/resume-safe.
Apart from the minor comments above, looks good to me.
Regards,
Nigel
--
Cheers, Igor
Igor Stoppa [EMAIL PROTECTED]
(Nokia M - OSSO /Helsinki Finland)
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More
on any packet (and not loose too many packets)
These are just few system specific case, but if you start including USB
devices, the situation is going to get quite complicated very soon, if
you explicitly include certain HW devices in your model.
--
Cheers, Igor
Igor Stoppa [EMAIL PROTECTED
attempts
over the last year or so, just search for framework in the subject.
--
Cheers, Igor
Igor Stoppa [EMAIL PROTECTED]
(Nokia Multimedia - CP - OSSO / Helsinki, Finland)
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More
On Sun, 2007-07-22 at 01:58 -0700, ext [EMAIL PROTECTED] wrote:
On Sun, 22 Jul 2007, Igor Stoppa wrote:
[snip]
Could you elaborate on how your proposal is incompatible with enhancing
the clock framework?
It's not that I think it's incompatible with any existing powersaving
tools
, and the interface to use to issue the resulting instructions.
What i'm saying is that sw is implemented to fulfill certain needs. I'd
rather see a detailed description of the need and based on that debate
on the actual API / implementation.
--
Cheers, Igor
Igor Stoppa [EMAIL PROTECTED]
(Nokia Multimedia
little
sense.
Isolating that into a separate module, instead, brings the best of both
worlds:
-containment of the HW-specific code
-leveraging every possible, no matter how exotic, power saving mode
available.
--
Cheers, Igor
Igor Stoppa [EMAIL PROTECTED]
(Nokia Multimedia - CP - OSSO / Helsinki
On 02/08/17 20:08, Jerome Glisse wrote:
> On Wed, Aug 02, 2017 at 06:14:28PM +0300, Igor Stoppa wrote:
[...]
>> +set_page_private(page, 1);
>
> Above line is pointless you overwrite value right below
yes ...
>
>> +page->
On 03/08/17 16:55, Michal Hocko wrote:
> On Thu 03-08-17 15:20:31, Igor Stoppa wrote:
>> On 03/08/17 14:48, Michal Hocko wrote:
>>> On Thu 03-08-17 13:11:45, Igor Stoppa wrote:
[...]
>>>> But, to reply more specifically to your advice, yes, I think I coul
On 03/08/17 17:47, Jerome Glisse wrote:
> On Thu, Aug 03, 2017 at 03:55:50PM +0200, Michal Hocko wrote:
>> On Thu 03-08-17 15:20:31, Igor Stoppa wrote:
[...]
>>> I am confused about this: if "private2" is a pointer, but when I get an
>>> address, I do no
On 03/08/17 18:15, Michal Hocko wrote:
> I would check the one where we have mapping. It is rather unlikely
> vmalloc users would touch this one.
That was also the initial recommendation from Jerome Glisse, but it
seemed unusable, because of the related comment.
I should have asked for
On 03/08/17 14:48, Michal Hocko wrote:
> On Thu 03-08-17 13:11:45, Igor Stoppa wrote:
>> On 02/08/17 20:08, Jerome Glisse wrote:
>>> On Wed, Aug 02, 2017 at 06:14:28PM +0300, Igor Stoppa wrote:
[...]
>>>> from include/linux/mm_types.h:
>>>>
On 11/07/17 14:12, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>> - I had to rebase Tetsuo Handa's patch because it didn't apply cleanly
>> anymore, I would appreciate an ACK to that or a revised patch, whatever
>> comes easier.
>
> Since we are getting several prop
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
arch/Kconfig| 1 +
include/linux/pmalloc.h | 127 +
lib/Kconfig | 1 +
mm/Ma
rned on.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
CC: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
---
security/security.c | 22 +++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/security/security.c b/security/security.c
i
sult of introducing an enum, security_hook_heads becomes a local
variable. In order to pass 80 columns check by scripts/checkpatch.pl ,
rename security_hook_heads to hook_heads.
Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Rebased-by: Igor Stoppa <igor.sto...@huawei.com
revised patch, whatever
comes easier.
Igor Stoppa (2):
Protectable memory support
Make LSM Writable Hooks a command line option
Tetsuo Handa (1):
LSM: Convert security_hook_heads into explicit array of struct
list_head
arch/Kconfig | 1 +
include/linux/lsm_hooks.
On 07/07/17 21:48, Jerome Glisse wrote:
> I believe there is enough unuse field that for vmalloc pages that
> you should find one you can use. Just add some documentation in
> mm_types.h so people are aware of alternate use for the field you
> are using.
I ended up using page->private and the
On 06/07/17 19:27, Jerome Glisse wrote:
> On Wed, Jul 05, 2017 at 04:46:26PM +0300, Igor Stoppa wrote:
[...]
>> diff --git a/include/linux/page-flags.h b/include/linux/page-flags.h
>> index 6b5818d..acc0723 100644
>> --- a/include/linux/page-flags.h
>> +++ b
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
arch/Kconfig | 1 +
include/linux/page-flags.h | 2 +
include/linux/pmalloc.h
for
splitting it. If it helps the reviewing, please do let me know how I
should split it and I will comply.
- I had to rebase Tetsuo Handa's patch because it didn't apply cleanly
anymore, I would appreciate an ACK to that or a revised patch, whatever
comes easier.
Igor Stoppa (2):
Protectable
sult of introducing an enum, security_hook_heads becomes a local
variable. In order to pass 80 columns check by scripts/checkpatch.pl ,
rename security_hook_heads to hook_heads.
Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Rebased-by: Igor Stoppa <igor.sto...@huawei.com
rned on.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
CC: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
---
security/security.c | 22 +++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/security/security.c b/security/security.c
i
From: Igor Stoppa <igor.sto...@gmail.com>
The MMU available in many systems running Linux can often provide R/O
protection to the memory pages it handles.
However, the MMU-based protection works efficiently only when said pages
contain exclusively data that will not need further modific
, according to Casey.
Note:
The patch is larg-ish, but I was not sure what criteria to use for
splitting it.
If it helps the reviewing, please do let me know how I should split it
and I will comply.
Igor Stoppa (2):
Protectable memory support
Make LSM Writable Hooks a command line option
Tetsuo
The bitmasks used for ___GFP_xxx can be defined in terms of an enum,
which doesn't require manual updates to its values.
As bonus, __GFP_BITS_SHIFT is automatically kept consistent.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/gfp.
The GFP bitmasks and the __GFP_BITS_SHIFT defines are expressed as
hardcoded constants.
This can be expressed in a more consistent way by relying on an enum of
shift positions.
Igor Stoppa (1):
Remove hardcoding of ___GFP_xxx bitmasks
include/linux/gfp.h | 82
On 26/04/17 17:47, Michal Hocko wrote:
> On Wed 26-04-17 16:35:49, Igor Stoppa wrote:
>> The bitmasks used for ___GFP_xxx can be defined in terms of an enum,
>> which doesn't require manual updates to its values.
>
> GFP masks are rarely updated so why is this worth
On 27/04/17 16:41, Michal Hocko wrote:
> On Wed 26-04-17 18:29:08, Igor Stoppa wrote:
> [...]
>> If you prefer to have this patch only as part of the larger patchset,
>> I'm also fine with it.
>
> I agree that the situation is not ideal. If a larger set of chan
On 26/04/17 18:29, Igor Stoppa wrote:
> On 26/04/17 17:47, Michal Hocko wrote:
[...]
>> Also the current mm tree has ___GFP_NOLOCKDEP which is not addressed
>> here so I suspect you have based your change on the Linus tree.
> I used your tree from kernel.org
I found it,
On 26/04/17 18:29, Igor Stoppa wrote:
> On 26/04/17 17:47, Michal Hocko wrote:
[...]
>> Also the current mm tree has ___GFP_NOLOCKDEP which is not addressed
>> here so I suspect you have based your change on the Linus tree.
> I used your tree from kernel.org
I found it,
On 28/04/17 10:40, Michal Hocko wrote:
> Do not add a new zone, really. What you seem to be looking for is an
> allocator on top of the page/memblock allocator which does write
> protection on top. I understand that you would like to avoid object
> management duplication but I am not really
On 27/04/17 18:06, Michal Hocko wrote:
> On Tue 25-04-17 12:42:57, Joonsoo Kim wrote:
[...]
>> Yes, it requires one more bit for a new zone and it's handled by the patch.
>
> I am pretty sure that you are aware that consuming new page flag bits
> is usually a no-go and something we try to avoid
On 28/04/17 10:43, Igor Stoppa wrote:
[...]
> I'm writing an alternative different proposal, let's call it last attempt.
>
> Should be ready in a few minutes.
Here: http://marc.info/?l=linux-mm=149336675129967=2
--
thanks, igor
, but I have not completed the
whole conversion.
> On Fri 28-04-17 11:04:27, Igor Stoppa wrote:
> [...]
>> * if one is happy to have a 64bits type, allow for as many zones as
>> it's possible to fit, or anyway more than what is possible with
>> the 32 bit mask.
>
>
On 09/08/17 02:15, Jerome Glisse wrote:
> On Tue, Aug 08, 2017 at 03:59:36PM +0300, Igor Stoppa wrote:
[...]
>> I am tempted to add
>>
>> #define VM_PMALLOC 0x0100
[...]
> VM_PMALLOC sounds fine to me also adding a comment there pointing to
>
Hi,
while I am working to another example of using pmalloc [1],
it was pointed out to me that:
1) I had introduced a bug when I switched to using a field of the page
structure [2]
2) I was also committing a layer violation in the way I was tagging the
pages.
I am seeking help to understand what
On 07/08/17 22:12, Jerome Glisse wrote:
> On Mon, Aug 07, 2017 at 05:13:00PM +0300, Igor Stoppa wrote:
[...]
>> I have an updated version of the old proposal:
>>
>> * put a magic number in the private field, during initialization of
>> pmalloc pages
>>
>>
On 04/08/17 11:12, Michal Hocko wrote:
> On Fri 04-08-17 11:02:46, Igor Stoppa wrote:
[...]
>> struct page {
>> /* First double word block */
>> unsigned long flags; /* Atomic flags, some possibly
>> * updated
On 07/08/17 16:31, Jerome Glisse wrote:
> On Mon, Aug 07, 2017 at 02:26:21PM +0300, Igor Stoppa wrote:
[...]
>> I'll add a vm_area field as you advised.
>>
>> Is this something I could send as standalone patch?
>
> Note that vmalloc() is not the only thing that
Foreword:
If I should direct this message to someone else, please let me know.
I couldn't get a clear idea, by looking at both MAINTAINERS and git blame.
Hi,
I'm currently trying to convert the SE Linux policy db into using a
protectable memory allocator (pmalloc) that I have developed.
Hi,
On 18/08/17 16:57, Laura Abbott wrote:
> Again, if you have a specific patch or
> proposal this would be easier to review.
yes, I'm preparing it and will send it out soon,
but it was somehow surprising to me that it was chosen to implement free
with the size parameter.
It made me think
Hello,
please review my (longish) line of thoughts, below.
I've restructured them so that they should be easier to follow.
Observations
* it is currently possible, by using prefix "__read_only", to have the
linker place a static variable into a special memory region, which will
On 10/05/17 11:05, Michal Hocko wrote:
> On Fri 05-05-17 13:42:27, Igor Stoppa wrote:
[...]
>> ... in the case I have in mind, I have various, heterogeneous chunks of
>> data, coming from various subsystems, not necessarily page aligned.
>> And, even if they were page
On 10/05/17 14:43, Michal Hocko wrote:
> On Wed 10-05-17 11:57:42, Igor Stoppa wrote:
>> On 10/05/17 11:05, Michal Hocko wrote:
> [...]
>>> To me it seems that this being an initialization mostly thingy a simple
>>> allocator which manages a pool of pa
On 08/05/17 18:25, Laura Abbott wrote:
> On 05/05/2017 03:42 AM, Igor Stoppa wrote:
>> On 04/05/17 19:49, Laura Abbott wrote:
[...]
> PAGE_SIZE is still 4K/16K/64K but the underlying page table mappings
> may use larger mappings (2MB, 32M, 512M, etc.). The ARM architecture
>
sult of introducing an enum, security_hook_heads becomes a local
variable. In order to pass 80 columns check by scripts/checkpatch.pl ,
rename security_hook_heads to hook_heads.
Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Rebased-by: Igor Stoppa <igor.sto...@huawei.com
From: Igor Stoppa <igor.sto...@gmail.com>
This patch shows how it is possible to take advantage of pmalloc:
instead of using the build-time option __lsm_ro_after_init, to decide if
it is possible to keep the hooks modifiable, now this becomes a
boot-time decision, based on the kernel comman
From: Igor Stoppa <igor.sto...@gmail.com>
The MMU available in many systems running Linux can often provide R/O
protection to the memory pages it handles.
However, the MMU-based protection works efficiently only when said pages
contain exclusively data that will not need further modific
the headers after it has loaded)
- unloading SELinux from RedHat, if the system has booted, but no policy
has been loaded yet - this feature is going away, according to Casey.
Igor Stoppa (2):
Protectable memory support
Make LSM Writable Hooks a command line option
Tetsuo Handa (1):
LSM: Convert
sult of introducing an enum, security_hook_heads becomes a local
variable. In order to pass 80 columns check by scripts/checkpatch.pl ,
rename security_hook_heads to hook_heads.
Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Rebased-by: Igor Stoppa <igor.sto...@huawei.com
From: Igor Stoppa <igor.sto...@gmail.com>
This patch shows how it is possible to take advantage of pmalloc:
instead of using the build-time option __lsm_ro_after_init, to decide if
it is possible to keep the hooks modifiable, now this becomes a
boot-time decision, based on the kernel comman
.
A global pool is made available for those kernel modules that do not
need to manage an independent pool.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Makefile | 2 +-
mm/smalloc.c | 200 +++
mm/smalloc.h
Hooks
- policy database of SE Linux (several different structure types)
Igor Stoppa (1):
Sealable memory support
mm/Makefile | 2 +-
mm/smalloc.c | 200 +++
mm/smalloc.h | 61 ++
3 files changed, 262 insertions(+), 1
Hello,
On 10/05/17 18:45, Dave Hansen wrote:
> On 05/10/2017 08:19 AM, Igor Stoppa wrote:
>> So I'd like to play a little what-if scenario:
>> what if I was to support exclusively virtual memory and convert to it
>> everything that might need sealing?
>
> Be
On 20/05/17 11:51, Greg KH wrote:
> On Fri, May 19, 2017 at 01:38:11PM +0300, Igor Stoppa wrote:
>> Dynamically allocated variables can be made read only,
[...]
> This is really nice, do you have a follow-on patch showing how any of
> the kernel can be changed to use this new
On 22/05/17 18:09, Casey Schaufler wrote:
> On 5/22/2017 7:03 AM, Christoph Hellwig wrote:
[...]
>> But even with those we can still chain
>> them together with a list with external linkage.
>
> I gave up that approach in 2012. Too many unnecessary calls to
> null functions, and massive
On 23/05/17 23:11, Kees Cook wrote:
> On Tue, May 23, 2017 at 2:43 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
> I would want hardened usercopy support as a requirement for using
> smalloc(). Without it, we're regressing the over-read protection that
> already exist
On 23/05/17 00:38, Kees Cook wrote:
> On Fri, May 19, 2017 at 3:38 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
> For the first bit of bikeshedding, should this really be called
> seal/unseal? My mind is probably just broken from having read TPM
> documentation, but
re <p...@paul-moore.com>
Cc: Stephen Smalley <s...@tycho.nsa.gov>
Cc: Casey Schaufler <ca...@schaufler-ca.com>
Cc: James Morris <james.l.mor...@oracle.com>
Cc: Igor Stoppa <igor.sto...@huawei.com>
Cc: Christoph Hellwig <h...@infradead.org>
---
include/linux/l
to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/page-flags.h | 2 +
include/linux/pmalloc.h| 20
include/trace/events/mmflags.h | 1 +
init/main.c
rned on.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
CC: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
---
security/security.c | 22 +++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/security/security.c b/security/security.c
i
, according to Casey.
Igor Stoppa (3):
Protectable Memory Allocator
Protectable Memory Allocator - Debug interface
Make LSM Writable Hooks a command line option
Tetsuo Handa (1):
LSM: Convert security_hook_heads into explicit array of struct
list_head
include/linux/lsm_hooks.h | 412
Debugfs interface: it creates the file
/sys/kernel/debug/pmalloc/pools
which exposes statistics about all the pools and memory nodes in use.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig | 11 ++
mm/pmalloc.c
On 30/05/17 13:32, James Morris wrote:
> This seems like pointless churn in security-critical code in anticipation
> of features which are still in development and may not be adopted.
>
> Is there a compelling reason to merge this now? (And I don't mean worrying
> about non-existent
On 05/06/17 23:24, Jann Horn wrote:
> On Mon, Jun 5, 2017 at 9:22 PM, Igor Stoppa <igor.sto...@huawei.com> wrote:
>> Debugfs interface: it creates a file
[...]
> You should probably be using %pK to hide the kernel pointers.
ok, will do
---
igor
On 05/06/17 23:50, Tetsuo Handa wrote:
> Casey Schaufler wrote:
[...]
>> I don't care for calling this "security debug". Making
>> the lists writable after init isn't about development,
>> it's about (Tetsuo's desire for) dynamic module loading.
>> I would prefer "dynamic_module_lists" our
On 06/06/17 13:54, Tetsuo Handa wrote:
[...]
> "Loading modules which are not compiled as built-in" is correct.
> My use case is to allow users to use LSM modules as loadable kernel
> modules which distributors do not compile as built-in.
Ok, so I suppose someone should eventually lock down the
On 06/06/17 17:36, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>> For the case at hand, would it work if there was a non-API call that you
>> could use until the API is properly expanded?
>
> Kernel command line switching (i.e. this patch) is fine for my use cases.
>
&g
On 09/06/17 21:56, Laura Abbott wrote:
> On 06/07/2017 05:35 AM, Igor Stoppa wrote:
[...]
> The pool logic looks remarkably similar to genalloc (lib/genalloc.c).
> It's not a perfect 1-to-1 mapping but it's close enough to be worth
> a look.
Indeed. I have prepared a new incarnatio
Hi,
I suspect this was accidentally a Reply-To instead of a Reply-All,
so I'm putting back the CCs that were dropped.
On 03/05/17 21:41, Dave Hansen wrote:
> On 05/03/2017 05:06 AM, Igor Stoppa wrote:
>> My starting point are the policy DB of SE Linux and the LSM Hooks, but
>> eve
On 04/05/17 17:01, Michal Hocko wrote:
> On Thu 04-05-17 16:37:55, Igor Stoppa wrote:
[...]
>> The disadvantage is that anything can happen, undetected, while the seal
>> is lifted.
>
> Yes and I think this makes it basically pointless
ok, this goes a bit beyond what I
On 04/05/17 19:49, Laura Abbott wrote:
> [adding kernel-hardening since I think there would be interest]
thank you, I overlooked this
> BPF takes the approach of calling set_memory_ro to mark regions as
> read only. I'm certainly over simplifying but it sounds like this
> is mostly a mechanism
On 04/05/17 20:24, Dave Hansen wrote:
> On 05/04/2017 07:01 AM, Michal Hocko wrote:
>> Just to make my proposal more clear. I suggest the following workflow
>>
>> cache = kmem_cache_create(foo, object_size, ..., SLAB_SEAL);
>>
>> obj = kmem_cache_alloc(cache, gfp_mask);
>> init_obj(obj)
>> [more
On 04/05/17 14:21, Michal Hocko wrote:
> On Wed 03-05-17 15:06:36, Igor Stoppa wrote:
[...]
>> * In most, if not all, the cases that could be enhanced, the code will
>> be calling kmalloc/vmalloc, indicating GFP_KERNEL as the desired type of
>> memory.
>
> Ho
On 04/05/17 16:11, Michal Hocko wrote:
> On Thu 04-05-17 15:14:10, Igor Stoppa wrote:
> I believe that this is a fundamental question. Sealing sounds useful
> for after-boot usecases as well and it would change the approach
> considerably. Coming up with an ad-hoc solution for the b
On 04/05/17 17:30, Dave Hansen wrote:
> On 05/04/2017 01:17 AM, Igor Stoppa wrote:
>> Or, let me put it differently: my goal is to not fracture more pages
>> than needed.
>> It will probably require some profiling to figure out what is the
>> ballpark of the memory f
On 02/05/17 16:03, Michal Hocko wrote:
> I can imagine that we could make ZONE_CMA configurable in a way that
> only very well defined use cases would be supported so that we can save
> page flags space. But this alone sounds like a maintainability nightmare
> to me. Especially when I consider
On 28/05/17 21:23, Kees Cook wrote:
> On Wed, May 24, 2017 at 10:45 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
>> If the CPU1 were to forcibly halt anything that can race with it, then
>> it would be sure that there was no interference.
>
> Correct. Thi
On 06/06/17 09:25, Christoph Hellwig wrote:
> On Tue, Jun 06, 2017 at 01:44:32PM +0900, Tetsuo Handa wrote:
[..]
>> As far as I know, not all CONFIG_MMU=y architectures provide
>> set_memory_ro()/set_memory_rw(). You need to provide fallback for
>> architectures which do not provide
Hi,
thanks a lot for the review. My answers are in-line below.
I have rearranged your comments because I wasn't sure how to reply to
them inlined.
On 06/06/17 07:44, Tetsuo Handa wrote:
> Igor Stoppa wrote:
[...]
> As far as I know, not all CONFIG_MMU=y architectures provide
> set_
On 06/06/17 14:42, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>> Who decides when enough is enough, meaning that all the needed modules
>> are loaded?
>> Should I provide an interface to user-space? A sysfs entry?
>
> No such interface is needed. Just an API
On 06/06/17 15:08, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>>>> +struct pmalloc_node {
>>>> + struct hlist_node nodes_list;
>>>> + atomic_t used_words;
>>>> + unsigned int total_words;
>>>> + __PMALLOC_ALIGNED align_t data[];
in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/page-flags.h | 2 +
include/linux/pmalloc.h| 20
include/trace/events/mmflags.h | 1 +
mm/Makefile| 2 +-
mm/pmalloc.c
re <p...@paul-moore.com>
Cc: Stephen Smalley <s...@tycho.nsa.gov>
Cc: Casey Schaufler <ca...@schaufler-ca.com>
Cc: James Morris <james.l.mor...@oracle.com>
Cc: Igor Stoppa <igor.sto...@huawei.com>
Cc: Christoph Hellwig <h...@infradead.org>
---
include/linux/l
is required.
* I'll be AFK for about a week, so I preferred to share this version, even
if not thoroughly tested, in the hope to get preliminary comments, but
it is rough around the edges.
Igor Stoppa (4):
Protectable Memory Allocator
Protectable Memory Allocator - Debug interface
Make LSM
nvert security_hook_heads into explicit array of struct list_head"
Author: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
to break free from the static constraint imposed by the previous
hardening model, based on __ro_after_init.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
CC:
Debugfs interface: it creates a file
/sys/kernel/debug/pmalloc/pools
which exposes statistics about all the pools and memory nodes in use.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig | 11 ++
mm/pmalloc.c
sure):
- need for specific __PMALLOC_ALIGNED ?
- is it really needed to unprotect a pool?
can't it wait for the implementation of write-seldom?
Igor Stoppa (3):
Protectable Memory Allocator
Protectable Memory Allocator - Debug interface
Make LSM Writable Hooks a command line option
Tetsuo Han
re <p...@paul-moore.com>
Cc: Stephen Smalley <s...@tycho.nsa.gov>
Cc: Casey Schaufler <ca...@schaufler-ca.com>
Cc: James Morris <james.l.mor...@oracle.com>
Cc: Igor Stoppa <igor.sto...@huawei.com>
Cc: Christoph Hellwig <h...@infradead.org>
---
include/linux/l
to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/page-flags.h | 2 +
include/linux/pmalloc.h| 20
include/trace/events/mmflags.h | 1 +
init/main.c
Debugfs interface: it creates the file
/sys/kernel/debug/pmalloc/pools
which exposes statistics about all the pools and memory nodes in use.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig | 11 ++
mm/pmalloc.c
rned on.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
CC: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
---
security/security.c | 22 +++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/security/security.c b/security/security.c
i
Resending my reply, I mistakenly used the wrong mail account yesterday
and my reply didn't et to the ml.
On 27/06/17 20:51, Christoph Hellwig wrote:
> On Tue, Jun 27, 2017 at 08:33:23PM +0300, Igor Stoppa wrote:
[...]
>> The default value is disabled, unless SE Linux debugging
kernel.h: Some macros are not wrapping their parameters with parentheses.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
Cc: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Cc: Guenter Roeck <li...@roeck-us.net>
Cc: Javi Merino <javi.mer...@arm.com>
---
in
Some parameters are used in macros without being surrounded by parentheses.
Igor Stoppa (1):
Add paretheses to macro parameters. For trivial
include/linux/kernel.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
--
2.9.3
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
together, but it
definitely would need thorough review.
I hope I have added as reviewer all the relevant people.
If I missed someone, please include them to the recipients.
Igor Stoppa (1):
genalloc: track beginning of allocations
include/linux/genalloc.h | 3 +-
lib/genalloc.c | 417
On 30/11/17 04:28, Casey Schaufler wrote:
> On 11/26/2017 2:15 PM, Sargun Dhillon wrote:
>> This patchset introduces safe dynamic LSM support. It does this via
>> SRCU-protected security hooks. It also EXPORT_SYMBOL_GPLs the symbols
>> required to perform runtime loading, and unloading. The
On 12/05/18 18:41, Joe Perches wrote:
I personally like more the former, not to mention that it uses also one
line less, but it seems less common in the sources.
The coding style references do not seem to say anything explicit about
which style to prefer.
thank you, I could provide a patch to
Hi,
I have been wondering if it's ok to break a long (function declaration)
line in the following way:
static __always_inline
struct foo_bar *__get_foo_bar(type1 parm1, type2 parm2, type3 parm3)
instead of:
static __always_inline struct foo_bar *__get_foo_bar(type1 parm1,
1 - 100 of 850 matches
Mail list logo