diff for duplicates of <20171223040348.GK6837@mail.hallyn.com> diff --git a/a/1.txt b/N1/1.txt index 5da8c82..399c783 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -1,23 +1,23 @@ On Fri, Dec 22, 2017 at 03:32:35PM +0100, Dongsu Park wrote: -> From: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> +> From: Seth Forshee <seth.forshee@canonical.com> > > The kernel should not calculate new hmacs for mounts done by > non-root users. Update evm_calc_hmac_or_hash() to refuse to > calculate new hmacs for mounts for non-init user namespaces. > -> Cc: linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org -> Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org -> Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org -> Cc: James Morris <james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> -> Cc: Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> +> Cc: linux-integrity@vger.kernel.org +> Cc: linux-security-module@vger.kernel.org +> Cc: linux-kernel@vger.kernel.org +> Cc: James Morris <james.l.morris@oracle.com> +> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Hi Mimi, does this change seem sufficient to you? -> Cc: "Serge E. Hallyn" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org> -> Signed-off-by: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> -> Signed-off-by: Dongsu Park <dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> +> Cc: "Serge E. Hallyn" <serge@hallyn.com> +> Signed-off-by: Seth Forshee <seth.forshee@canonical.com> +> Signed-off-by: Dongsu Park <dongsu@kinvolk.io> > --- > security/integrity/evm/evm_crypto.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/a/content_digest b/N1/content_digest index f0fec9b..666f17f 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,43 +1,43 @@ "ref\0cover.1512741134.git.dongsu@kinvolk.io\0" "ref\01f2233a1a028f1eb1e9bea7d06efa6d34e69e752.1512041070.git.dongsu@kinvolk.io\0" - "ref\01f2233a1a028f1eb1e9bea7d06efa6d34e69e752.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org\0" - "From\0Serge E. Hallyn <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>\0" + "From\0Serge E. Hallyn <serge@hallyn.com>\0" "Subject\0Re: [PATCH 11/11] evm: Don't update hmacs in user ns mounts\0" "Date\0Fri, 22 Dec 2017 22:03:48 -0600\0" - "To\0Dongsu Park <dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org>\0" - "Cc\0Miklos Szeredi <mszeredi-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>" - containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org - linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> - linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - Alban Crequy <alban-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> - Eric W . Biederman <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> - James Morris <james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> - Sargun Dhillon <sargun-GaZTRHToo+CzQB+pC5nmwQ@public.gmane.org> - linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - " Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0" + "To\0Dongsu Park <dongsu@kinvolk.io>\0" + "Cc\0linux-kernel@vger.kernel.org" + containers@lists.linux-foundation.org + Alban Crequy <alban@kinvolk.io> + Eric W . Biederman <ebiederm@xmission.com> + Miklos Szeredi <mszeredi@redhat.com> + Seth Forshee <seth.forshee@canonical.com> + Sargun Dhillon <sargun@sargun.me> + linux-integrity@vger.kernel.org + linux-security-module@vger.kernel.org + James Morris <james.l.morris@oracle.com> + Mimi Zohar <zohar@linux.vnet.ibm.com> + " Serge E. Hallyn <serge@hallyn.com>\0" "\00:1\0" "b\0" "On Fri, Dec 22, 2017 at 03:32:35PM +0100, Dongsu Park wrote:\n" - "> From: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>\n" + "> From: Seth Forshee <seth.forshee@canonical.com>\n" "> \n" "> The kernel should not calculate new hmacs for mounts done by\n" "> non-root users. Update evm_calc_hmac_or_hash() to refuse to\n" "> calculate new hmacs for mounts for non-init user namespaces.\n" "> \n" - "> Cc: linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org\n" - "> Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org\n" - "> Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org\n" - "> Cc: James Morris <james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>\n" - "> Cc: Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\n" + "> Cc: linux-integrity@vger.kernel.org\n" + "> Cc: linux-security-module@vger.kernel.org\n" + "> Cc: linux-kernel@vger.kernel.org\n" + "> Cc: James Morris <james.l.morris@oracle.com>\n" + "> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>\n" "\n" "Hi Mimi,\n" "\n" "does this change seem sufficient to you?\n" "\n" - "> Cc: \"Serge E. Hallyn\" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>\n" - "> Signed-off-by: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>\n" - "> Signed-off-by: Dongsu Park <dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org>\n" + "> Cc: \"Serge E. Hallyn\" <serge@hallyn.com>\n" + "> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>\n" + "> Signed-off-by: Dongsu Park <dongsu@kinvolk.io>\n" "> ---\n" "> security/integrity/evm/evm_crypto.c | 3 ++-\n" "> 1 file changed, 2 insertions(+), 1 deletion(-)\n" @@ -59,4 +59,4 @@ "> -- \n" > 2.13.6 -3502e849ca1dbcca68a8773382fa52f69097c989131f58ece376e4abd9c52758 +e57809775d3361c82a6a10d6a86175b9146f836051741e3235b08ad737965e10
diff --git a/a/1.txt b/N2/1.txt index 5da8c82..d2262c9 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -1,23 +1,23 @@ On Fri, Dec 22, 2017 at 03:32:35PM +0100, Dongsu Park wrote: -> From: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> +> From: Seth Forshee <seth.forshee@canonical.com> > > The kernel should not calculate new hmacs for mounts done by > non-root users. Update evm_calc_hmac_or_hash() to refuse to > calculate new hmacs for mounts for non-init user namespaces. > -> Cc: linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org -> Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org -> Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org -> Cc: James Morris <james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> -> Cc: Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> +> Cc: linux-integrity at vger.kernel.org +> Cc: linux-security-module at vger.kernel.org +> Cc: linux-kernel at vger.kernel.org +> Cc: James Morris <james.l.morris@oracle.com> +> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com> Hi Mimi, does this change seem sufficient to you? -> Cc: "Serge E. Hallyn" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org> -> Signed-off-by: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> -> Signed-off-by: Dongsu Park <dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> +> Cc: "Serge E. Hallyn" <serge@hallyn.com> +> Signed-off-by: Seth Forshee <seth.forshee@canonical.com> +> Signed-off-by: Dongsu Park <dongsu@kinvolk.io> > --- > security/integrity/evm/evm_crypto.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) @@ -38,3 +38,7 @@ does this change seem sufficient to you? > desc = init_desc(type); > -- > 2.13.6 +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index f0fec9b..42265d7 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,43 +1,31 @@ "ref\0cover.1512741134.git.dongsu@kinvolk.io\0" "ref\01f2233a1a028f1eb1e9bea7d06efa6d34e69e752.1512041070.git.dongsu@kinvolk.io\0" - "ref\01f2233a1a028f1eb1e9bea7d06efa6d34e69e752.1512041070.git.dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org\0" - "From\0Serge E. Hallyn <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>\0" - "Subject\0Re: [PATCH 11/11] evm: Don't update hmacs in user ns mounts\0" + "From\0serge@hallyn.com (Serge E. Hallyn)\0" + "Subject\0[PATCH 11/11] evm: Don't update hmacs in user ns mounts\0" "Date\0Fri, 22 Dec 2017 22:03:48 -0600\0" - "To\0Dongsu Park <dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org>\0" - "Cc\0Miklos Szeredi <mszeredi-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>" - containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org - linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org> - linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - Alban Crequy <alban-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org> - Eric W . Biederman <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> - James Morris <james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> - Sargun Dhillon <sargun-GaZTRHToo+CzQB+pC5nmwQ@public.gmane.org> - linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - " Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Fri, Dec 22, 2017 at 03:32:35PM +0100, Dongsu Park wrote:\n" - "> From: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>\n" + "> From: Seth Forshee <seth.forshee@canonical.com>\n" "> \n" "> The kernel should not calculate new hmacs for mounts done by\n" "> non-root users. Update evm_calc_hmac_or_hash() to refuse to\n" "> calculate new hmacs for mounts for non-init user namespaces.\n" "> \n" - "> Cc: linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org\n" - "> Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org\n" - "> Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org\n" - "> Cc: James Morris <james.l.morris-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>\n" - "> Cc: Mimi Zohar <zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\n" + "> Cc: linux-integrity at vger.kernel.org\n" + "> Cc: linux-security-module at vger.kernel.org\n" + "> Cc: linux-kernel at vger.kernel.org\n" + "> Cc: James Morris <james.l.morris@oracle.com>\n" + "> Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>\n" "\n" "Hi Mimi,\n" "\n" "does this change seem sufficient to you?\n" "\n" - "> Cc: \"Serge E. Hallyn\" <serge-A9i7LUbDfNHQT0dZR+AlfA@public.gmane.org>\n" - "> Signed-off-by: Seth Forshee <seth.forshee-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>\n" - "> Signed-off-by: Dongsu Park <dongsu-lYLaGTFnO9sWenYVfaLwtA@public.gmane.org>\n" + "> Cc: \"Serge E. Hallyn\" <serge@hallyn.com>\n" + "> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>\n" + "> Signed-off-by: Dongsu Park <dongsu@kinvolk.io>\n" "> ---\n" "> security/integrity/evm/evm_crypto.c | 3 ++-\n" "> 1 file changed, 2 insertions(+), 1 deletion(-)\n" @@ -57,6 +45,10 @@ "> \n" "> \tdesc = init_desc(type);\n" "> -- \n" - > 2.13.6 + "> 2.13.6\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -3502e849ca1dbcca68a8773382fa52f69097c989131f58ece376e4abd9c52758 +79622e350630103db900cda4b18ab5d4c02f4f1472db1f399ba5134a3db990b6
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.