On Wed, Jan 22, 2025 at 10:02:49AM -0800, Nicolin Chen wrote:
> On Wed, Jan 22, 2025 at 12:05:27AM -0800, Nicolin Chen wrote:
> > On Tue, Jan 21, 2025 at 01:40:13PM -0800, Nicolin Chen wrote:
> > > On Tue, Jan 21, 2025 at 05:14:04PM -0400, Jason Gunthorpe wrote:
> > > > Since we don't hold the spin
Ping
On Wed, Jan 01, 2025 at 08:23:06AM +, Wei Yang wrote:
>The example code for "Eliminating Stale Data" looks not correct:
>
> * rcu_read_unlock() should put after kstrdup()
> * spin_unlock() should be called before return
>
>Signed-off-by: Wei Yang
>
>---
>Hope my understanding is correc
Hi!
Thanks for reaching out, also your work on this is much appreciated and
followed with great interest. <3
On 1/20/25 6:44 PM, Thomas Weißschuh wrote:
diff --git a/kernel/module/main.c b/kernel/module/main.c
index
effe1db02973d4f60ff6cbc0d3b5241a3576fa3e..094ace81d795711b56d12a2abc75ea3544
Ira Weiny wrote:
[..]
> > The distinction is "can this DPA capacity be allocated to a region" the
> > new holes introduced by DCD are cases where the partition size is
> > greater than the allocatable size. Contrast to ram and pmem the
> > allocatable size is always identical to the partition size.
Jonathan Cameron wrote:
> On Wed, 15 Jan 2025 14:34:36 -0800
> Dan Williams wrote:
>
> > Ira Weiny wrote:
> > > Dan Williams wrote:
> > > > Ira Weiny wrote:
> > >
> > > [snip]
> > >
> > > > > diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h
> > > > > index
> > > > > e8907c403edbd
On Wed, Jan 22, 2025 at 09:33:35AM +, Tian, Kevin wrote:
> > From: Nicolin Chen
> > Sent: Wednesday, January 22, 2025 3:16 PM
> >
> > On Tue, Jan 21, 2025 at 08:21:28PM -0400, Jason Gunthorpe wrote:
> > > On Tue, Jan 21, 2025 at 01:40:05PM -0800, Nicolin Chen wrote:
> > > > > There is also th
On Wed, Jan 22, 2025 at 12:05:27AM -0800, Nicolin Chen wrote:
> On Tue, Jan 21, 2025 at 01:40:13PM -0800, Nicolin Chen wrote:
> > On Tue, Jan 21, 2025 at 05:14:04PM -0400, Jason Gunthorpe wrote:
> > > Since we don't hold the spinlock the whole time there is a race where
> > > we could pull the over
Dan Williams wrote:
> Ira Weiny wrote:
> > Dan Williams wrote:
> > > Ira Weiny wrote:
> >
> > [snip]
> >
> > > > diff --git a/drivers/cxl/cxlmem.h b/drivers/cxl/cxlmem.h
> > > > index
> > > > e8907c403edbd83c8a36b8d013c6bc3391207ee6..05a0718aea73b3b2a02c608bae198eac7c462523
> > > > 100644
> > >
From: Roberto Sassu
Move out the mutex in the ima_iint_cache structure to a new structure
called ima_iint_cache_lock, so that a lock can be taken regardless of
whether or not inode integrity metadata are stored in the inode.
Introduce ima_inode_security() to retrieve the ima_iint_cache_lock
stru
From: Roberto Sassu
Commit 11c60f23ed13 ("integrity: Remove unused macro
IMA_ACTION_RULE_FLAGS") removed the IMA_ACTION_RULE_FLAGS mask, due to it
not being used after commit 0d73a55208e9 ("ima: re-introduce own integrity
cache lock").
However, it seems that the latter commit mistakenly used the
From: Roberto Sassu
IMA-Appraisal implements a fix mode, selectable from the kernel command
line by specifying ima_appraise=fix.
The fix mode is meant to be used in a TOFU (trust on first use) model,
where systems are supposed to work under controlled conditions before the
real enforcement start
From: Roberto Sassu
Use the READ_ONCE() and WRITE_ONCE() macros to mark concurrent read and
write accesses to the portion of the inode security blob containing the
iint pointer.
Writers are serialized by the iint lock.
Reviewed-by: Mimi Zohar
Signed-off-by: Roberto Sassu
---
security/integri
From: Roberto Sassu
IMA stores a pointer of the ima_iint_cache structure, containing integrity
metadata, in the inode security blob. However, check and assignment of this
pointer is not atomic, and it might happen that two tasks both see that the
iint pointer is NULL and try to set it, causing a
From: Roberto Sassu
Commit 196f518128d2e ("IMA: explicit IMA i_flag to remove global lock on
inode_delete") introduced the new S_IMA inode flag to determine whether or
not an inode was processed by IMA. In that way, it was not necessary to
take the global lock on inode delete.
Since commit 4de2f
From: Roberto Sassu
A recent syzbot report [1] showed a possible lock inversion between the
mmap lock and the inode lock. Paul Moore suggested to remove the inode lock
in IMA as a possible solution. A first patch set was made [2] to fulfill
that request, although incomplete due to not removing th
On Wed, Jan 22, 2025 at 11:51:00AM +, Marc Zyngier wrote:
> On Fri, 17 Jan 2025 11:34:09 +, Mark Rutland wrote:
> > The TL;DR summary is that it's not sufficient for kvm_arch_vcpu_put_fp()
> > to fix up ZCR_ELx. Either:
> >
> > * That needs to be fixed up while IRQs are masked, e.g. by
>
On Fri, 17 Jan 2025 11:34:09 +,
Mark Rutland wrote:
>
> On Fri, Dec 20, 2024 at 04:46:34PM +, Mark Brown wrote:
> > The SVE portion of kvm_vcpu_put() is quite large, especially given the
> > comments required. When we add similar handling for SME the function
> > will get even larger, in
'sk->copied_seq' was updated in the tcp_eat_skb() function when the action
of a BPF program was SK_REDIRECT. For other actions, like SK_PASS, the
update logic for 'sk->copied_seq' was moved to tcp_bpf_recvmsg_parser()
to ensure the accuracy of the 'fionread' feature.
It works for a single stream_v
Add test cases for bpf + strparser and separated them from
sockmap_basic, as strparser has more encapsulation and parsing
capabilities compared to standard sockmap.
Signed-off-by: Jiayuan Chen
---
.../selftests/bpf/prog_tests/sockmap_basic.c | 53 --
.../selftests/bpf/prog_tests/sockmap_strp.c
Currently, only TCP supports strparser, but sockmap doesn't intercept
non-TCP connections to attach strparser. For example, with UDP, although
the read/write handlers are replaced, strparser is not executed due to
the lack of a read_sock operation.
Furthermore, in udp_bpf_recvmsg(), it checks whet
A previous commit described in this topic
http://lore.kernel.org/bpf/20230523025618.113937-9-john.fastab...@gmail.com
directly updated 'sk->copied_seq' in the tcp_eat_skb() function when the
action of a BPF program was SK_REDIRECT. For other actions, like SK_PASS,
the update logic for 'sk->copied_s
Added a new read_sock handler, allowing users to customize read operations
instead of relying on the native socket's read_sock.
Signed-off-by: Jiayuan Chen
---
Documentation/networking/strparser.rst | 9 -
include/net/strparser.h| 2 ++
net/strparser/strparser.c
SOCK_NONBLOCK flag is only effective during socket creation, not during
recv. Use MSG_DONTWAIT instead.
Signed-off-by: Jiayuan Chen
---
tools/testing/selftests/bpf/prog_tests/sockmap_basic.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tools/testing/selftests/bpf/pro
> From: Nicolin Chen
> Sent: Wednesday, January 22, 2025 3:16 PM
>
> On Tue, Jan 21, 2025 at 08:21:28PM -0400, Jason Gunthorpe wrote:
> > On Tue, Jan 21, 2025 at 01:40:05PM -0800, Nicolin Chen wrote:
> > > > There is also the minor detail of what happens if the hypervisor HW
> > > > queue overflo
On Tue, Jan 21, 2025 at 03:18:38PM +0100, Jakub Sitnicki wrote:
> On Tue, Jan 21, 2025 at 01:07 PM +08, Jiayuan Chen wrote:
> > 'sk->copied_seq' was updated in the tcp_eat_skb() function when the
> > action of a BPF program was SK_REDIRECT. For other actions, like SK_PASS,
> > the update logic for
On Tue, Jan 21, 2025 at 01:40:13PM -0800, Nicolin Chen wrote:
> On Tue, Jan 21, 2025 at 05:14:04PM -0400, Jason Gunthorpe wrote:
> > Since we don't hold the spinlock the whole time there is a race where
> > we could pull the overflow off and then another entry could be pushed
> > while we do the co
26 matches
Mail list logo
