diff for duplicates of <20170718123603.GC8233@redhat.com> diff --git a/a/1.txt b/N1/1.txt index 85047f9..69ab29a 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -39,8 +39,8 @@ On Tue, Jul 18, 2017 at 08:30:09AM -0400, Vivek Goyal wrote: > > > > > xattrs so actually returned string will be smaller than size reported > > > > > previously. > > > > This case of size=0 is a problem in userns. Depending on the mapping of the -> > > > userid's the list can expand. A security.foo at uid=100 can become -> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the +> > > > userid's the list can expand. A security.foo(a)uid=100 can become +> > > > security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the > > > > host becomes uid 100000 inside the container. So for now we only have > > > > security.capability and the way I solved this is by allocating a 65k buffer > > > > when calling from a userns. In this buffer where we gather the xattr names @@ -77,7 +77,3 @@ allocating that big buffer and getting the whole list internally, doing mapping and returning size to user space. Hmm... Vivek --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index ee974da..2817328 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,15 +1,9 @@ - "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\020170717185811.GC15794@redhat.com\0" - "ref\07a39e8a6-a33b-f6a8-3fd5-6211c075ab91@linux.vnet.ibm.com\0" - "ref\020170718114849.GA8233@redhat.com\0" - "ref\055971eea-fde2-439a-2fe5-d0ae5e80bc22@linux.vnet.ibm.com\0" "ref\020170718123009.GB8233@redhat.com\0" - "From\0vgoyal@redhat.com (Vivek Goyal)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Vivek Goyal <vgoyal@redhat.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 08:36:03 -0400\0" - "To\0linux-security-module@vger.kernel.org\0" - "\00:1\0" + "To\0lkp@lists.01.org\0" + "\01:1\0" "b\0" "On Tue, Jul 18, 2017 at 08:30:09AM -0400, Vivek Goyal wrote:\n" "> On Tue, Jul 18, 2017 at 08:05:18AM -0400, Stefan Berger wrote:\n" @@ -52,8 +46,8 @@ "> > > > > xattrs so actually returned string will be smaller than size reported\n" "> > > > > previously.\n" "> > > > This case of size=0 is a problem in userns. Depending on the mapping of the\n" - "> > > > userid's the list can expand. A security.foo at uid=100 can become\n" - "> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + "> > > > userid's the list can expand. A security.foo(a)uid=100 can become\n" + "> > > > security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the\n" "> > > > host becomes uid 100000 inside the container. So for now we only have\n" "> > > > security.capability and the way I solved this is by allocating a 65k buffer\n" "> > > > when calling from a userns. In this buffer where we gather the xattr names\n" @@ -89,10 +83,6 @@ "allocating that big buffer and getting the whole list internally, doing\n" "mapping and returning size to user space. Hmm...\n" "\n" - "Vivek\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Vivek -711df11e220afae58b6355ef2460d80295736d1e700910cf610a30249d530672 +51eb1c7e9a946cf3e0963a31d0c9c5ea1a0705f6c2050c1276517bbafa4e44c2
diff --git a/a/1.txt b/N2/1.txt index 85047f9..8f285d1 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -39,8 +39,8 @@ On Tue, Jul 18, 2017 at 08:30:09AM -0400, Vivek Goyal wrote: > > > > > xattrs so actually returned string will be smaller than size reported > > > > > previously. > > > > This case of size=0 is a problem in userns. Depending on the mapping of the -> > > > userid's the list can expand. A security.foo at uid=100 can become -> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the +> > > > userid's the list can expand. A security.foo@uid=100 can become +> > > > security.foo@uid=100000, if the mapping is set up so that uid 100 on the > > > > host becomes uid 100000 inside the container. So for now we only have > > > > security.capability and the way I solved this is by allocating a 65k buffer > > > > when calling from a userns. In this buffer where we gather the xattr names @@ -77,7 +77,3 @@ allocating that big buffer and getting the whole list internally, doing mapping and returning size to user space. Hmm... Vivek --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index ee974da..9897183 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -5,10 +5,23 @@ "ref\020170718114849.GA8233@redhat.com\0" "ref\055971eea-fde2-439a-2fe5-d0ae5e80bc22@linux.vnet.ibm.com\0" "ref\020170718123009.GB8233@redhat.com\0" - "From\0vgoyal@redhat.com (Vivek Goyal)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Vivek Goyal <vgoyal@redhat.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 08:36:03 -0400\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0" + "Cc\0Stefan Berger <StefanBergerstefanb@linux.vnet.ibm.com>" + ebiederm@xmission.com + containers@lists.linux-foundation.org + lkp@01.org + linux-kernel@vger.kernel.org + zohar@linux.vnet.ibm.com + tycho@docker.com + serge@hallyn.com + James.Bottomley@hansenpartnership.com + christian.brauner@mailbox.org + amir73il@gmail.com + linux-security-module@vger.kernel.org + " casey@schaufler-ca.com\0" "\00:1\0" "b\0" "On Tue, Jul 18, 2017 at 08:30:09AM -0400, Vivek Goyal wrote:\n" @@ -52,8 +65,8 @@ "> > > > > xattrs so actually returned string will be smaller than size reported\n" "> > > > > previously.\n" "> > > > This case of size=0 is a problem in userns. Depending on the mapping of the\n" - "> > > > userid's the list can expand. A security.foo at uid=100 can become\n" - "> > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + "> > > > userid's the list can expand. A security.foo@uid=100 can become\n" + "> > > > security.foo@uid=100000, if the mapping is set up so that uid 100 on the\n" "> > > > host becomes uid 100000 inside the container. So for now we only have\n" "> > > > security.capability and the way I solved this is by allocating a 65k buffer\n" "> > > > when calling from a userns. In this buffer where we gather the xattr names\n" @@ -89,10 +102,6 @@ "allocating that big buffer and getting the whole list internally, doing\n" "mapping and returning size to user space. Hmm...\n" "\n" - "Vivek\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Vivek -711df11e220afae58b6355ef2460d80295736d1e700910cf610a30249d530672 +7a6edf3b30732d6c7cd4633dad3e9caed683dfa3ddff8c5fc2d1cbbc23fc0c76
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.