[dpdk-dev] [PATCH] eal/linux: fix memory allocations in containers+SELinux

Thomas Monjalon thomas at monjalon.net
Tue Oct 6 01:13:06 CEST 2020

Previous message: [dpdk-dev] [PATCH] eal/linux: fix memory allocations in containers+SELinux
Next message: [dpdk-dev] [PATCH v10 04/11] usertools/cpu_layout: support python3 only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

02/10/2020 14:12, Burakov, Anatoly:
> On 02-Oct-20 10:36 AM, David Marchand wrote:
> > On Thu, Sep 17, 2020 at 4:47 PM David Marchand
> > <david.marchand at redhat.com> wrote:
> >>
> >> On Thu, Sep 17, 2020 at 4:17 PM Burakov, Anatoly
> >> <anatoly.burakov at intel.com> wrote:
> >>> Anonymous hugepages shouldn't matter, yes, but single-file segments mode
> >>> does fallocate() and remove - you have the remove part covered, but i'm
> >>> just curious if fallocate() would also cause any issues with SELinux.
> >>
> >> I found no hook in the kernel for fallocate + selinux...
> >> Looked into fallocate itself and it ends up validating lsm write
> >> access on the file.
> >>
> >> I don't have the full setup atm but since I could truncate and write
> >> to it, I'd say we are good.
> > 
> > I could not gain access to the same setup again.
> > 
> > FWIW, I tried with my reproducer:
> > - no issue with --in-memory option (with or without patch)
> > 
> > - error correctly detected (with this patch) in normal mode after restarting:
> 
> Acked-by: Anatoly Burakov <anatoly.burakov at intel.com>

Applied, thanks

Previous message: [dpdk-dev] [PATCH] eal/linux: fix memory allocations in containers+SELinux
Next message: [dpdk-dev] [PATCH v10 04/11] usertools/cpu_layout: support python3 only
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list