buildroot.org",
        "Date": "Tue, 25 Oct 2016 14:26:08 -0500",
        "Message-Id": "<1477423570-15694-6-git-send-email-bryce.ferguson@rockwellcollins.com>",
        "X-Mailer": "git-send-email 1.9.1",
        "In-Reply-To": "<1477423570-15694-1-git-send-email-bryce.ferguson@rockwellcollins.com>",
        "References": "<1477423570-15694-1-git-send-email-bryce.ferguson@rockwellcollins.com>",
        "Cc": "Bryce Ferguson <bryce.ferguson@rockwellcollins.com>,\n\tNiranjan Reddy <niranjan.reddy@rockwellcollins.com>",
        "Subject": "[Buildroot] [PATCH v13 6/8] qemu x86 selinux: base br defconfig",
        "X-BeenThere": "buildroot@busybox.net",
        "X-Mailman-Version": "2.1.18-1",
        "Precedence": "list",
        "List-Id": "Discussion and development of buildroot <buildroot.busybox.net>",
        "List-Unsubscribe": "<http://lists.busybox.net/mailman/options/buildroot>,\n\t<mailto:buildroot-request@busybox.net?subject=unsubscribe>",
        "List-Archive": "<http://lists.busybox.net/pipermail/buildroot/>",
        "List-Post": "<mailto:buildroot@busybox.net>",
        "List-Help": "<mailto:buildroot-request@busybox.net?subject=help>",
        "List-Subscribe": "<http://lists.busybox.net/mailman/listinfo/buildroot>,\n\t<mailto:buildroot-request@busybox.net?subject=subscribe>",
        "MIME-Version": "1.0",
        "Content-Type": "text/plain; charset=\"us-ascii\"",
        "Content-Transfer-Encoding": "7bit",
        "Errors-To": "buildroot-bounces@busybox.net",
        "Sender": "\"buildroot\" <buildroot-bounces@busybox.net>"
    },
    "content": "From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>\n\nThis will build a base SELinux system that boots with SELinux\nin permissive mode. Also adding documentation on how to use it.\n\nSigned-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>\nSigned-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>\nSigned-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>\nSigned-off-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com>\n\n---\nChanges v12 -> v13:\n  - Bump kernel to 4.8\n  - Fixed error in fragment config line: 6 (ONFIG_EXT2_FS -> CONFIG_EXT2_FS)\n\nChanges v11 -> v12:\n  - Bump kernel to 4.6\n  - Renamed fragment config to be 4.x vs 4.0\n\nChanges v10 -> v11:\n  - Removed configs BR2_ROOTFS_XXX (post build script,device table and overlay) from this patch\n    and added these configs to another patch (common-selinux-support-files.patch)\n  - Included configuration BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES in defconfig.\n\nChanges v9 -> v10:\n  - Changed version number of QEMU from 2.2.1 to 2.3.0\n\nChanges v8 -> v9:\n  - No changes\n\nChanges v7 -> v8:\n  - No changes\n\nChanges v6 -> v7:\n  - No changes\n\nChanges v5 -> v6:\n  - No changes\n\nChanges v4 -> v5:\n  - Update the qemu_x86_defconfig to the 4.0 kernel series (Clayton S.)\n\nChanges v1 -> v4:\n  - Did not exist\n---\n board/qemu/x86/linux-4.x-selinux.config | 19 +++++++++++++++++++\n board/qemu/x86/readme.txt               | 17 +++++++++++++++++\n configs/qemu_x86_selinux_defconfig      | 31 +++++++++++++++++++++++++++++++\n 3 files changed, 67 insertions(+)\n create mode 100644 board/qemu/x86/linux-4.x-selinux.config\n create mode 100644 configs/qemu_x86_selinux_defconfig",
    "diff": "diff --git a/board/qemu/x86/linux-4.x-selinux.config b/board/qemu/x86/linux-4.x-selinux.config\nnew file mode 100644\nindex 0000000..6c715f0\n--- /dev/null\n+++ b/board/qemu/x86/linux-4.x-selinux.config\n@@ -0,0 +1,19 @@\n+CONFIG_AUDIT=y\n+CONFIG_MODULES=y\n+CONFIG_IP_PNP=y\n+CONFIG_DEVTMPFS=y\n+CONFIG_DEVTMPFS_MOUNT=y\n+CONFIG_EXT2_FS=y\n+CONFIG_EXT2_FS_XATTR=y\n+CONFIG_EXT2_FS_POSIX_ACL=y\n+CONFIG_EXT2_FS_SECURITY=y\n+CONFIG_EXT3_FS=y\n+CONFIG_EXT3_FS_POSIX_ACL=y\n+CONFIG_EXT3_FS_SECURITY=y\n+CONFIG_NFS_FS=y\n+CONFIG_ROOT_NFS=y\n+CONFIG_SECURITY=y\n+CONFIG_SECURITY_NETWORK=y\n+CONFIG_SECURITY_SELINUX=y\n+CONFIG_SECURITY_SELINUX_BOOTPARAM=y\n+CONFIG_CRYPTO_ANSI_CPRNG=y\ndiff --git a/board/qemu/x86/readme.txt b/board/qemu/x86/readme.txt\nindex 4f2e4c7..f7bf256 100644\n--- a/board/qemu/x86/readme.txt\n+++ b/board/qemu/x86/readme.txt\n@@ -7,3 +7,20 @@ Optionally add -smp N to emulate a SMP system with N CPUs.\n The login prompt will appear in the graphical window.\n \n Tested with QEMU 2.5.0\n+\n+-------------------------------------------------------------------\n+\n+Run the SElinux target emulation with:\n+\n+  qemu-system-i386 -M pc -kernel output/images/bzImage -drive file=output/images/rootfs.ext2,if=ide -append \"root=/dev/sda rw console=ttyS0 selinux=1\" -net nic,model=rtl8139 -net user -display none -serial stdio\n+\n+The emulation should reboot once the first time for relabeling and\n+then provide a login prompt. The login is username root and password\n+root because PAM requires a password in this secure configuration. To\n+enable SELinux enforcing at boot, login and edit the\n+/etc/selinux/config and set SELINUX to enforcing. Save and make sure\n+to \"sync\" before restarting the emulation as the ext2 fs would\n+otherwise corrupt when the emulation exits. After enforcing is\n+default, the selinux= provided as part of the qemu \"append\" above can\n+be used to turn enforcing on/off. This configuration would be tailored\n+as part of a targets refpolicy customization.\ndiff --git a/configs/qemu_x86_selinux_defconfig b/configs/qemu_x86_selinux_defconfig\nnew file mode 100644\nindex 0000000..ebfe4ca\n--- /dev/null\n+++ b/configs/qemu_x86_selinux_defconfig\n@@ -0,0 +1,31 @@\n+BR2_x86_pentiumpro=y\n+\n+# Internal tool chain glibc\n+BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_8=y\n+BR2_TOOLCHAIN_BUILDROOT_GLIBC=y\n+\n+# Select SYSV init to provide selinux enabled init\n+BR2_INIT_SYSV=y\n+BR2_ROOTFS_DEVICE_TABLE=\"system/device_table.txt board/common_selinux/skeleton_permissions.txt\"\n+BR2_TARGET_GENERIC_ROOT_PASSWD=\"root\"\n+BR2_ROOTFS_OVERLAY=\"board/common_selinux/skeleton\"\n+BR2_ROOTFS_POST_BUILD_SCRIPT=\"board/common_selinux/post_build.sh\"\n+BR2_LINUX_KERNEL=y\n+BR2_LINUX_KERNEL_CUSTOM_VERSION=y\n+BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE=\"4.8\"\n+BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y\n+BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE=\"board/qemu/x86/linux-4.8.config\"\n+BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES=\"board/qemu/x86/linux-4.x-selinux.config\"\n+\n+# Ensure busybox is built as individual binaries for the\n+# SELinux refpolicy to work correctly\n+BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES=y\n+BR2_PACKAGE_OPENSSH=y\n+BR2_PACKAGE_REFPOLICY=y\n+BR2_PACKAGE_RSYSLOG=y\n+BR2_PACKAGE_UTIL_LINUX=y\n+BR2_PACKAGE_UTIL_LINUX_BINARIES=y\n+BR2_PACKAGE_UTIL_LINUX_LOGIN_UTILS=y\n+BR2_TARGET_ROOTFS_EXT2=y\n+BR2_TARGET_ROOTFS_EXT2_RESBLKS=5\n+BR2_PACKAGE_HOST_CHECKPOLICY=y\n",
    "prefixes": [
        "v13",
        "6/8"
    ]
}