| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Make iser_[create|destroy]_fastreg_desc shorter, more
readable and easily extendable.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of open-coding connection fastreg pool get/put,
we introduce iser_reg_desc[get|put] helpers.
We aren't setting these static as this will be a per-device
routine later on. Also, cleanup iser_unreg_rdma_mem_fastreg
a bit.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
No need for these two separate. Keep it in a single routine
like in the fastreg case. This will also make iser_reg_page_vec
closer to iser_fast_reg_mr arguments. This is a preparation
step for registration flow refactor.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This struct members other than struct iser_mem_reg are unused,
so remove it altogether.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Buffer length was assigned twice, and no reason to set va to
io_addr and then add the offset, just set va to io_addr + offset.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
As memory registration/de-registration methods, lets
move them to their natural location. While we're at it,
make iser_reg_page_vec routine static.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
No need to pass that, we can take it from the task.
In a later stage, this function will be invoked
according to a device capability.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
No need to keep two iser_data_buf structures just in case we use
mem copy. We can avoid that just by adding a pointer to the original
sg. So keep only two iser_data_buf per command (data and protection)
and pass the relevant data_buf to bounce buffer routine.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This code was added before we had protection data length
calculation (in iser_send_command), so we needed to calc
the sg data length from the sg itself. This is not needed
anymore.
This patch does not change any functionality.
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Adir Lev <adirl@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This length miss-calculation may cause a silent data corruption
in the DIX case and cause the device to reference unmapped area.
Fixes: d77e65350f2d ('libiscsi, iser: Adjust data_length to include protection information')
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Fast registration and local invalidate work requests can
also fail. We should call error completion handler for them.
Reported-by: Roi Dayan <roid@mellanox.com>
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case the user unloaded ib_iser while ep_connect is in
progress, we need to destroy the endpoint although ep_disconnect
wasn't invoked (we detect this by the iser conn state != DOWN).
However, if we got an REJECTED/UNREACHABLE CM event we move the
connection state to DOWN which will prevent us from destroying
the endpoint in the module unload stage. Fix this by setting the
connection state to TERMINATING in iser_conn_error so we can still
destroy the endpoint at unload stage.
Reported-by: Ariel Nahum <arieln@mellanox.com>
Signed-off-by: Sagi Grimberg <sagig@mellanox.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kconfig updates from Michal Marek:
"Here is the kconfig stuff for v4.1-rc1:
- fixes for mergeconfig (used by make kvmconfig/tinyconfig)
- header cleanup
- make -s *config is silent now"
* 'kconfig' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
kconfig: Do not print status messages in make -s mode
kconfig: Simplify Makefile
kbuild: add generic mergeconfig target, %.config
merge_config.sh: rename MAKE to RUNMAKE
merge_config.sh: improve indentation
kbuild: mergeconfig: remove redundant $(objtree)
kbuild: mergeconfig: move an error check to merge_config.sh
kbuild: mergeconfig: fix "jobserver unavailable" warning
kconfig: Remove unnecessary prototypes from headers
kconfig: Remove dead code
kconfig: Get rid of the P() macro in headers
kconfig: fix a misspelling in scripts/kconfig/merge_config.sh
|
| | |
| |
| |
| |
| |
| |
| | |
Add an -s option to the various frontends and pass it when make -s is
used. Also, use $(kecho) instead of @echo in the Makefile.
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| | |
Use a single rule for targets handled directly by the conf program.
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
"scripts/kconfig/merge_config.sh && make oldconfig" works well
enough for merging local config fragments, but Kbuild currently has
the entry points only for "kvmconfig" and "tinyconfig".
This commit provides the generic target for mergeconfig, so we can
manage our own config fragments easily:
put "foo.config" in arch/$(SRCARCH)/configs/ or kernel/configs/,
and then run "make foo.config".
Now "make kvmconfig" is just a shorthand of "make kvm_guest.config".
Likewise, "make tinyconfig" is equivalent to
"make allnoconfig tiny.config".
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The variable "MAKE" is used to store the command name that has
invoked the Makefile. (Actually, it is already set to "make"
if you run this script from a Makefile.)
In this script, however, it is used to determine if Make should be
run or not. It is not what we usually expect.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It is true that we do not want to move the code too far to the
right, but something like below is not preferred:
if [ "x$PREV_VAL" != "x$NEW_VAL" ] ; then
echo Value of $CFG is redefined by fragment $MERGE_FILE:
echo Previous value: $PREV_VAL
echo New value: $NEW_VAL
echo
elif [ "$WARNREDUN" = "true" ]; then
echo Value of $CFG is redundant by fragment $MERGE_FILE:
fi
To fix this, call "continue" if the "grep" command fails to find the
given CONFIG.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Kbuild always runs in $(objtree). Actually, $(objtree) is always
set to "." by the top-level Makefile.
We can omit "-O $(objtree)" and "$(objtree)/".
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, "make tinyconfig" does not work with "-j" option.
$ make mrproper
$ make -j8 tinyconfig
HOSTCC scripts/basic/fixdep
HOSTCC scripts/kconfig/conf.o
SHIPPED scripts/kconfig/zconf.tab.c
SHIPPED scripts/kconfig/zconf.lex.c
SHIPPED scripts/kconfig/zconf.hash.c
HOSTCC scripts/kconfig/zconf.tab.o
HOSTLD scripts/kconfig/conf
scripts/kconfig/conf --allnoconfig Kconfig
#
# configuration written to .config
#
scripts/kconfig/Makefile:122: *** You need an existing .config
for this target. Stop.
make: *** [tinyconfig] Error 2
As shown above, "allnoconfig" has created the .config file before
mergeconfig is called, but Make still raises a false alarm because
of some sort of race condition.
We can fix this issue by moving the error check to the shell script.
Anyway, scripts/kconfig/merge_config.sh always requires an existing
.config as a base file. It is reasonable to check its existence in
the shell script.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If "make kvmconfig" is run with "-j" option, a warning message,
"jobserver unavailable: using -j1. Add `+' to parent make rule.",
is displayed.
$ make -s defconfig
*** Default configuration is based on 'x86_64_defconfig'
#
# configuration written to .config
#
$ make -j8 kvmconfig
Using ./.config as base
Merging ./arch/x86/configs/kvm_guest.config
[ snip ]
#
# merged configuration written to ./.config (needs make)
#
make[2]: warning: jobserver unavailable: using -j1. Add `+' to
parent make rule.
scripts/kconfig/conf --oldconfig Kconfig
[ snip ]
#
# configuration written to .config
#
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Reviewed-by: Darren Hart <dvhart@linux.intel.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| | |
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| | |
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This was originally meant for dlopen()ing a potential kconfig shared
library. The unused dlopen code has already been removed in commit
5a6f8d2b (kconfig: nuke LKC_DIRECT_LINK cruft), so let's remove the
rest. The lkc_proto.h change was made with the following sed script:
sed -r 's/^P\(([^,]*), *([^,]*), *(.*)\);/\2 \1\3;/'
Plus some manual adjustments.
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |
| |
| |
| |
| | |
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild
Pull kbuild updates from Michal Marek:
"Here is the first round of kbuild changes for v4.1-rc1:
- kallsyms fix for ARM and cleanup
- make dep(end) removed (developers have no sense of nostalgia these
days...)
- include Makefiles by relative path
- stop useless rebuilds of asm-offsets.h and bounds.h"
* 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild:
Kbuild: kallsyms: drop special handling of pre-3.0 GCC symbols
Kbuild: kallsyms: ignore veneers emitted by the ARM linker
kbuild: ia64: use $(src)/Makefile.gate rather than particular path
kbuild: include $(src)/Makefile rather than $(obj)/Makefile
kbuild: use relative path more to include Makefile
kbuild: use relative path to include Makefile
kbuild: do not add $(bounds-file) and $(offsets-file) to targets
kbuild: remove warning about "make depend"
kbuild: Don't reset timestamps in include/generated if not needed
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since we have required at least GCC v3.2 for some time now, we
can drop the special handling of the 'gcc[0-9]_compiled.' label
which is not emitted anymore since GCC v3.0.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When linking large kernels on ARM, the linker will insert veneers
(i.e., PLT like stubs) when function symbols are out of reach for
the ordinary relative branch/branch-and-link instructions.
However, due to the fact that the kallsyms region sits in .rodata,
which is between .text and .init.text, additional veneers may be
emitted in the second pass due to the fact that the size of the
kallsyms region itself has pushed the .init.text section further
apart, requiring even more veneers.
So ignore the veneers when generating the symbol table. Veneers
have no corresponding source code, and they will not turn up in
backtraces anyway.
This patch also lightly refactors the symbol_valid() function
to use a local 'sym_name' rather than the obfuscated 'sym + 1'
and 'sym + offset'
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | | |
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit actually has no impact because $(src) and $(obj) point
to the same path, but $(src)/Makefile looks better when we include
source files.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Prior to this commit, it was impossible to use relative path to
include Makefiles from the top level Makefile because the option
"--include-dir=$(srctree)" becomes effective when Make enters into
sub Makefiles.
To use relative path in any places, this commit moves the option
above the "sub-make" target.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The "MAKEFLAGS += --include-dir=$(srctree)" line in the top Makefile
allows us to do this.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
$(always) is added to targets by scripts/Makefile.build.
Moreover, filechk does not need .*.cmd files.
Adding these two files to targets is redundant.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Enough time has passed since "make depend" was deprecated.
Nobody would be in trouble without this hint.
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use filechk to generate asm-offsets.h and bounds.h. Based on a patch by
Valdis Kletnieks.
Reported-by: Valdis Kletnieks <Valdis.Kletnieks@vt.edu>
Acked-By: Valdis Kletnieks <Valdis.Kletnieks@vt.edu>
Reviewed-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris:
"Highlights for this window:
- improved AVC hashing for SELinux by John Brooks and Stephen Smalley
- addition of an unconfined label to Smack
- Smack documentation update
- TPM driver updates"
* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (28 commits)
lsm: copy comm before calling audit_log to avoid race in string printing
tomoyo: Do not generate empty policy files
tomoyo: Use if_changed when generating builtin-policy.h
tomoyo: Use bin2c to generate builtin-policy.h
selinux: increase avtab max buckets
selinux: Use a better hash function for avtab
selinux: convert avtab hash table to flex_array
selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat()
selinux: remove unnecessary pointer reassignment
Smack: Updates for Smack documentation
tpm/st33zp24/spi: Add missing device table for spi phy.
tpm/st33zp24: Add proper wait for ordinal duration in case of irq mode
smack: Fix gcc warning from unused smack_syslog_lock mutex in smackfs.c
Smack: Allow an unconfined label in bringup mode
Smack: getting the Smack security context of keys
Smack: Assign smack_known_web as default smk_in label for kernel thread's socket
tpm/tpm_infineon: Use struct dev_pm_ops for power management
MAINTAINERS: Add Jason as designated reviewer for TPM
tpm: Update KConfig text to include TPM2.0 FIFO chips
tpm/st33zp24/dts/st33zp24-spi: Add dts documentation for st33zp24 spi phy
...
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When task->comm is passed directly to audit_log_untrustedstring() without
getting a copy or using the task_lock, there is a race that could happen that
would output a NULL (\0) in the middle of the output string that would
effectively truncate the rest of the report text after the comm= field in the
audit log message, losing fields.
Using get_task_comm() to get a copy while acquiring the task_lock to prevent
this and to prevent the result from being a mixture of old and new values of
comm would incur potentially unacceptable overhead, considering that the value
can be influenced by userspace and therefore untrusted anyways.
Copy the value before passing it to audit_log_untrustedstring() ensures that a
local copy is used to calculate the length *and* subsequently printed. Even if
this value contains a mix of old and new values, it will only calculate and
copy up to the first NULL, preventing the rest of the audit log message being
truncated.
Use a second local copy of comm to avoid a race between the first and second
calls to audit_log_untrustedstring() with comm.
Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Richard Guy Briggs <rgb@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
|
| | |\ \
| | | |
| | | |
| | | | |
git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild into next
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The Makefile automatically generates the tomoyo policy files, which are
not removed by make clean (because they could have been provided by the
user). Instead of generating the missing files, use /dev/null if a
given file is not provided. Store the default exception_policy in
exception_policy.conf.default.
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Combine the generation of builtin-policy.h into a single command and use
if_changed, so that the file is regenerated each time the command
changes. The next patch will make use of this.
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |/
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Simplify the Makefile by using a readily available tool instead of a
custom sed script. The downside is that builtin-policy.h becomes
unreadable for humans, but it is only a generated file.
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Michal Marek <mmarek@suse.cz>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now that we can safely increase the avtab max buckets without
triggering high order allocations and have a hash function that
will make better use of the larger number of buckets, increase
the max buckets to 2^16.
Original:
101421 entries and 2048/2048 buckets used, longest chain length 374
With new hash function:
101421 entries and 2048/2048 buckets used, longest chain length 81
With increased max buckets:
101421 entries and 31078/32768 buckets used, longest chain length 12
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This function, based on murmurhash3, has much better distribution than
the original. Using the current default of 2048 buckets, there are many
fewer collisions:
Before:
101421 entries and 2048/2048 buckets used, longest chain length 374
After:
101421 entries and 2048/2048 buckets used, longest chain length 81
The difference becomes much more significant when buckets are increased.
A naive attempt to expand the current function to larger outputs doesn't
yield any significant improvement; so this function is a prerequisite
for increasing the bucket size.
sds: Adapted from the original patches for libsepol to the kernel.
Signed-off-by: John Brooks <john.brooks@jolla.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously we shrank the avtab max hash buckets to avoid
high order memory allocations, but this causes avtab lookups to
degenerate to very long linear searches for the Fedora policy. Convert to
using a flex_array instead so that we can increase the buckets
without such limitations.
This change does not alter the max hash buckets; that is left to a
separate follow-on change.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Move the NetLabel secattr MLS category import logic into
mls_import_netlbl_cat() where it belongs, and use the
mls_import_netlbl_cat() function in security_netlbl_secattr_to_sid().
Reported-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Commit f01e1af445fa ("selinux: don't pass in NULL avd to avc_has_perm_noaudit")
made this pointer reassignment unnecessary. Avd should continue to reference
the stack-based copy.
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: tweaked subject line]
Signed-off-by: Paul Moore <pmoore@redhat.com>
|
| | |\ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Document the Smack bringup features. Update the proper location for
mounting smackfs from /smack to /sys/fs/smackfs. Fix some spelling errors.
Suggest the use of the load2 interface instead of the load interface.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In commit 00f84f3f2e9d088f06722f4351d67f5f577abe22 ("Smack: Make the
syslog control configurable") this mutex was added, but the rest of
the final commit never actually made use of it, resulting in:
In file included from include/linux/mutex.h:29:0,
from include/linux/notifier.h:13,
from include/linux/memory_hotplug.h:6,
from include/linux/mmzone.h:821,
from include/linux/gfp.h:5,
from include/linux/slab.h:14,
from include/linux/security.h:27,
from security/smack/smackfs.c:21:
security/smack/smackfs.c:63:21: warning: ‘smack_syslog_lock’ defined but not used [-Wunused-variable]
static DEFINE_MUTEX(smack_syslog_lock);
^
A git grep shows no other instances/references to smack_syslog_lock.
Delete it, assuming that the mutex addition was just a leftover from
an earlier work in progress version of the change.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I have vehemently opposed adding a "permissive" mode to Smack
for the simple reasons that it would be subject to massive abuse
and that developers refuse to turn it off come product release.
I still believe that this is true, and still refuse to add a
general "permissive mode". So don't ask again.
Bumjin Im suggested an approach that addresses most of the concerns,
and I have implemented it here. I still believe that we'd be better
off without this sort of thing, but it looks like this minimizes the
abuse potential.
Firstly, you have to configure Smack Bringup Mode. That allows
for "release" software to be ammune from abuse. Second, only one
label gets to be "permissive" at a time. You can use it for
debugging, but that's about it.
A label written to smackfs/unconfined is treated specially.
If either the subject or object label of an access check
matches the "unconfined" label, and the access would not
have been allowed otherwise an audit record and a console
message are generated. The audit record "request" string is
marked with either "(US)" or "(UO)", to indicate that the
request was granted because of an unconfined label. The
fact that an inode was accessed by an unconfined label is
remembered, and subsequent accesses to that "impure"
object are noted in the log. The impurity is not stored in
the filesystem, so a file mislabled as a side effect of
using an unconfined label may still cause concern after
a reboot.
So, it's there, it's dangerous, but so many application
developers seem incapable of living without it I have
given in. I've tried to make it as safe as I can, but
in the end it's still a chain saw.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
|
