Re: RFC rdma cgroup

2015-11-02 Thread Haggai Eran
On 29/10/2015 20:46, Parav Pandit wrote: > On Thu, Oct 29, 2015 at 8:27 PM, Haggai Eran wrote: >> On 28/10/2015 10:29, Parav Pandit wrote: >>> 3. Resources are not defined by the RDMA cgroup. Resources are defined >>> by RDMA/IB subsystem and optionally by HCA vendor device

Re: [PATCH v2 1/3] keys, trusted: select the hash algorithm

2015-11-02 Thread Jarkko Sakkinen
On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote: > On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote: > > > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct > > trusted_key_payload *pay, > > return -EINVAL; > >

Re: [PATCH RFC] tpm: seal with a policy

2015-11-02 Thread Jarkko Sakkinen
On Mon, Nov 02, 2015 at 07:48:42AM -0500, Mimi Zohar wrote: > On Sat, 2015-10-31 at 17:53 +0200, Jarkko Sakkinen wrote: > > Support for sealing with a policy. > > > > Two new options for trusted keys: > > > > * 'policydigest=': provide a policydigest for the seal operation. > > *

Re: [PATCH v2 1/3] keys, trusted: select the hash algorithm

2015-11-02 Thread Jarkko Sakkinen
On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote: > On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote: > > > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct > > trusted_key_payload *pay, > > return -EINVAL; > >

Re: [PATCH v5 6/7] selinux: Revalidate invalid inode security labels

2015-11-02 Thread Stephen Smalley
On 11/02/2015 02:27 PM, Paul Moore wrote: On Sunday, November 01, 2015 06:24:32 PM Andreas Gruenbacher wrote: When fetching an inode's security label, check if it is still valid, and try reloading it if it is not. Reloading will fail when we are in RCU context which doesn't allow sleeping, or

Re: [PATCH v5 6/7] selinux: Revalidate invalid inode security labels

2015-11-02 Thread Paul Moore
On Sunday, November 01, 2015 06:24:32 PM Andreas Gruenbacher wrote: > When fetching an inode's security label, check if it is still valid, and > try reloading it if it is not. Reloading will fail when we are in RCU > context which doesn't allow sleeping, or when we can't find a dentry for > the

Re: [PATCH v2 1/3] keys, trusted: select the hash algorithm

2015-11-02 Thread Mimi Zohar
On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote: > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct > trusted_key_payload *pay, > return -EINVAL; > opt->pcrlock = lock; > break; > + case

Re: [PATCH RFC] tpm: seal with a policy

2015-11-02 Thread Mimi Zohar
On Sat, 2015-10-31 at 17:53 +0200, Jarkko Sakkinen wrote: > Support for sealing with a policy. > > Two new options for trusted keys: > > * 'policydigest=': provide a policydigest for the seal operation. > * 'policyhandle=': provide handle for a policy session for unsealing. Please expand the