On 01/30/2018 02:46 PM, Stephen Smalley wrote:
> On Fri, 2018-01-26 at 15:32 +0100, peter.enderb...@sony.com wrote:
>> From: Peter Enderborg
>>
>> To be able to use rcu locks we seed to address the policydb
>> though a pointer. This preparation removes the export
The locks are moved to dynamic allocation, we need to
help the lockdep system to classify the locks.
This adds to lockdep annotation for the page mutex and
for the ss lock.
---
security/selinux/ss/services.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/security/selinux/ss/services.c b/
The locks are moved to dynamic allocation, we need to
help the lockdep system to classify the locks.
This adds to lockdep annotation for the page mutex and
for the ss lock.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 5 +
1 file changed, 5 insertions(+)
diff --git a
appropriate. Obviously there will be collisions with the namespace, but
the patches also solves few of my prerequisite topics.
On 02/02/2018 03:10 PM, Stephen Smalley wrote:
> On Fri, 2018-02-02 at 09:05 +0100, Peter Enderborg wrote:
>> The locks are moved to dynamic allocation, we need to
&g
On 01/30/2018 03:37 PM, Stephen Smalley wrote:
> On Fri, 2018-01-26 at 15:32 +0100, peter.enderb...@sony.com wrote:
> goto err;
>
> - rc = security_preserve_bools(newpolicydb);
> + rc = security_preserve_bools(&next_rcu->policydb);
> if (rc) {
> printk(KERN_ERR "SELinu
From: Peter
The locks are moved to dynamic allocation, we need to
help the lockdep system to classify the locks.
This adds to lockdep annotation for the page mutex and
for the ss lock.
Signed-off-by: Peter Enderborg
---
This is the rebase of suggested patches from selinuxns tree
and are
On 02/20/2018 04:58 PM, Stephen Smalley wrote:
> On Tue, 2018-02-20 at 08:59 -0500, Stephen Smalley wrote:
>> On Mon, 2018-02-19 at 16:18 +0100, Peter Enderborg wrote:
>>> From: Peter
>>>
>>> The locks are moved to dynamic allocation, we need to
>>>
On 02/01/2018 04:55 PM, Paul Moore wrote:
> On Thu, Feb 1, 2018 at 10:17 AM, peter enderborg
> wrote:
>> On 01/30/2018 02:46 PM, Stephen Smalley wrote:
>>> On Fri, 2018-01-26 at 15:32 +0100, peter.enderb...@sony.com wrote:
>>>> From: Peter Enderborg
>>>
This patch separtate the locks for read and write, and
to be sure that they are using the same structure the
seqno is used. If the seqno is changed from the read to
write section the function reportes an eagain error.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 143
We need a copy of sidtabs, so change the generic sidtab_clone
as from a function pointer and let it use a read rwlock while
do the clone.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 20 +---
security/selinux/ss/sidtab.c | 39
Holding the preempt_disable is very bad for low latency tasks
such as audio and therefore we need to break out the rule-set dependent
part from this disable. By using a RCU instead of rwlock we
have an efficient locking and less preemption interference.
Selinux uses a lot of read_locks. This patch
To be able to preempt avc_compute we need preemptible
locks, this patch switch the rwlock reads to rcu_read_lock.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 152 +
security/selinux/ss/services.h | 2 +-
2 files changed, 79
allocation that are intended to be on the outside of the lock.
hastab_insert had a cond_sched call that is removed. When switched
to rcu lock the lock can be preempted.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/hashtab.c | 1 -
security/selinux/ss/policydb.c | 48 +++
security
From: peter
As preparation for RCU the allocation need to be atomic,
there is a lot of them so they do in this patch.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/avtab.c | 8 +--
security/selinux/ss/conditional.c | 14 ++---
security/selinux/ss/ebitmap.c | 3
On 05/30/2018 10:34 PM, Stephen Smalley wrote:
> On 05/30/2018 10:10 AM, Peter Enderborg wrote:
>> The boolean change becomes a lot more heavy with this patch,
>> but it is a very rare usage in compare with read only operations.
>> The lock held during a policydb_copy i
On 05/30/2018 11:22 PM, J Freyensee wrote:
>
>> +int sidtab_clone(struct sidtab *s, struct sidtab *d)
>> +{
>> + int i, rc = 0;
> If s or d are NULL (see if() below), why would we want rc, the return value,
> to be 0? How about defaulting rc to an error value (-EINVAL)?
Oops! Thanks, will fi
On 05/31/2018 02:42 PM, Stephen Smalley wrote:
> On 05/31/2018 05:04 AM, peter enderborg wrote:
>> On 05/30/2018 10:34 PM, Stephen Smalley wrote:
>>> On 05/30/2018 10:10 AM, Peter Enderborg wrote:
>>>> The boolean change becomes a lot more heavy with this patch,
>&
On 05/31/2018 02:42 PM, Stephen Smalley wrote:
> On 05/31/2018 05:04 AM, peter enderborg wrote:
>> On 05/30/2018 10:34 PM, Stephen Smalley wrote:
>>> On 05/30/2018 10:10 AM, Peter Enderborg wrote:
>>>> The boolean change becomes a lot more heavy with this patch,
>&
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/sidtab.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c
index 5be31b7af225..fd75a12fa8fc 100644
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/avc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index f3aedf077509..635e5c1e3e48 100644
--- a/security/selinux
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netport.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/security/selinux/netport.c b/security/selinux/netport.c
index 9ed4c5064a5e..7a141cadbffc 100644
--- a
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/avtab.c | 51 +++--
1 file changed, 26 insertions(+), 25 deletions(-)
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netnode.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/security/selinux/netnode.c b/security/selinux/netnode.c
index 6dd89b89bc1f..afa0d432436b 100644
--- a
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/hooks.c | 68 +++-
1 file changed, 33 insertions(+), 35 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/selinuxfs.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index c0cadbc5f85c..2adfade99945
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/services.c | 71 +-
1 file changed, 35 insertions(+), 36 deletions(-)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netlink.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/selinux/netlink.c b/security/selinux/netlink.c
index 828fb6a4e941..8a8a72507437 100644
--- a/security
Replace printk with pr_* to avoid checkpatch warnings and
replace KERN_CONT with 2 longer prints.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/policydb.c | 91 +-
1 file changed, 46 insertions(+), 45 deletions(-)
diff --git a/security/selinux
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/conditional.c | 16
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/security/selinux/ss/conditional.c
b/security/selinux/ss/conditional.c
index
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/ss/ebitmap.c | 15 +++
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
index 5ae8c61b75bf
This patch replaces printk with pr_* for the selinux files.
I get a lot of checkpatch warnings when doing my other work,
lets get rid of the warnings.
For the policydb.c there also a removal of KERN_CONT with
two longer prints.
I have NOT cleaned up splitting lines with long prints. I think
the c
Replace printk with pr_* to avoid checkpatch warnings.
Signed-off-by: Peter Enderborg
---
security/selinux/netif.c | 11 ---
1 file changed, 4 insertions(+), 7 deletions(-)
diff --git a/security/selinux/netif.c b/security/selinux/netif.c
index ac65f7417413..8c738c189942 100644
--- a
On 06/12/2018 04:38 PM, Joe Perches wrote:
> On Tue, 2018-06-12 at 10:09 +0200, Peter Enderborg wrote:
>> Replace printk with pr_* to avoid checkpatch warnings.
> I believe it would be nicer to remove the
> "SELinux: " prefix embbeded in each format
> and use a spe
On 09/13/2018 08:26 AM, Tetsuo Handa wrote:
> On 2018/09/13 12:02, Paul Moore wrote:
>> On Fri, Sep 7, 2018 at 12:43 PM Tetsuo Handa
>> wrote:
>>> syzbot is hitting warning at str_read() [1] because len parameter can
>>> become larger than KMALLOC_MAX_SIZE. We don't need to emit warning for
>>> th
On 09/13/2018 01:11 PM, Michal Hocko wrote:
> On Thu 13-09-18 09:12:04, peter enderborg wrote:
>> On 09/13/2018 08:26 AM, Tetsuo Handa wrote:
>>> On 2018/09/13 12:02, Paul Moore wrote:
>>>> On Fri, Sep 7, 2018 at 12:43 PM Tetsuo Handa
>>>> wrote:
>&g
35 matches
Mail list logo