From: "Jan Kaluža" <jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
To: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Cc: rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
LKML <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
eparis-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org,
tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org
Subject: Re: [PATCH v3 1/3] Send loginuid and sessionid in SCM_AUDIT
Date: Wed, 04 Sep 2013 11:07:05 +0200 [thread overview]
Message-ID: <5226F839.4010704@redhat.com> (raw)
In-Reply-To: <87bo49gifv.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
On 09/04/2013 09:22 AM, Eric W. Biederman wrote:
> Jan Kaluza <jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> writes:
>
>> Server-like processes in many cases need credentials and other
>> metadata of the peer, to decide if the calling process is allowed to
>> request a specific action, or the server just wants to log away this
>> type of information for auditing tasks.
>>
>> The current practice to retrieve such process metadata is to look that
>> information up in procfs with the $PID received over SCM_CREDENTIALS.
>> This is sufficient for long-running tasks, but introduces a race which
>> cannot be worked around for short-living processes; the calling
>> process and all the information in /proc/$PID/ is gone before the
>> receiver of the socket message can look it up.
>>
>> This introduces a new SCM type called SCM_AUDIT to allow the direct
>> attaching of "loginuid" and "sessionid" to SCM, which is significantly more
>> efficient and will reliably avoid the race with the round-trip over
>> procfs.
>
> Unless I am misreading something this patch will break the build if
> CONFIG_AUDITSYSCALL is not defined.
It does build. In this case, audit_get_loginuid returns INVALID_UID and
audit_get_sessionid returns -1.
Jan Kaluza
> Eric
>
>
>> Signed-off-by: Jan Kaluza <jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
>> ---
>> include/linux/socket.h | 6 ++++++
>> include/net/af_unix.h | 2 ++
>> include/net/scm.h | 28 ++++++++++++++++++++++++++--
>> net/unix/af_unix.c | 7 +++++++
>> 4 files changed, 41 insertions(+), 2 deletions(-)
>>
>> diff --git a/include/linux/socket.h b/include/linux/socket.h
>> index 445ef75..505047a 100644
>> --- a/include/linux/socket.h
>> +++ b/include/linux/socket.h
>> @@ -130,6 +130,7 @@ static inline struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr
>> #define SCM_RIGHTS 0x01 /* rw: access rights (array of int) */
>> #define SCM_CREDENTIALS 0x02 /* rw: struct ucred */
>> #define SCM_SECURITY 0x03 /* rw: security label */
>> +#define SCM_AUDIT 0x04 /* rw: struct uaudit */
>>
>> struct ucred {
>> __u32 pid;
>> @@ -137,6 +138,11 @@ struct ucred {
>> __u32 gid;
>> };
>>
>> +struct uaudit {
>> + __u32 loginuid;
>> + __u32 sessionid;
>> +};
>> +
>> /* Supported address families. */
>> #define AF_UNSPEC 0
>> #define AF_UNIX 1 /* Unix domain sockets */
>> diff --git a/include/net/af_unix.h b/include/net/af_unix.h
>> index a175ba4..3b9d22a 100644
>> --- a/include/net/af_unix.h
>> +++ b/include/net/af_unix.h
>> @@ -36,6 +36,8 @@ struct unix_skb_parms {
>> u32 secid; /* Security ID */
>> #endif
>> u32 consumed;
>> + kuid_t loginuid;
>> + unsigned int sessionid;
>> };
>>
>> #define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb))
>> diff --git a/include/net/scm.h b/include/net/scm.h
>> index 8de2d37..e349a25 100644
>> --- a/include/net/scm.h
>> +++ b/include/net/scm.h
>> @@ -6,6 +6,7 @@
>> #include <linux/security.h>
>> #include <linux/pid.h>
>> #include <linux/nsproxy.h>
>> +#include <linux/audit.h>
>>
>> /* Well, we should have at least one descriptor open
>> * to accept passed FDs 8)
>> @@ -18,6 +19,11 @@ struct scm_creds {
>> kgid_t gid;
>> };
>>
>> +struct scm_audit {
>> + kuid_t loginuid;
>> + unsigned int sessionid;
>> +};
>> +
>> struct scm_fp_list {
>> short count;
>> short max;
>> @@ -28,6 +34,7 @@ struct scm_cookie {
>> struct pid *pid; /* Skb credentials */
>> struct scm_fp_list *fp; /* Passed files */
>> struct scm_creds creds; /* Skb credentials */
>> + struct scm_audit audit; /* Skb audit */
>> #ifdef CONFIG_SECURITY_NETWORK
>> u32 secid; /* Passed security ID */
>> #endif
>> @@ -58,6 +65,13 @@ static __inline__ void scm_set_cred(struct scm_cookie *scm,
>> scm->creds.gid = gid;
>> }
>>
>> +static inline void scm_set_audit(struct scm_cookie *scm,
>> + kuid_t loginuid, unsigned int sessionid)
>> +{
>> + scm->audit.loginuid = loginuid;
>> + scm->audit.sessionid = sessionid;
>> +}
>> +
>> static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
>> {
>> put_pid(scm->pid);
>> @@ -77,8 +91,12 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
>> memset(scm, 0, sizeof(*scm));
>> scm->creds.uid = INVALID_UID;
>> scm->creds.gid = INVALID_GID;
>> - if (forcecreds)
>> - scm_set_cred(scm, task_tgid(current), current_uid(), current_gid());
>> + if (forcecreds) {
>> + scm_set_cred(scm, task_tgid(current), current_uid(),
>> + current_gid());
>> + scm_set_audit(scm, audit_get_loginuid(current),
>> + audit_get_sessionid(current));
>> + }
>> unix_get_peersec_dgram(sock, scm);
>> if (msg->msg_controllen <= 0)
>> return 0;
>> @@ -123,7 +141,13 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
>> .uid = from_kuid_munged(current_ns, scm->creds.uid),
>> .gid = from_kgid_munged(current_ns, scm->creds.gid),
>> };
>> + struct uaudit uaudits = {
>> + .loginuid = from_kuid_munged(current_ns,
>> + scm->audit.loginuid),
>> + .sessionid = scm->audit.sessionid,
>> + };
>> put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
>> + put_cmsg(msg, SOL_SOCKET, SCM_AUDIT, sizeof(uaudits), &uaudits);
>> }
>>
>> scm_destroy_cred(scm);
>> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
>> index 86de99a..c410f76 100644
>> --- a/net/unix/af_unix.c
>> +++ b/net/unix/af_unix.c
>> @@ -1393,6 +1393,8 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
>> UNIXCB(skb).pid = get_pid(scm->pid);
>> UNIXCB(skb).uid = scm->creds.uid;
>> UNIXCB(skb).gid = scm->creds.gid;
>> + UNIXCB(skb).loginuid = scm->audit.loginuid;
>> + UNIXCB(skb).sessionid = scm->audit.sessionid;
>> UNIXCB(skb).fp = NULL;
>> if (scm->fp && send_fds)
>> err = unix_attach_fds(scm, skb);
>> @@ -1416,6 +1418,8 @@ static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
>> test_bit(SOCK_PASSCRED, &other->sk_socket->flags)) {
>> UNIXCB(skb).pid = get_pid(task_tgid(current));
>> current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid);
>> + UNIXCB(skb).loginuid = audit_get_loginuid(current);
>> + UNIXCB(skb).sessionid = audit_get_sessionid(current);
>> }
>> }
>>
>> @@ -1812,6 +1816,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
>> memset(&tmp_scm, 0, sizeof(tmp_scm));
>> }
>> scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
>> + scm_set_audit(siocb->scm, UNIXCB(skb).loginuid, UNIXCB(skb).sessionid);
>> unix_set_secdata(siocb->scm, skb);
>>
>> if (!(flags & MSG_PEEK)) {
>> @@ -1993,6 +1998,8 @@ again:
>> } else if (test_bit(SOCK_PASSCRED, &sock->flags)) {
>> /* Copy credentials */
>> scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
>> + scm_set_audit(siocb->scm, UNIXCB(skb).loginuid,
>> + UNIXCB(skb).sessionid);
>> check_creds = 1;
>> }
WARNING: multiple messages have this Message-ID (diff)
From: "Jan Kaluža" <jkaluza@redhat.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: davem@davemloft.net, LKML <linux-kernel@vger.kernel.org>,
netdev@vger.kernel.org, eparis@redhat.com, rgb@redhat.com,
tj@kernel.org, lizefan@huawei.com,
containers@lists.linux-foundation.org, cgroups@vger.kernel.org,
viro@zeniv.linux.org.uk
Subject: Re: [PATCH v3 1/3] Send loginuid and sessionid in SCM_AUDIT
Date: Wed, 04 Sep 2013 11:07:05 +0200 [thread overview]
Message-ID: <5226F839.4010704@redhat.com> (raw)
In-Reply-To: <87bo49gifv.fsf@xmission.com>
On 09/04/2013 09:22 AM, Eric W. Biederman wrote:
> Jan Kaluza <jkaluza@redhat.com> writes:
>
>> Server-like processes in many cases need credentials and other
>> metadata of the peer, to decide if the calling process is allowed to
>> request a specific action, or the server just wants to log away this
>> type of information for auditing tasks.
>>
>> The current practice to retrieve such process metadata is to look that
>> information up in procfs with the $PID received over SCM_CREDENTIALS.
>> This is sufficient for long-running tasks, but introduces a race which
>> cannot be worked around for short-living processes; the calling
>> process and all the information in /proc/$PID/ is gone before the
>> receiver of the socket message can look it up.
>>
>> This introduces a new SCM type called SCM_AUDIT to allow the direct
>> attaching of "loginuid" and "sessionid" to SCM, which is significantly more
>> efficient and will reliably avoid the race with the round-trip over
>> procfs.
>
> Unless I am misreading something this patch will break the build if
> CONFIG_AUDITSYSCALL is not defined.
It does build. In this case, audit_get_loginuid returns INVALID_UID and
audit_get_sessionid returns -1.
Jan Kaluza
> Eric
>
>
>> Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
>> ---
>> include/linux/socket.h | 6 ++++++
>> include/net/af_unix.h | 2 ++
>> include/net/scm.h | 28 ++++++++++++++++++++++++++--
>> net/unix/af_unix.c | 7 +++++++
>> 4 files changed, 41 insertions(+), 2 deletions(-)
>>
>> diff --git a/include/linux/socket.h b/include/linux/socket.h
>> index 445ef75..505047a 100644
>> --- a/include/linux/socket.h
>> +++ b/include/linux/socket.h
>> @@ -130,6 +130,7 @@ static inline struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr
>> #define SCM_RIGHTS 0x01 /* rw: access rights (array of int) */
>> #define SCM_CREDENTIALS 0x02 /* rw: struct ucred */
>> #define SCM_SECURITY 0x03 /* rw: security label */
>> +#define SCM_AUDIT 0x04 /* rw: struct uaudit */
>>
>> struct ucred {
>> __u32 pid;
>> @@ -137,6 +138,11 @@ struct ucred {
>> __u32 gid;
>> };
>>
>> +struct uaudit {
>> + __u32 loginuid;
>> + __u32 sessionid;
>> +};
>> +
>> /* Supported address families. */
>> #define AF_UNSPEC 0
>> #define AF_UNIX 1 /* Unix domain sockets */
>> diff --git a/include/net/af_unix.h b/include/net/af_unix.h
>> index a175ba4..3b9d22a 100644
>> --- a/include/net/af_unix.h
>> +++ b/include/net/af_unix.h
>> @@ -36,6 +36,8 @@ struct unix_skb_parms {
>> u32 secid; /* Security ID */
>> #endif
>> u32 consumed;
>> + kuid_t loginuid;
>> + unsigned int sessionid;
>> };
>>
>> #define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb))
>> diff --git a/include/net/scm.h b/include/net/scm.h
>> index 8de2d37..e349a25 100644
>> --- a/include/net/scm.h
>> +++ b/include/net/scm.h
>> @@ -6,6 +6,7 @@
>> #include <linux/security.h>
>> #include <linux/pid.h>
>> #include <linux/nsproxy.h>
>> +#include <linux/audit.h>
>>
>> /* Well, we should have at least one descriptor open
>> * to accept passed FDs 8)
>> @@ -18,6 +19,11 @@ struct scm_creds {
>> kgid_t gid;
>> };
>>
>> +struct scm_audit {
>> + kuid_t loginuid;
>> + unsigned int sessionid;
>> +};
>> +
>> struct scm_fp_list {
>> short count;
>> short max;
>> @@ -28,6 +34,7 @@ struct scm_cookie {
>> struct pid *pid; /* Skb credentials */
>> struct scm_fp_list *fp; /* Passed files */
>> struct scm_creds creds; /* Skb credentials */
>> + struct scm_audit audit; /* Skb audit */
>> #ifdef CONFIG_SECURITY_NETWORK
>> u32 secid; /* Passed security ID */
>> #endif
>> @@ -58,6 +65,13 @@ static __inline__ void scm_set_cred(struct scm_cookie *scm,
>> scm->creds.gid = gid;
>> }
>>
>> +static inline void scm_set_audit(struct scm_cookie *scm,
>> + kuid_t loginuid, unsigned int sessionid)
>> +{
>> + scm->audit.loginuid = loginuid;
>> + scm->audit.sessionid = sessionid;
>> +}
>> +
>> static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
>> {
>> put_pid(scm->pid);
>> @@ -77,8 +91,12 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
>> memset(scm, 0, sizeof(*scm));
>> scm->creds.uid = INVALID_UID;
>> scm->creds.gid = INVALID_GID;
>> - if (forcecreds)
>> - scm_set_cred(scm, task_tgid(current), current_uid(), current_gid());
>> + if (forcecreds) {
>> + scm_set_cred(scm, task_tgid(current), current_uid(),
>> + current_gid());
>> + scm_set_audit(scm, audit_get_loginuid(current),
>> + audit_get_sessionid(current));
>> + }
>> unix_get_peersec_dgram(sock, scm);
>> if (msg->msg_controllen <= 0)
>> return 0;
>> @@ -123,7 +141,13 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
>> .uid = from_kuid_munged(current_ns, scm->creds.uid),
>> .gid = from_kgid_munged(current_ns, scm->creds.gid),
>> };
>> + struct uaudit uaudits = {
>> + .loginuid = from_kuid_munged(current_ns,
>> + scm->audit.loginuid),
>> + .sessionid = scm->audit.sessionid,
>> + };
>> put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
>> + put_cmsg(msg, SOL_SOCKET, SCM_AUDIT, sizeof(uaudits), &uaudits);
>> }
>>
>> scm_destroy_cred(scm);
>> diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
>> index 86de99a..c410f76 100644
>> --- a/net/unix/af_unix.c
>> +++ b/net/unix/af_unix.c
>> @@ -1393,6 +1393,8 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
>> UNIXCB(skb).pid = get_pid(scm->pid);
>> UNIXCB(skb).uid = scm->creds.uid;
>> UNIXCB(skb).gid = scm->creds.gid;
>> + UNIXCB(skb).loginuid = scm->audit.loginuid;
>> + UNIXCB(skb).sessionid = scm->audit.sessionid;
>> UNIXCB(skb).fp = NULL;
>> if (scm->fp && send_fds)
>> err = unix_attach_fds(scm, skb);
>> @@ -1416,6 +1418,8 @@ static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
>> test_bit(SOCK_PASSCRED, &other->sk_socket->flags)) {
>> UNIXCB(skb).pid = get_pid(task_tgid(current));
>> current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid);
>> + UNIXCB(skb).loginuid = audit_get_loginuid(current);
>> + UNIXCB(skb).sessionid = audit_get_sessionid(current);
>> }
>> }
>>
>> @@ -1812,6 +1816,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
>> memset(&tmp_scm, 0, sizeof(tmp_scm));
>> }
>> scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
>> + scm_set_audit(siocb->scm, UNIXCB(skb).loginuid, UNIXCB(skb).sessionid);
>> unix_set_secdata(siocb->scm, skb);
>>
>> if (!(flags & MSG_PEEK)) {
>> @@ -1993,6 +1998,8 @@ again:
>> } else if (test_bit(SOCK_PASSCRED, &sock->flags)) {
>> /* Copy credentials */
>> scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
>> + scm_set_audit(siocb->scm, UNIXCB(skb).loginuid,
>> + UNIXCB(skb).sessionid);
>> check_creds = 1;
>> }
next prev parent reply other threads:[~2013-09-04 9:07 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-27 14:39 [PATCH 0/3] Send audit/procinfo/cgroup data in socket-level control message Jan Kaluza
2013-08-27 14:39 ` [PATCH 1/3] Send loginuid and sessionid in SCM_AUDIT Jan Kaluza
2013-08-27 14:39 ` [PATCH 2/3] Send comm and cmdline in SCM_PROCINFO Jan Kaluza
2013-09-09 6:52 ` Eric W. Biederman
2013-08-27 14:40 ` [PATCH 3/3] Send cgroup_path in SCM_CGROUP Jan Kaluza
2013-08-28 14:00 ` Tejun Heo
[not found] ` <1377614400-27122-1-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2013-08-29 14:13 ` [PATCH v2 0/3] Send audit/procinfo/cgroup data in socket-level control message Jan Kaluza
2013-08-29 14:13 ` Jan Kaluza
[not found] ` <1377785602-10766-1-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2013-08-29 14:13 ` [PATCH v2 1/3] Send loginuid and sessionid in SCM_AUDIT Jan Kaluza
2013-08-29 14:13 ` Jan Kaluza
2013-08-29 14:13 ` [PATCH v2 2/3] Send comm and cmdline in SCM_PROCINFO Jan Kaluza
2013-08-29 14:13 ` Jan Kaluza
2013-08-29 14:13 ` [PATCH v2 3/3] Send cgroup_path in SCM_CGROUP Jan Kaluza
2013-08-29 14:13 ` Jan Kaluza
[not found] ` <1377785602-10766-4-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2013-09-02 17:17 ` Kay Sievers
2013-09-02 17:17 ` Kay Sievers
2013-09-04 6:14 ` [PATCH v3 0/3] Send audit/procinfo/cgroup data in socket-level control message Jan Kaluza
2013-09-04 6:14 ` Jan Kaluza
[not found] ` <1378275261-4553-1-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2013-09-04 6:14 ` [PATCH v3 1/3] Send loginuid and sessionid in SCM_AUDIT Jan Kaluza
2013-09-04 6:14 ` Jan Kaluza
[not found] ` <1378275261-4553-2-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2013-09-04 7:22 ` Eric W. Biederman
2013-09-04 7:22 ` Eric W. Biederman
2013-09-04 7:22 ` Eric W. Biederman
[not found] ` <87bo49gifv.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2013-09-04 9:07 ` Jan Kaluža [this message]
2013-09-04 9:07 ` Jan Kaluža
2013-09-04 6:14 ` [PATCH v3 2/3] Send comm and cmdline in SCM_PROCINFO Jan Kaluza
2013-09-04 6:14 ` Jan Kaluza
2013-09-04 6:14 ` [PATCH v3 3/3] Send cgroup_path in SCM_CGROUP Jan Kaluza
2013-09-04 7:42 ` [PATCH v3 0/3] Send audit/procinfo/cgroup data in socket-level control message Eric W. Biederman
2013-09-04 7:42 ` Eric W. Biederman
2013-09-04 7:42 ` Eric W. Biederman
[not found] ` <878uzdf2xp.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2013-09-04 14:45 ` Tejun Heo
2013-09-04 14:45 ` Tejun Heo
2013-09-04 14:58 ` Richard Guy Briggs
2013-09-04 14:58 ` Richard Guy Briggs
[not found] ` <20130904145830.GC28517-bcJWsdo4jJjeVoXN4CMphl7TgLCtbB0G@public.gmane.org>
2013-09-04 15:04 ` Jan Kaluža
2013-09-04 15:04 ` Jan Kaluža
2013-09-04 15:04 ` Jan Kaluža
2013-09-04 15:20 ` Richard Guy Briggs
2013-09-04 15:20 ` Richard Guy Briggs
[not found] ` <20130904152022.GD28517-bcJWsdo4jJjeVoXN4CMphl7TgLCtbB0G@public.gmane.org>
2013-09-04 15:30 ` Eric Dumazet
2013-09-04 15:30 ` Eric Dumazet
2013-09-04 15:40 ` Jan Kaluža
2013-09-04 15:40 ` Jan Kaluža
2013-09-04 15:40 ` Jan Kaluža
2013-09-04 15:20 ` Richard Guy Briggs
2013-09-04 6:14 ` [PATCH v3 3/3] Send cgroup_path in SCM_CGROUP Jan Kaluza
2014-01-13 8:01 ` [PATCH v4 0/3] Send audit/procinfo/cgroup data in socket-level control message Jan Kaluza
2014-01-13 8:01 ` Jan Kaluza
2014-01-13 19:44 ` Casey Schaufler
[not found] ` <52D44206.2000906-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2014-01-14 8:25 ` Jan Kaluža
2014-01-14 8:25 ` Jan Kaluža
[not found] ` <1389600109-30739-1-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-01-13 8:01 ` [PATCH v4 1/3] Send loginuid and sessionid in SCM_AUDIT Jan Kaluza
2014-01-13 8:01 ` Jan Kaluza
[not found] ` <1389600109-30739-2-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-01-15 4:02 ` Richard Guy Briggs
2014-01-15 4:02 ` Richard Guy Briggs
2014-01-13 8:01 ` [PATCH v4 2/3] Send comm and cmdline in SCM_PROCINFO Jan Kaluza
2014-01-13 8:01 ` Jan Kaluza
[not found] ` <1389600109-30739-3-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-01-15 4:03 ` Richard Guy Briggs
2014-01-15 4:03 ` Richard Guy Briggs
2014-01-13 8:01 ` [PATCH v4 3/3] Send cgroup_path in SCM_CGROUP Jan Kaluza
2014-01-13 8:01 ` Jan Kaluza
[not found] ` <1389600109-30739-4-git-send-email-jkaluza-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-01-13 16:52 ` Tejun Heo
2014-01-13 16:52 ` Tejun Heo
2014-01-13 16:55 ` [PATCH v4 0/3] Send audit/procinfo/cgroup data in socket-level control message Tejun Heo
2014-01-13 16:55 ` Tejun Heo
2014-01-13 19:44 ` Casey Schaufler
2014-01-15 20:17 ` David Miller
2014-01-15 20:17 ` David Miller
[not found] ` <20140115.121730.1984913330507219167.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2014-01-15 23:21 ` Eric Paris
2014-01-15 23:21 ` Eric Paris
[not found] ` <1389828103.681.34.camel-OjZBOOqb7SR7cYLChsl7DafLeoKvNuZc@public.gmane.org>
2014-01-15 23:23 ` Tejun Heo
2014-01-15 23:23 ` Tejun Heo
[not found] ` <20140115232345.GA22237-9pTldWuhBndy/B6EtB590w@public.gmane.org>
2014-01-16 9:29 ` Jan Kaluža
2014-01-16 9:29 ` Jan Kaluža
[not found] ` <52D7A68F.5030700-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2014-01-23 19:31 ` Kay Sievers
2014-01-23 19:31 ` Kay Sievers
2014-01-23 19:31 ` Kay Sievers
2014-01-23 19:31 ` Kay Sievers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5226F839.4010704@redhat.com \
--to=jkaluza-h+wxahxf7alqt0dzr+alfa@public.gmane.org \
--cc=cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=eparis-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=rgb-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.