[dpdk-dev] [PATCH] eal/linux: fix memory allocations in containers+SELinux

David Marchand david.marchand at redhat.com
Thu Sep 17 16:47:37 CEST 2020


On Thu, Sep 17, 2020 at 4:17 PM Burakov, Anatoly
<anatoly.burakov at intel.com> wrote:
> Anonymous hugepages shouldn't matter, yes, but single-file segments mode
> does fallocate() and remove - you have the remove part covered, but i'm
> just curious if fallocate() would also cause any issues with SELinux.

I found no hook in the kernel for fallocate + selinux...
Looked into fallocate itself and it ends up validating lsm write
access on the file.

I don't have the full setup atm but since I could truncate and write
to it, I'd say we are good.


-- 
David Marchand



More information about the dev mailing list