On Tue, Sep 21, 2021 at 4:42 PM Antoine Tenart wrote: > Quoting José Pekkarinen (2021-09-21 15:32:32) > > On Tue, Sep 21, 2021 at 10:12 AM Antoine Tenart <[1]atenart@kernel.org> > > wrote: > > > > I tested today to build the system with buildroot 2021.05.2(without > > the patch) and it reproduces exactly the same behaviour, > > policy/modules.conf doesn't receive the line to activate the secure > > module, and if I search in policy.conf or policy.32 through sesearch I > > find no sign of the policies defined in the module. I'll attempt the > > upgrade to 2021.08, but that will require a bit more time. > > Alternatively you can just test with newer refpolicy versions, outside > of Buildroot and look at the generated modules.conf. This will give the > same information and should be easier to do. (My feeling is this won't > change and we'll have to dive into the refpolicy logic for enabling > modules when running 'make conf'). > The config generator requires a summary line in the module.if file to be added in policy/modules.conf, otherwise it doesn't process any further. It seems to be something tricky to address, in your end developing a check the summary is in place doesn't make sense, in their end, not using that hook to learn the modules from the xml make be also complicated. All in all, thanks for the comments, at least I have a way out without this patch. If there is something I can address for you in this topic, feel free to ask. Best regards. José.