On Mon, 16 May 2011, Ingo Molnar wrote:
> > Not really.
> >
> > Firstly, what is the security goal of these restrictions? [...]
>
> To do what i described above? Namely:
>
> " Sandboxed code should only be allowed to open files in /home/sandbox/,
> /lib/
>and /usr/lib/ "
These are access
In message <1305589123.2781.15.camel@pasglop> you wrote:
> On Mon, 2011-05-16 at 16:37 +1000, Michael Neuling wrote:
> > > what is the best book to learn assembly and architecture .
> >
> > Reading the architecture books with a nice cup of tea.
> >
> > http://www.power.org/resources/down
On Mon, 2011-05-16 at 16:37 +1000, Michael Neuling wrote:
> > what is the best book to learn assembly and architecture .
>
> Reading the architecture books with a nice cup of tea.
>
> http://www.power.org/resources/downloads/PowerISA_V2.06B_V2_PUBLIC.pdf
>
A slightly less steep approac
On Mon, 2011-05-16 at 11:21 -0500, Timur Tabi wrote:
> I would like to get some opinions on the following.
>
> I'm working on extending our existing board definition files to support our
> ePAPR reference hypervisor. Because our hypervisor provides a virtual PIC, we
> need to have different funct
It seems that Adrian is getting old. He removed almost everything of
GEMINI in commit c53653130 ("[POWERPC] Remove the broken Gemini
support") except this piece.
Signed-off-by: Sebastian Andrzej Siewior
---
arch/powerpc/kernel/head_32.S | 13 -
1 files changed, 0 insertions(+), 13
On Mon, 2011-05-16 at 18:52 +0200, Ingo Molnar wrote:
> * Steven Rostedt wrote:
>
> > I'm a bit nervous about the 'active' role of (trace_)events, because of the
> > way multiple callbacks can be registered. How would:
> >
> > err = event_x();
> > if (err == -EACCESS) {
> >
> > be hand
* Steven Rostedt wrote:
> I'm a bit nervous about the 'active' role of (trace_)events, because of the
> way multiple callbacks can be registered. How would:
>
> err = event_x();
> if (err == -EACCESS) {
>
> be handled? [...]
The default behavior would be something obvious: to tri
On Fri, 2011-05-13 at 16:57 +0200, Ingo Molnar wrote:
> > > > Then there's the whole indirection argument, if you don't need
> > > > indirection, its often better to not use it, I myself much prefer code
> > > > to look like:
> > > >
> > > >foo1(bar);
> > > >foo2(bar);
> > > >foo3(bar
I would like to get some opinions on the following.
I'm working on extending our existing board definition files to support our
ePAPR reference hypervisor. Because our hypervisor provides a virtual PIC, we
need to have different functions for define_machine() structure that related to
the PIC, bu
Add new nodes to describe more hardware the board is
equipped with:
- two can nodes for SJA1000 on localbus
- pci node to support Coral-PA graphics controller
- serial node for SC28L92 DUART on localbus
- spi node for MSP430 device
Also correct i2c eeprom node name.
Signed-off-by: Heiko Schoc
Both, #address-cells and #size-cells properties are required
for spi bus node, so add them.
Signed-off-by: Anatolij Gustschin
---
arch/powerpc/boot/dts/mpc5200b.dtsi |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/arch/powerpc/boot/dts/mpc5200b.dtsi
b/arch/powerpc/boot
Sorry to be absent from this thread so far, I just got back from my
travels and I'm now catching up on email.
On Wed, 2011-05-11 at 22:02 -0500, Will Drewry wrote:
> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> index 377a7a5..22e1668 100644
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
On Mon, May 16, 2011 at 7:43 AM, Ingo Molnar wrote:
>
> * Will Drewry wrote:
>
>> > Note, i'm not actually asking for the moon, a pony and more.
>> >
>> > I fully submit that we are yet far away from being able to do a full LSM
>> > via this mechanism.
>> >
>> > What i'm asking for is that becaus
On Mon, May 16, 2011 at 10:26 AM, Steven Rostedt wrote:
> Sorry to be absent from this thread so far, I just got back from my
> travels and I'm now catching up on email.
>
>
> On Wed, 2011-05-11 at 22:02 -0500, Will Drewry wrote:
>
>> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
>> index 377a7
* James Morris wrote:
> On Fri, 13 May 2011, Ingo Molnar wrote:
>
> > Say i'm a user-space sandbox developer who wants to enforce that sandboxed
> > code should only be allowed to open files in /home/sandbox/, /lib/ and
> > /usr/lib/.
> >
> > It is a simple and sensible security feature, agr
On Mon, May 16, 2011 at 7:55 AM, Ingo Molnar wrote:
>
> * Will Drewry wrote:
>
>> I agree with you on many of these points! However, I don't think that the
>> views around LSMs, perf/ftrace infrastructure, or the current seccomp
>> filtering implementation are necessarily in conflict. Here is m
* Will Drewry wrote:
> I agree with you on many of these points! However, I don't think that the
> views around LSMs, perf/ftrace infrastructure, or the current seccomp
> filtering implementation are necessarily in conflict. Here is my
> understanding of how the different worlds fit togethe
* Will Drewry wrote:
> > Note, i'm not actually asking for the moon, a pony and more.
> >
> > I fully submit that we are yet far away from being able to do a full LSM
> > via this mechanism.
> >
> > What i'm asking for is that because the syscall point steps taken by Will
> > look very promisi
* Arnd Bergmann wrote:
> On Saturday 14 May 2011, Will Drewry wrote:
> > Depending on integration, it could even be limited to ioctl commands
> > that are appropriate to a known fd if the fd is opened prior to
> > entering seccomp mode 2. Alternatively, __NR__ioctl could be allowed
> > with a fi
* David Laight wrote:
> [...] unfortunately it worked by looking at the user-space buffers on system
> call entry - and a multithreaded program can easily arrange to update them
> after the initial check! [...]
Such problems of reliability/persistency of security checks is exactly one of
my
Hi all,
My setup is as below I've two MPC8315E board from freescale connected as
below
PC1 mpc board1 --- mpc board 2 - PC2.
I've installed openswan 2.6.18 on the mpc boards for encrypting the data
sent over the link between mpc boards using IPSEC. I've l2tpv3 bridge
between the mpc bo
21 matches
Mail list logo
