diff for duplicates of <20170718145716.GA25494@redhat.com> diff --git a/a/1.txt b/N1/1.txt index 875a80f..50754fc 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -40,8 +40,8 @@ On Tue, Jul 18, 2017 at 09:21:22AM -0400, Stefan Berger wrote: > > > > > > xattrs so actually returned string will be smaller than size reported > > > > > > previously. > > > > > This case of size=0 is a problem in userns. Depending on the mapping of the -> > > > > userid's the list can expand. A security.foo at uid=100 can become -> > > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the +> > > > > userid's the list can expand. A security.foo(a)uid=100 can become +> > > > > security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the > > > > > host becomes uid 100000 inside the container. So for now we only have > > > > > security.capability and the way I solved this is by allocating a 65k buffer > > > > > when calling from a userns. In this buffer where we gather the xattr names @@ -81,7 +81,3 @@ again, this time passing that buffer? That way you will not have to hardcode the size of buffer. Vivek --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index ffc2ab1..3763b3c 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,16 +1,9 @@ - "ref\01499785511-17192-1-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\01499785511-17192-2-git-send-email-stefanb@linux.vnet.ibm.com\0" - "ref\020170717185811.GC15794@redhat.com\0" - "ref\07a39e8a6-a33b-f6a8-3fd5-6211c075ab91@linux.vnet.ibm.com\0" - "ref\020170718114849.GA8233@redhat.com\0" - "ref\055971eea-fde2-439a-2fe5-d0ae5e80bc22@linux.vnet.ibm.com\0" - "ref\020170718123009.GB8233@redhat.com\0" "ref\0cc515ca0-c5fa-412f-3f57-a41178b060a9@linux.vnet.ibm.com\0" - "From\0vgoyal@redhat.com (Vivek Goyal)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Vivek Goyal <vgoyal@redhat.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 10:57:16 -0400\0" - "To\0linux-security-module@vger.kernel.org\0" - "\00:1\0" + "To\0lkp@lists.01.org\0" + "\01:1\0" "b\0" "On Tue, Jul 18, 2017 at 09:21:22AM -0400, Stefan Berger wrote:\n" "> On 07/18/2017 08:30 AM, Vivek Goyal wrote:\n" @@ -54,8 +47,8 @@ "> > > > > > xattrs so actually returned string will be smaller than size reported\n" "> > > > > > previously.\n" "> > > > > This case of size=0 is a problem in userns. Depending on the mapping of the\n" - "> > > > > userid's the list can expand. A security.foo at uid=100 can become\n" - "> > > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + "> > > > > userid's the list can expand. A security.foo(a)uid=100 can become\n" + "> > > > > security.foo(a)uid=100000, if the mapping is set up so that uid 100 on the\n" "> > > > > host becomes uid 100000 inside the container. So for now we only have\n" "> > > > > security.capability and the way I solved this is by allocating a 65k buffer\n" "> > > > > when calling from a userns. In this buffer where we gather the xattr names\n" @@ -94,10 +87,6 @@ "again, this time passing that buffer? That way you will not have to\n" "hardcode the size of buffer.\n" "\n" - "Vivek\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Vivek -fbaf0725cf909d4c944b64ce237652aa30c135ee37e44a5215bb05bebec1e61b +5b6b88b6fac4f631a9873266b94240440d63d963e333df7d266df15c5605ded3
diff --git a/a/1.txt b/N2/1.txt index 875a80f..02b883d 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -40,8 +40,8 @@ On Tue, Jul 18, 2017 at 09:21:22AM -0400, Stefan Berger wrote: > > > > > > xattrs so actually returned string will be smaller than size reported > > > > > > previously. > > > > > This case of size=0 is a problem in userns. Depending on the mapping of the -> > > > > userid's the list can expand. A security.foo at uid=100 can become -> > > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the +> > > > > userid's the list can expand. A security.foo@uid=100 can become +> > > > > security.foo@uid=100000, if the mapping is set up so that uid 100 on the > > > > > host becomes uid 100000 inside the container. So for now we only have > > > > > security.capability and the way I solved this is by allocating a 65k buffer > > > > > when calling from a userns. In this buffer where we gather the xattr names @@ -81,7 +81,3 @@ again, this time passing that buffer? That way you will not have to hardcode the size of buffer. Vivek --- -To unsubscribe from this list: send the line "unsubscribe linux-security-module" in -the body of a message to majordomo at vger.kernel.org -More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index ffc2ab1..c19f7d2 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -6,10 +6,22 @@ "ref\055971eea-fde2-439a-2fe5-d0ae5e80bc22@linux.vnet.ibm.com\0" "ref\020170718123009.GB8233@redhat.com\0" "ref\0cc515ca0-c5fa-412f-3f57-a41178b060a9@linux.vnet.ibm.com\0" - "From\0vgoyal@redhat.com (Vivek Goyal)\0" - "Subject\0[PATCH v2] xattr: Enable security.capability in user namespaces\0" + "From\0Vivek Goyal <vgoyal@redhat.com>\0" + "Subject\0Re: [PATCH v2] xattr: Enable security.capability in user namespaces\0" "Date\0Tue, 18 Jul 2017 10:57:16 -0400\0" - "To\0linux-security-module@vger.kernel.org\0" + "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0" + "Cc\0ebiederm@xmission.com" + containers@lists.linux-foundation.org + lkp@01.org + linux-kernel@vger.kernel.org + zohar@linux.vnet.ibm.com + tycho@docker.com + serge@hallyn.com + James.Bottomley@hansenpartnership.com + christian.brauner@mailbox.org + amir73il@gmail.com + linux-security-module@vger.kernel.org + " casey@schaufler-ca.com\0" "\00:1\0" "b\0" "On Tue, Jul 18, 2017 at 09:21:22AM -0400, Stefan Berger wrote:\n" @@ -54,8 +66,8 @@ "> > > > > > xattrs so actually returned string will be smaller than size reported\n" "> > > > > > previously.\n" "> > > > > This case of size=0 is a problem in userns. Depending on the mapping of the\n" - "> > > > > userid's the list can expand. A security.foo at uid=100 can become\n" - "> > > > > security.foo at uid=100000, if the mapping is set up so that uid 100 on the\n" + "> > > > > userid's the list can expand. A security.foo@uid=100 can become\n" + "> > > > > security.foo@uid=100000, if the mapping is set up so that uid 100 on the\n" "> > > > > host becomes uid 100000 inside the container. So for now we only have\n" "> > > > > security.capability and the way I solved this is by allocating a 65k buffer\n" "> > > > > when calling from a userns. In this buffer where we gather the xattr names\n" @@ -94,10 +106,6 @@ "again, this time passing that buffer? That way you will not have to\n" "hardcode the size of buffer.\n" "\n" - "Vivek\n" - "--\n" - "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" - "the body of a message to majordomo at vger.kernel.org\n" - More majordomo info at http://vger.kernel.org/majordomo-info.html + Vivek -fbaf0725cf909d4c944b64ce237652aa30c135ee37e44a5215bb05bebec1e61b +241865419471034e52063c131e5e8cd4817cb370deb335e873e6a5a5aee5a280
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.