Hello, Ivan.

Some OpenBMC hardening work is ongoing:
https://github.com/openbmc/openbmc/issues/3383

Do you have a specific use-cases for SELinux?

On Fri, 30 Oct 2020 at 22:07, Joseph Reynolds <jrey@linux.ibm.com> wrote:
On 10/30/20 12:55 AM, Artem Senichev wrote:
> Hi Ivan,
>
> Yocto has a layer for SELinux
> (http://git.yoctoproject.org/cgit/cgit.cgi/meta-selinux), you can try
> it.
> But the layer depends on Python for management tools, which does not
> exist in the OpenBMC image anymore.
> The problem is that Python significantly increases image size, it will
> be more than 32MiB, which causes some troubles with qemu emulation.
>
> --
> Best regards,
> Artem Senichev
>
> On Thu, Oct 29, 2020 at 7:48 PM Ivan Li11 <rli11@lenovo.com> wrote:
>> Hi Team,
>>
>>
>>
>> I would like to ask about SELinux support. It’s seems that there’s no SELinux related package in current OpenBMC.
>>
>> Therefore, is it not supported for now ?
>>
>> Please help to advise.

SELinux and alternatives such as AppArmor and KRSI (Kernel Runtime
Security Instrumentation) were discussed in various OpenBMC security
working group meetings including 2020-05-13, 2020-04-01, and earlier. 
See the meeting minutes:
https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI

I don't have any additional insight.

- Joseph

>>
>>
>>
>> Thanks.