Re: [Patch net] net: saving irq context for peernet2id()

2016-10-22 Thread Paul Moore
On Fri, Oct 21, 2016 at 11:26 PM, Cong Wang wrote: > On Fri, Oct 21, 2016 at 1:03 PM, Paul Moore wrote: >> On Fri, Oct 21, 2016 at 2:02 PM, Cong Wang wrote: >>> On Fri, Oct 21, 2016 at 9:19 AM, Paul Moore

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Cong Wang
On Fri, Oct 21, 2016 at 1:33 PM, David Miller wrote: > From: Paul Moore > Date: Fri, 21 Oct 2016 16:15:00 -0400 > >> However, that's not the case is it? Unless I missed something, the >> fix that Cong Wang is advocating (rework the audit multicast

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Cong Wang
On Fri, Oct 21, 2016 at 6:55 PM, Paul Moore wrote: > It's the end of my day, and commitments over the weekend will limit > how much additional testing/work I can do so I went ahead and just > posted a simple revert to netdev, it should be in your inbox already. > Please fix

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Cong Wang
On Fri, Oct 21, 2016 at 1:03 PM, Paul Moore wrote: > On Fri, Oct 21, 2016 at 2:02 PM, Cong Wang wrote: >> On Fri, Oct 21, 2016 at 9:19 AM, Paul Moore wrote: >>> On Thu, Oct 20, 2016 at 7:35 PM, Cong Wang

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Paul Moore
On Fri, Oct 21, 2016 at 4:53 PM, Paul Moore wrote: > On Fri, Oct 21, 2016 at 4:33 PM, David Miller wrote: >> From: Paul Moore >> Date: Fri, 21 Oct 2016 16:15:00 -0400 >> >>> However, that's not the case is it? Unless I missed

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Paul Moore
On Fri, Oct 21, 2016 at 4:33 PM, David Miller wrote: > From: Paul Moore > Date: Fri, 21 Oct 2016 16:15:00 -0400 > >> However, that's not the case is it? Unless I missed something, the >> fix that Cong Wang is advocating (rework the audit multicast

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread David Miller
From: Paul Moore Date: Fri, 21 Oct 2016 16:15:00 -0400 > However, that's not the case is it? Unless I missed something, the > fix that Cong Wang is advocating (rework the audit multicast code), is > a change that I have said I'm not going to accept during the -rc > phase.

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Paul Moore
On Fri, Oct 21, 2016 at 3:39 PM, Richard Guy Briggs wrote: > On 2016-10-21 11:02, Cong Wang wrote: >> On Fri, Oct 21, 2016 at 9:19 AM, Paul Moore wrote: >> > On Thu, Oct 20, 2016 at 7:35 PM, Cong Wang >> > wrote: >> >> This is

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Paul Moore
On Fri, Oct 21, 2016 at 2:02 PM, Cong Wang wrote: > On Fri, Oct 21, 2016 at 9:19 AM, Paul Moore wrote: >> On Thu, Oct 20, 2016 at 7:35 PM, Cong Wang wrote: >>> This is what I did in the follow up patch. I attach the

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Richard Guy Briggs
On 2016-10-21 11:02, Cong Wang wrote: > On Fri, Oct 21, 2016 at 9:19 AM, Paul Moore wrote: > > On Thu, Oct 20, 2016 at 7:35 PM, Cong Wang wrote: > >> This is what I did in the follow up patch. I attach the updated version > >> in this email for you

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Cong Wang
On Fri, Oct 21, 2016 at 9:19 AM, Paul Moore wrote: > On Thu, Oct 20, 2016 at 7:35 PM, Cong Wang wrote: >> This is what I did in the follow up patch. I attach the updated version >> in this email for you to review ... > > I think there is still some

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Paul Moore
On Thu, Oct 20, 2016 at 7:35 PM, Cong Wang wrote: > On Thu, Oct 20, 2016 at 12:07 PM, Paul Moore wrote: >> On Thu, Oct 20, 2016 at 2:29 PM, Cong Wang wrote: >>> On Thu, Oct 20, 2016 at 7:58 AM, Stephen Smalley

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-21 Thread Stephen Smalley
On 10/21/2016 12:47 AM, Cong Wang wrote: > On Thu, Oct 20, 2016 at 4:35 PM, Cong Wang wrote: >> Since you want to test SELinux anyway, please test the attached one. >> > > Finally my kernel config is friendly to SELinux, and now there are several > tests fails: > > >

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Cong Wang
On Thu, Oct 20, 2016 at 4:35 PM, Cong Wang wrote: > Since you want to test SELinux anyway, please test the attached one. > Finally my kernel config is friendly to SELinux, and now there are several tests fails: Test Summary Report --- sysctl/test

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Cong Wang
On Thu, Oct 20, 2016 at 12:07 PM, Paul Moore wrote: > On Thu, Oct 20, 2016 at 2:29 PM, Cong Wang wrote: >> On Thu, Oct 20, 2016 at 7:58 AM, Stephen Smalley wrote: >>> On 10/20/2016 02:52 AM, Cong Wang wrote: A kernel

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Cong Wang
On Thu, Oct 20, 2016 at 11:29 AM, Cong Wang wrote: > On Thu, Oct 20, 2016 at 7:58 AM, Stephen Smalley wrote: >> On 10/20/2016 02:52 AM, Cong Wang wrote: >>> A kernel warning inside __local_bh_enable_ip() was reported by people >>> running SELinux,

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Paul Moore
On Thu, Oct 20, 2016 at 2:29 PM, Cong Wang wrote: > On Thu, Oct 20, 2016 at 7:58 AM, Stephen Smalley wrote: >> On 10/20/2016 02:52 AM, Cong Wang wrote: >>> A kernel warning inside __local_bh_enable_ip() was reported by people >>> running SELinux,

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Cong Wang
On Thu, Oct 20, 2016 at 7:58 AM, Stephen Smalley wrote: > On 10/20/2016 02:52 AM, Cong Wang wrote: >> A kernel warning inside __local_bh_enable_ip() was reported by people >> running SELinux, this is caused due to some SELinux functions >> (indirectly) call peernet2id() with

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Cong Wang
On Thu, Oct 20, 2016 at 3:17 AM, Nicolas Dichtel wrote: > > Now, we see that "it's needed" and that the analysis was wrong. If a race is > introduced by this patch, it will be hard to detect and fix it. It is _not_ needed for protection, it is needed to shut up a

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Stephen Smalley
On 10/20/2016 02:52 AM, Cong Wang wrote: > A kernel warning inside __local_bh_enable_ip() was reported by people > running SELinux, this is caused due to some SELinux functions > (indirectly) call peernet2id() with IRQ disabled in process context, > when we re-enable BH with IRQ disabled kernel

Re: [Patch net] net: saving irq context for peernet2id()

2016-10-20 Thread Nicolas Dichtel
Le 20/10/2016 à 08:52, Cong Wang a écrit : > A kernel warning inside __local_bh_enable_ip() was reported by people > running SELinux, this is caused due to some SELinux functions > (indirectly) call peernet2id() with IRQ disabled in process context, > when we re-enable BH with IRQ disabled kernel