On 29/10/2015 20:46, Parav Pandit wrote:
> On Thu, Oct 29, 2015 at 8:27 PM, Haggai Eran wrote:
>> On 28/10/2015 10:29, Parav Pandit wrote:
>>> 3. Resources are not defined by the RDMA cgroup. Resources are defined
>>> by RDMA/IB subsystem and optionally by HCA vendor device
On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote:
> On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote:
>
> > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct
> > trusted_key_payload *pay,
> > return -EINVAL;
> >
On Mon, Nov 02, 2015 at 07:48:42AM -0500, Mimi Zohar wrote:
> On Sat, 2015-10-31 at 17:53 +0200, Jarkko Sakkinen wrote:
> > Support for sealing with a policy.
> >
> > Two new options for trusted keys:
> >
> > * 'policydigest=': provide a policydigest for the seal operation.
> > *
On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote:
> On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote:
>
> > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct
> > trusted_key_payload *pay,
> > return -EINVAL;
> >
On 11/02/2015 02:27 PM, Paul Moore wrote:
On Sunday, November 01, 2015 06:24:32 PM Andreas Gruenbacher wrote:
When fetching an inode's security label, check if it is still valid, and
try reloading it if it is not. Reloading will fail when we are in RCU
context which doesn't allow sleeping, or
On Sunday, November 01, 2015 06:24:32 PM Andreas Gruenbacher wrote:
> When fetching an inode's security label, check if it is still valid, and
> try reloading it if it is not. Reloading will fail when we are in RCU
> context which doesn't allow sleeping, or when we can't find a dentry for
> the
On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote:
> @@ -787,6 +791,20 @@ static int getoptions(char *c, struct
> trusted_key_payload *pay,
> return -EINVAL;
> opt->pcrlock = lock;
> break;
> + case
On Sat, 2015-10-31 at 17:53 +0200, Jarkko Sakkinen wrote:
> Support for sealing with a policy.
>
> Two new options for trusted keys:
>
> * 'policydigest=': provide a policydigest for the seal operation.
> * 'policyhandle=': provide handle for a policy session for unsealing.
Please expand the