On 09/13/2018 01:11 PM, Michal Hocko wrote:
> On Thu 13-09-18 09:12:04, peter enderborg wrote:
>> On 09/13/2018 08:26 AM, Tetsuo Handa wrote:
>>> On 2018/09/13 12:02, Paul Moore wrote:
>>>> On Fri, Sep 7, 2018 at 12:43 PM Tetsuo Handa
>>>> wrote:
>&g
On 09/13/2018 08:26 AM, Tetsuo Handa wrote:
> On 2018/09/13 12:02, Paul Moore wrote:
>> On Fri, Sep 7, 2018 at 12:43 PM Tetsuo Handa
>> wrote:
>>> syzbot is hitting warning at str_read() [1] because len parameter can
>>> become larger than KMALLOC_MAX_SIZE. We don't need to emit warning for
>>>
On 06/12/2018 04:38 PM, Joe Perches wrote:
> On Tue, 2018-06-12 at 10:09 +0200, Peter Enderborg wrote:
>> Replace printk with pr_* to avoid checkpatch warnings.
> I believe it would be nicer to remove the
> "SELinux: " prefix embbeded in each format
> and use a spe
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netif.c | 11 ---
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/security/selinux/netif.c b/security/selinux/netif.c
index ac65f7417413..8c738c189942 100644
This patch replaces printk with pr_* for the selinux files.
I get a lot of checkpatch warnings when doing my other work,
lets get rid of the warnings.
For the policydb.c there also a removal of KERN_CONT with
two longer prints.
I have NOT cleaned up splitting lines with long prints. I think
the
Replace printk with pr_* to avoid checkpatch warnings and
replace KERN_CONT with 2 longer prints.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/policydb.c | 91 +-
1 file changed, 46 insertions(+), 45 deletions(-)
diff --git a/security/selinux
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/conditional.c | 16
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/security/selinux/ss/conditional.c
b/security/selinux/ss/conditional.c
index
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/ebitmap.c | 15 +++
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
index 5ae8c61b75bf
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netlink.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c
index 828fb6a4e941..8a8a72507437 100644
--- a/security
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/selinuxfs.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index c0cadbc5f85c..2adfade99945
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 71 +-
1 file changed, 35 insertions(+), 36 deletions(-)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netport.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/security/selinux/netport.c b/security/selinux/netport.c
index 9ed4c5064a5e..7a141cadbffc 100644
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netnode.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c
index 6dd89b89bc1f..afa0d432436b 100644
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/avc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index f3aedf077509..635e5c1e3e48 100644
--- a/security/selinux
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/avtab.c | 51 +++--
1 file changed, 26 insertions(+), 25 deletions(-)
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/hooks.c | 68 +++-
1 file changed, 33 insertions(+), 35 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/sidtab.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
index 5be31b7af225..fd75a12fa8fc 100644
On 05/31/2018 02:42 PM, Stephen Smalley wrote:
> On 05/31/2018 05:04 AM, peter enderborg wrote:
>> On 05/30/2018 10:34 PM, Stephen Smalley wrote:
>>> On 05/30/2018 10:10 AM, Peter Enderborg wrote:
>>>> The boolean change becomes a lot more heavy with this patch,
&g
On 05/31/2018 02:42 PM, Stephen Smalley wrote:
> On 05/31/2018 05:04 AM, peter enderborg wrote:
>> On 05/30/2018 10:34 PM, Stephen Smalley wrote:
>>> On 05/30/2018 10:10 AM, Peter Enderborg wrote:
>>>> The boolean change becomes a lot more heavy with this patch,
&g
On 05/30/2018 11:22 PM, J Freyensee wrote:
>
>> +int sidtab_clone(struct sidtab *s, struct sidtab *d)
>> +{
>> + int i, rc = 0;
> If s or d are NULL (see if() below), why would we want rc, the return value,
> to be 0? How about defaulting rc to an error value (-EINVAL)?
Oops! Thanks, will
On 05/30/2018 10:34 PM, Stephen Smalley wrote:
> On 05/30/2018 10:10 AM, Peter Enderborg wrote:
>> The boolean change becomes a lot more heavy with this patch,
>> but it is a very rare usage in compare with read only operations.
>> The lock held during a policydb_copy i
allocation that are intended to be on the outside of the lock.
hastab_insert had a cond_sched call that is removed. When switched
to rcu lock the lock can be preempted.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/hashtab.c | 1 -
security/selinux/ss/policydb.c | 48 +++
security
From: peter
As preparation for RCU the allocation need to be atomic,
there is a lot of them so they do in this patch.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/avtab.c | 8 +--
security/selinux/ss/conditional.c | 14 ++---
security/selinux/ss/ebitmap.c | 3
Holding the preempt_disable is very bad for low latency tasks
such as audio and therefore we need to break out the rule-set dependent
part from this disable. By using a RCU instead of rwlock we
have an efficient locking and less preemption interference.
Selinux uses a lot of read_locks. This
To be able to preempt avc_compute we need preemptible
locks, this patch switch the rwlock reads to rcu_read_lock.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 152 +
security/selinux/ss/services.h | 2 +-
2 files changed, 79
We need a copy of sidtabs, so change the generic sidtab_clone
as from a function pointer and let it use a read rwlock while
do the clone.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 20 +---
security/selinux/ss/sidtab.c | 39
This patch separtate the locks for read and write, and
to be sure that they are using the same structure the
seqno is used. If the seqno is changed from the read to
write section the function reportes an eagain error.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 143
On 02/20/2018 04:58 PM, Stephen Smalley wrote:
> On Tue, 2018-02-20 at 08:59 -0500, Stephen Smalley wrote:
>> On Mon, 2018-02-19 at 16:18 +0100, Peter Enderborg wrote:
>>> From: Peter <peter.enderb...@sony.com>
>>>
>>> The locks are moved to dynamic a
From: Peter <peter.enderb...@sony.com>
The locks are moved to dynamic allocation, we need to
help the lockdep system to classify the locks.
This adds to lockdep annotation for the page mutex and
for the ss lock.
Signed-off-by: Peter Enderborg <peter.enderb...@sony.com>
---
This i
On 01/30/2018 03:37 PM, Stephen Smalley wrote:
> On Fri, 2018-01-26 at 15:32 +0100, peter.enderb...@sony.com wrote:
> goto err;
>
> - rc = security_preserve_bools(newpolicydb);
> + rc = security_preserve_bools(_rcu->policydb);
> if (rc) {
> printk(KERN_ERR "SELinux:
that is
appropriate. Obviously there will be collisions with the namespace, but
the patches also solves few of my prerequisite topics.
On 02/02/2018 03:10 PM, Stephen Smalley wrote:
> On Fri, 2018-02-02 at 09:05 +0100, Peter Enderborg wrote:
>> The locks are moved to dynamic allocation, we need t
The locks are moved to dynamic allocation, we need to
help the lockdep system to classify the locks.
This adds to lockdep annotation for the page mutex and
for the ss lock.
Signed-off-by: Peter Enderborg <peter.enderb...@sony.com>
---
security/selinux/ss/services.c | 5 +
1 file chan
The locks are moved to dynamic allocation, we need to
help the lockdep system to classify the locks.
This adds to lockdep annotation for the page mutex and
for the ss lock.
---
security/selinux/ss/services.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/security/selinux/ss/services.c
On 01/30/2018 02:46 PM, Stephen Smalley wrote:
> On Fri, 2018-01-26 at 15:32 +0100, peter.enderb...@sony.com wrote:
>> From: Peter Enderborg <peter.enderb...@sony.com>
>>
>> To be able to use rcu locks we seed to address the policydb
>> though a pointer. Th
34 matches
Mail list logo