On 01/02/18 23:11, Kees Cook wrote:
> IIUC, he means PageHead(), which is also hard to grep for, since it is
> a constructed name, via Page##uname in include/linux/page-flags.h:
>
> __PAGEFLAG(Head, head, PF_ANY) CLEARPAGEFLAG(Head, head, PF_ANY)
Thank you, I'll try to provide a meaningful
On 01/02/18 23:11, Kees Cook wrote:
> IIUC, he means PageHead(), which is also hard to grep for, since it is
> a constructed name, via Page##uname in include/linux/page-flags.h:
>
> __PAGEFLAG(Head, head, PF_ANY) CLEARPAGEFLAG(Head, head, PF_ANY)
Thank you, I'll try to provide a meaningful
Thanks for the review and apologies for the delay.
Replies inlined below.
On 30/01/18 19:08, Jonathan Corbet wrote:
> On Tue, 30 Jan 2018 17:14:45 +0200
> Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
> Please don't put plain-text files into core-api - that's a directory fu
Thanks for the review and apologies for the delay.
Replies inlined below.
On 30/01/18 19:08, Jonathan Corbet wrote:
> On Tue, 30 Jan 2018 17:14:45 +0200
> Igor Stoppa wrote:
[...]
> Please don't put plain-text files into core-api - that's a directory full
ok
>> diff --git
On 02/02/18 17:40, Rob Herring wrote:
> Add SPDX license tag check based on the rules defined in
Shouldn't it also check that the license is compatible?
[...]
> + } elsif ($realfile =~ /\.rst$/) {
> + $comment = '..';
What is the
On 02/02/18 17:40, Rob Herring wrote:
> Add SPDX license tag check based on the rules defined in
Shouldn't it also check that the license is compatible?
[...]
> + } elsif ($realfile =~ /\.rst$/) {
> + $comment = '..';
What is the
On 01/02/18 02:00, Christopher Lameter wrote:
> On Tue, 30 Jan 2018, Igor Stoppa wrote:
>
>> @@ -1769,6 +1774,9 @@ void *__vmalloc_node_range(unsigned long size,
>> unsigned long align,
>>
>> kmemleak_vmalloc(area, size, gfp_mask);
>>
>> +
On 01/02/18 02:00, Christopher Lameter wrote:
> On Tue, 30 Jan 2018, Igor Stoppa wrote:
>
>> @@ -1769,6 +1774,9 @@ void *__vmalloc_node_range(unsigned long size,
>> unsigned long align,
>>
>> kmemleak_vmalloc(area, size, gfp_mask);
>>
>> +
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
lib/genalloc.c| 2 +-
mm/Kconfig| 7 ++
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 65 +++
mm/p
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa
---
lib/genalloc.c| 2 +-
mm/Kconfig| 7 ++
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 65 +++
mm/pmalloc-selftest.h | 30
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/pmalloc.txt | 104 +
1 file changed, 104 insertions(+)
create mode 100644 Documentation/core-api/pmalloc.txt
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa
---
Documentation/core-api/pmalloc.txt | 104 +
1 file changed, 104 insertions(+)
create mode 100644 Documentation/core-api/pmalloc.txt
diff --git a/Documentation/core
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 216
include/linux/vmalloc.h | 1
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 216
include/linux/vmalloc.h | 1 +
lib/genalloc.c | 27
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
2 files changed, 14 insert
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1 +
lib/genalloc-selftest.c
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc.h | 2 +-
lib/gen
.
An example is provided, in the form of self-testing.
Changes since the v11 version:
[http://www.openwall.com/lists/kernel-hardening/2018/01/24/4]
- restricted access to sysfs entries created (444 -> 400)
- more explicit reference to documentation
- couple of typos
Igor Stoppa (6):
genal
.
An example is provided, in the form of self-testing.
Changes since the v11 version:
[http://www.openwall.com/lists/kernel-hardening/2018/01/24/4]
- restricted access to sysfs entries created (444 -> 400)
- more explicit reference to documentation
- couple of typos
Igor Stoppa (6):
genal
On 26/01/18 18:36, Boris Lukashev wrote:
> I like the idea of making the verification call optional for consumers
> allowing for fast/slow+hard paths depending on their needs.
> Cant see any additional vectors for abuse (other than the original
> ones effecting out-of-band modification) introduced
On 26/01/18 18:36, Boris Lukashev wrote:
> I like the idea of making the verification call optional for consumers
> allowing for fast/slow+hard paths depending on their needs.
> Cant see any additional vectors for abuse (other than the original
> ones effecting out-of-band modification) introduced
On 24/01/18 19:56, Igor Stoppa wrote:
[...]
> +bool pmalloc_prealloc(struct gen_pool *pool, size_t size)
> +{
[...]
> +abort:
> + vfree(chunk);
this should be vfree_atomic()
[...]
> +void *pmalloc(struct gen_pool *pool, size_t size, gfp_t gfp)
> +{
[...]
> +free
On 24/01/18 19:56, Igor Stoppa wrote:
[...]
> +bool pmalloc_prealloc(struct gen_pool *pool, size_t size)
> +{
[...]
> +abort:
> + vfree(chunk);
this should be vfree_atomic()
[...]
> +void *pmalloc(struct gen_pool *pool, size_t size, gfp_t gfp)
> +{
[...]
> +free
On 25/01/18 17:38, Jerome Glisse wrote:
> On Thu, Jan 25, 2018 at 10:14:28AM -0500, Boris Lukashev wrote:
>> On Thu, Jan 25, 2018 at 6:59 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
>
> [...]
>
>> DMA/physmap access coupled with a knowledge of which virtual m
On 25/01/18 17:38, Jerome Glisse wrote:
> On Thu, Jan 25, 2018 at 10:14:28AM -0500, Boris Lukashev wrote:
>> On Thu, Jan 25, 2018 at 6:59 AM, Igor Stoppa wrote:
>
> [...]
>
>> DMA/physmap access coupled with a knowledge of which virtual mappings
>> are in the p
On 26/01/18 07:35, Matthew Wilcox wrote:
> On Wed, Jan 24, 2018 at 08:10:53PM +0100, Jann Horn wrote:
>> I'm not entirely convinced by the approach of marking small parts of
>> kernel memory as readonly for hardening.
>
> It depends how significant the data stored in there are. For example,
>
On 26/01/18 07:35, Matthew Wilcox wrote:
> On Wed, Jan 24, 2018 at 08:10:53PM +0100, Jann Horn wrote:
>> I'm not entirely convinced by the approach of marking small parts of
>> kernel memory as readonly for hardening.
>
> It depends how significant the data stored in there are. For example,
>
Hi,
thanks for the review. My reply below.
On 24/01/18 21:10, Jann Horn wrote:
> I'm not entirely convinced by the approach of marking small parts of
> kernel memory as readonly for hardening.
Because of the physmap you mention later?
Regarding small parts vs big parts (what is big enough?) I
Hi,
thanks for the review. My reply below.
On 24/01/18 21:10, Jann Horn wrote:
> I'm not entirely convinced by the approach of marking small parts of
> kernel memory as readonly for hardening.
Because of the physmap you mention later?
Regarding small parts vs big parts (what is big enough?) I
On 24/01/18 21:14, Ralph Campbell wrote:
> 2 Minor typos inline below:
thanks for proof-reading, will fix accordingly.
--
igor
On 24/01/18 21:14, Ralph Campbell wrote:
> 2 Minor typos inline below:
thanks for proof-reading, will fix accordingly.
--
igor
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig| 7 ++
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 65 +++
mm/pmalloc-selftest.
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa
---
mm/Kconfig| 7 ++
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 65 +++
mm/pmalloc-selftest.h | 30
mm/pmalloc.c
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/pmalloc.txt | 104 +
1 file changed, 104 insertions(+)
create mode 100644 Documentation/core-api/pmalloc.txt
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa
---
Documentation/core-api/pmalloc.txt | 104 +
1 file changed, 104 insertions(+)
create mode 100644 Documentation/core-api/pmalloc.txt
diff --git a/Documentation/core
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 215
include/linux/vmalloc.h | 1
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 215
include/linux/vmalloc.h | 1 +
lib/genalloc.c | 27
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1 +
lib/genalloc-selftest.c
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
2 files changed, 14 insert
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc.h | 3 +-
lib/gen
iew.
Igor Stoppa (6):
genalloc: track beginning of allocations
genalloc: selftest
struct page: add field for vm_struct
Protectable Memory
Documentation for Pmalloc
Pmalloc: self-test
Documentation/core-api/pmalloc.txt | 104
include/linux/genalloc-selftest.h | 30 +++
incl
iew.
Igor Stoppa (6):
genalloc: track beginning of allocations
genalloc: selftest
struct page: add field for vm_struct
Protectable Memory
Documentation for Pmalloc
Pmalloc: self-test
Documentation/core-api/pmalloc.txt | 104
include/linux/genalloc-selftest.h | 30 +++
incl
missed someone, please include them to the recipients.
Igor Stoppa (2):
genalloc: track beginning of allocations
genalloc: selftest
include/linux/genalloc-selftest.h | 30 +++
include/linux/genalloc.h | 3 +-
init/main.c | 2 +
lib/Kconfig
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
missed someone, please include them to the recipients.
Igor Stoppa (2):
genalloc: track beginning of allocations
genalloc: selftest
include/linux/genalloc-selftest.h | 30 +++
include/linux/genalloc.h | 3 +-
init/main.c | 2 +
lib/Kconfig
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc.h | 3 +-
lib/gen
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 14 ++
lib/Makefile | 1
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 14 ++
lib/Makefile | 1 +
lib/genalloc-selftest.c
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa
---
include/linux/genalloc.h | 3 +-
lib/gen
together, but it
definitely would need thorough review.
I hope I have added as reviewer all the relevant people.
If I missed someone, please include them to the recipients.
Igor Stoppa (1):
genalloc: track beginning of allocations
include/linux/genalloc.h | 3 +-
lib/genalloc.c | 417
together, but it
definitely would need thorough review.
I hope I have added as reviewer all the relevant people.
If I missed someone, please include them to the recipients.
Igor Stoppa (1):
genalloc: track beginning of allocations
include/linux/genalloc.h | 3 +-
lib/genalloc.c | 417
On 30/11/17 04:28, Casey Schaufler wrote:
> On 11/26/2017 2:15 PM, Sargun Dhillon wrote:
>> This patchset introduces safe dynamic LSM support. It does this via
>> SRCU-protected security hooks. It also EXPORT_SYMBOL_GPLs the symbols
>> required to perform runtime loading, and unloading. The
On 30/11/17 04:28, Casey Schaufler wrote:
> On 11/26/2017 2:15 PM, Sargun Dhillon wrote:
>> This patchset introduces safe dynamic LSM support. It does this via
>> SRCU-protected security hooks. It also EXPORT_SYMBOL_GPLs the symbols
>> required to perform runtime loading, and unloading. The
kernel.h: Some macros are not wrapping their parameters with parentheses.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
Cc: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Cc: Guenter Roeck <li...@roeck-us.net>
Cc: Javi Merino <javi.mer...@arm.com>
---
in
kernel.h: Some macros are not wrapping their parameters with parentheses.
Signed-off-by: Igor Stoppa
Cc: Tetsuo Handa
Cc: Guenter Roeck
Cc: Javi Merino
---
include/linux/kernel.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/include/linux/kernel.h b/include
Some parameters are used in macros without being surrounded by parentheses.
Igor Stoppa (1):
Add paretheses to macro parameters. For trivial
include/linux/kernel.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
--
2.9.3
Some parameters are used in macros without being surrounded by parentheses.
Igor Stoppa (1):
Add paretheses to macro parameters. For trivial
include/linux/kernel.h | 8
1 file changed, 4 insertions(+), 4 deletions(-)
--
2.9.3
Hi,
On 18/08/17 16:57, Laura Abbott wrote:
> Again, if you have a specific patch or
> proposal this would be easier to review.
yes, I'm preparing it and will send it out soon,
but it was somehow surprising to me that it was chosen to implement free
with the size parameter.
It made me think
Hi,
On 18/08/17 16:57, Laura Abbott wrote:
> Again, if you have a specific patch or
> proposal this would be easier to review.
yes, I'm preparing it and will send it out soon,
but it was somehow surprising to me that it was chosen to implement free
with the size parameter.
It made me think
Foreword:
If I should direct this message to someone else, please let me know.
I couldn't get a clear idea, by looking at both MAINTAINERS and git blame.
Hi,
I'm currently trying to convert the SE Linux policy db into using a
protectable memory allocator (pmalloc) that I have developed.
Foreword:
If I should direct this message to someone else, please let me know.
I couldn't get a clear idea, by looking at both MAINTAINERS and git blame.
Hi,
I'm currently trying to convert the SE Linux policy db into using a
protectable memory allocator (pmalloc) that I have developed.
On 09/08/17 02:15, Jerome Glisse wrote:
> On Tue, Aug 08, 2017 at 03:59:36PM +0300, Igor Stoppa wrote:
[...]
>> I am tempted to add
>>
>> #define VM_PMALLOC 0x0100
[...]
> VM_PMALLOC sounds fine to me also adding a comment there pointing to
>
On 09/08/17 02:15, Jerome Glisse wrote:
> On Tue, Aug 08, 2017 at 03:59:36PM +0300, Igor Stoppa wrote:
[...]
>> I am tempted to add
>>
>> #define VM_PMALLOC 0x0100
[...]
> VM_PMALLOC sounds fine to me also adding a comment there pointing to
>
On 07/08/17 22:12, Jerome Glisse wrote:
> On Mon, Aug 07, 2017 at 05:13:00PM +0300, Igor Stoppa wrote:
[...]
>> I have an updated version of the old proposal:
>>
>> * put a magic number in the private field, during initialization of
>> pmalloc pages
>>
>>
On 07/08/17 22:12, Jerome Glisse wrote:
> On Mon, Aug 07, 2017 at 05:13:00PM +0300, Igor Stoppa wrote:
[...]
>> I have an updated version of the old proposal:
>>
>> * put a magic number in the private field, during initialization of
>> pmalloc pages
>>
>>
On 07/08/17 16:31, Jerome Glisse wrote:
> On Mon, Aug 07, 2017 at 02:26:21PM +0300, Igor Stoppa wrote:
[...]
>> I'll add a vm_area field as you advised.
>>
>> Is this something I could send as standalone patch?
>
> Note that vmalloc() is not the only thing that
On 07/08/17 16:31, Jerome Glisse wrote:
> On Mon, Aug 07, 2017 at 02:26:21PM +0300, Igor Stoppa wrote:
[...]
>> I'll add a vm_area field as you advised.
>>
>> Is this something I could send as standalone patch?
>
> Note that vmalloc() is not the only thing that
On 04/08/17 11:12, Michal Hocko wrote:
> On Fri 04-08-17 11:02:46, Igor Stoppa wrote:
[...]
>> struct page {
>> /* First double word block */
>> unsigned long flags; /* Atomic flags, some possibly
>> * updated
On 04/08/17 11:12, Michal Hocko wrote:
> On Fri 04-08-17 11:02:46, Igor Stoppa wrote:
[...]
>> struct page {
>> /* First double word block */
>> unsigned long flags; /* Atomic flags, some possibly
>> * updated
On 03/08/17 18:15, Michal Hocko wrote:
> I would check the one where we have mapping. It is rather unlikely
> vmalloc users would touch this one.
That was also the initial recommendation from Jerome Glisse, but it
seemed unusable, because of the related comment.
I should have asked for
On 03/08/17 18:15, Michal Hocko wrote:
> I would check the one where we have mapping. It is rather unlikely
> vmalloc users would touch this one.
That was also the initial recommendation from Jerome Glisse, but it
seemed unusable, because of the related comment.
I should have asked for
On 03/08/17 17:47, Jerome Glisse wrote:
> On Thu, Aug 03, 2017 at 03:55:50PM +0200, Michal Hocko wrote:
>> On Thu 03-08-17 15:20:31, Igor Stoppa wrote:
[...]
>>> I am confused about this: if "private2" is a pointer, but when I get an
>>> address, I do no
On 03/08/17 17:47, Jerome Glisse wrote:
> On Thu, Aug 03, 2017 at 03:55:50PM +0200, Michal Hocko wrote:
>> On Thu 03-08-17 15:20:31, Igor Stoppa wrote:
[...]
>>> I am confused about this: if "private2" is a pointer, but when I get an
>>> address, I do no
On 03/08/17 16:55, Michal Hocko wrote:
> On Thu 03-08-17 15:20:31, Igor Stoppa wrote:
>> On 03/08/17 14:48, Michal Hocko wrote:
>>> On Thu 03-08-17 13:11:45, Igor Stoppa wrote:
[...]
>>>> But, to reply more specifically to your advice, yes, I think I coul
On 03/08/17 16:55, Michal Hocko wrote:
> On Thu 03-08-17 15:20:31, Igor Stoppa wrote:
>> On 03/08/17 14:48, Michal Hocko wrote:
>>> On Thu 03-08-17 13:11:45, Igor Stoppa wrote:
[...]
>>>> But, to reply more specifically to your advice, yes, I think I coul
On 03/08/17 14:48, Michal Hocko wrote:
> On Thu 03-08-17 13:11:45, Igor Stoppa wrote:
>> On 02/08/17 20:08, Jerome Glisse wrote:
>>> On Wed, Aug 02, 2017 at 06:14:28PM +0300, Igor Stoppa wrote:
[...]
>>>> from include/linux/mm_types.h:
>>>>
On 03/08/17 14:48, Michal Hocko wrote:
> On Thu 03-08-17 13:11:45, Igor Stoppa wrote:
>> On 02/08/17 20:08, Jerome Glisse wrote:
>>> On Wed, Aug 02, 2017 at 06:14:28PM +0300, Igor Stoppa wrote:
[...]
>>>> from include/linux/mm_types.h:
>>>>
On 02/08/17 20:08, Jerome Glisse wrote:
> On Wed, Aug 02, 2017 at 06:14:28PM +0300, Igor Stoppa wrote:
[...]
>> +set_page_private(page, 1);
>
> Above line is pointless you overwrite value right below
yes ...
>
>> +page->
On 02/08/17 20:08, Jerome Glisse wrote:
> On Wed, Aug 02, 2017 at 06:14:28PM +0300, Igor Stoppa wrote:
[...]
>> +set_page_private(page, 1);
>
> Above line is pointless you overwrite value right below
yes ...
>
>> +page->
Hi,
while I am working to another example of using pmalloc [1],
it was pointed out to me that:
1) I had introduced a bug when I switched to using a field of the page
structure [2]
2) I was also committing a layer violation in the way I was tagging the
pages.
I am seeking help to understand what
Hi,
while I am working to another example of using pmalloc [1],
it was pointed out to me that:
1) I had introduced a bug when I switched to using a field of the page
structure [2]
2) I was also committing a layer violation in the way I was tagging the
pages.
I am seeking help to understand what
On 11/07/17 14:12, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>> - I had to rebase Tetsuo Handa's patch because it didn't apply cleanly
>> anymore, I would appreciate an ACK to that or a revised patch, whatever
>> comes easier.
>
> Since we are getting several prop
On 11/07/17 14:12, Tetsuo Handa wrote:
> Igor Stoppa wrote:
>> - I had to rebase Tetsuo Handa's patch because it didn't apply cleanly
>> anymore, I would appreciate an ACK to that or a revised patch, whatever
>> comes easier.
>
> Since we are getting several prop
On 07/07/17 21:48, Jerome Glisse wrote:
> I believe there is enough unuse field that for vmalloc pages that
> you should find one you can use. Just add some documentation in
> mm_types.h so people are aware of alternate use for the field you
> are using.
I ended up using page->private and the
On 07/07/17 21:48, Jerome Glisse wrote:
> I believe there is enough unuse field that for vmalloc pages that
> you should find one you can use. Just add some documentation in
> mm_types.h so people are aware of alternate use for the field you
> are using.
I ended up using page->private and the
rned on.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
CC: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
---
security/security.c | 22 +++---
1 file changed, 19 insertions(+), 3 deletions(-)
diff --git a/security/security.c b/security/security.c
i
nvert security_hook_heads into explicit array of struct list_head"
Author: Tetsuo Handa
to break free from the static constraint imposed by the previous
hardening model, based on __ro_after_init.
The default value is disabled, unless SE Linux debugging is turned on.
Signed-off-by: Igor Stoppa
sult of introducing an enum, security_hook_heads becomes a local
variable. In order to pass 80 columns check by scripts/checkpatch.pl ,
rename security_hook_heads to hook_heads.
Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Rebased-by: Igor Stoppa <igor.sto...@huawei.com
eads becomes a local
variable. In order to pass 80 columns check by scripts/checkpatch.pl ,
rename security_hook_heads to hook_heads.
Signed-off-by: Tetsuo Handa
Rebased-by: Igor Stoppa
Cc: Kees Cook
Cc: Paul Moore
Cc: Stephen Smalley
Cc: Casey Schaufler
Cc: James Morris
Cc: Igor Stoppa
Cc:
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
arch/Kconfig| 1 +
include/linux/pmalloc.h | 127 +
lib/Kconfig | 1 +
mm/Ma
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa
---
arch/Kconfig| 1 +
include/linux/pmalloc.h | 127 +
lib/Kconfig | 1 +
mm/Makefile | 1 +
mm
revised patch, whatever
comes easier.
Igor Stoppa (2):
Protectable memory support
Make LSM Writable Hooks a command line option
Tetsuo Handa (1):
LSM: Convert security_hook_heads into explicit array of struct
list_head
arch/Kconfig | 1 +
include/linux/lsm_hooks.
revised patch, whatever
comes easier.
Igor Stoppa (2):
Protectable memory support
Make LSM Writable Hooks a command line option
Tetsuo Handa (1):
LSM: Convert security_hook_heads into explicit array of struct
list_head
arch/Kconfig | 1 +
include/linux/lsm_hooks.
601 - 700 of 850 matches
Mail list logo