diff for duplicates of <1514094961.5221.132.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 5fc7c93..0813b4c 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -9,9 +9,9 @@ On Sun, 2017-12-24 at 00:12 -0500, Mimi Zohar wrote: > > > non-root users. Update evm_calc_hmac_or_hash() to refuse to > > > calculate new hmacs for mounts for non-init user namespaces. > > > -> > > Cc: linux-integrity@vger.kernel.org -> > > Cc: linux-security-module@vger.kernel.org -> > > Cc: linux-kernel@vger.kernel.org +> > > Cc: linux-integrity at vger.kernel.org +> > > Cc: linux-security-module at vger.kernel.org +> > > Cc: linux-kernel at vger.kernel.org > > > Cc: James Morris <james.l.morris@oracle.com> > > > Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> > > @@ -20,12 +20,17 @@ On Sun, 2017-12-24 at 00:12 -0500, Mimi Zohar wrote: > > does this change seem sufficient to you? > > I think this is the correct behavior in the context of fuse file -> systems. This patch, the "ima: define a new policy option named +> systems. ?This patch, the "ima: define a new policy option named > force" patch, and an updated IMA policy should be upstreamed together. -> The cover letter should provide the motivation for these patches. +> ?The cover letter should provide the motivation for these patches. -Ah, this patch is being upstreamed with the fuse mounts patches. I +Ah, this patch is being upstreamed with the fuse mounts patches. ?I guess Seth is planning on posting the IMA policy changes for fuse separately. Mimi + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index b86cf2b..7003631 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -2,21 +2,10 @@ "ref\01f2233a1a028f1eb1e9bea7d06efa6d34e69e752.1512041070.git.dongsu@kinvolk.io\0" "ref\020171223040348.GK6837@mail.hallyn.com\0" "ref\01514092328.5221.116.camel@linux.vnet.ibm.com\0" - "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Subject\0Re: [PATCH 11/11] evm: Don't update hmacs in user ns mounts\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0[PATCH 11/11] evm: Don't update hmacs in user ns mounts\0" "Date\0Sun, 24 Dec 2017 00:56:01 -0500\0" - "To\0Serge E. Hallyn <serge@hallyn.com>" - " Dongsu Park <dongsu@kinvolk.io>\0" - "Cc\0linux-kernel@vger.kernel.org" - containers@lists.linux-foundation.org - Alban Crequy <alban@kinvolk.io> - Eric W . Biederman <ebiederm@xmission.com> - Miklos Szeredi <mszeredi@redhat.com> - Seth Forshee <seth.forshee@canonical.com> - Sargun Dhillon <sargun@sargun.me> - linux-integrity@vger.kernel.org - linux-security-module@vger.kernel.org - " James Morris <james.l.morris@oracle.com>\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Sun, 2017-12-24 at 00:12 -0500, Mimi Zohar wrote:\n" @@ -30,9 +19,9 @@ "> > > non-root users. Update evm_calc_hmac_or_hash() to refuse to\n" "> > > calculate new hmacs for mounts for non-init user namespaces.\n" "> > > \n" - "> > > Cc: linux-integrity@vger.kernel.org\n" - "> > > Cc: linux-security-module@vger.kernel.org\n" - "> > > Cc: linux-kernel@vger.kernel.org\n" + "> > > Cc: linux-integrity at vger.kernel.org\n" + "> > > Cc: linux-security-module at vger.kernel.org\n" + "> > > Cc: linux-kernel at vger.kernel.org\n" "> > > Cc: James Morris <james.l.morris@oracle.com>\n" "> > > Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>\n" "> > \n" @@ -41,14 +30,19 @@ "> > does this change seem sufficient to you?\n" "> \n" "> I think this is the correct behavior in the context of fuse file\n" - "> systems. This patch, the \"ima: define a new policy option named\n" + "> systems. ?This patch, the \"ima: define a new policy option named\n" "> force\" patch, and an updated IMA policy should be upstreamed together.\n" - "> The cover letter should provide the motivation for these patches.\n" + "> ?The cover letter should provide the motivation for these patches.\n" "\n" - "Ah, this patch is being upstreamed with the fuse mounts patches. I\n" + "Ah, this patch is being upstreamed with the fuse mounts patches. ?I\n" "guess Seth is planning on posting the IMA policy changes for fuse\n" "separately.\n" "\n" - Mimi + "Mimi\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -0ce29f26ec9f3ec06e09a859978e6065a3eaee970659f98850fdaef1201612cd +decbd350d5fb04931a7fca032a4f933bfb77488ce553609d3f6b8c7925b9636d
diff --git a/a/1.txt b/N2/1.txt index 5fc7c93..de08c06 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -20,11 +20,11 @@ On Sun, 2017-12-24 at 00:12 -0500, Mimi Zohar wrote: > > does this change seem sufficient to you? > > I think this is the correct behavior in the context of fuse file -> systems. This patch, the "ima: define a new policy option named +> systems. This patch, the "ima: define a new policy option named > force" patch, and an updated IMA policy should be upstreamed together. -> The cover letter should provide the motivation for these patches. +> The cover letter should provide the motivation for these patches. -Ah, this patch is being upstreamed with the fuse mounts patches. I +Ah, this patch is being upstreamed with the fuse mounts patches. I guess Seth is planning on posting the IMA policy changes for fuse separately. diff --git a/a/content_digest b/N2/content_digest index b86cf2b..070a3c8 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -41,14 +41,14 @@ "> > does this change seem sufficient to you?\n" "> \n" "> I think this is the correct behavior in the context of fuse file\n" - "> systems. This patch, the \"ima: define a new policy option named\n" + "> systems. \302\240This patch, the \"ima: define a new policy option named\n" "> force\" patch, and an updated IMA policy should be upstreamed together.\n" - "> The cover letter should provide the motivation for these patches.\n" + "> \302\240The cover letter should provide the motivation for these patches.\n" "\n" - "Ah, this patch is being upstreamed with the fuse mounts patches. I\n" + "Ah, this patch is being upstreamed with the fuse mounts patches. \302\240I\n" "guess Seth is planning on posting the IMA policy changes for fuse\n" "separately.\n" "\n" Mimi -0ce29f26ec9f3ec06e09a859978e6065a3eaee970659f98850fdaef1201612cd +77cce448e4c1b6b863b2a4a4036610df27d3aabe02c6f3d7049f06b66f2c18f8
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.