From: Daniel Mack <daniel-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
To: Andy Lutomirski <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>,
Greg Kroah-Hartman
<gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
Cc: Linux API <linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
John Stultz <john.stultz-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Arnd Bergmann <arnd-r2nGTMty4D4@public.gmane.org>,
Tejun Heo <tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Marcel Holtmann <marcel-kz+m5ild9QBg9hUCZPvPmw@public.gmane.org>,
Ryan Lortie <desrt-0xnayjDhYQY@public.gmane.org>,
Bastien Nocera <hadess-0MeiytkfxGOsTnJN9+BGXg@public.gmane.org>,
David Herrmann
<dh.herrmann-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Djalal Harouni <tixxdz-Umm1ozX2/EEdnm+yROfE0A@public.gmane.org>,
simon.mcvittie-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org,
alban.crequy-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org,
javier.martinez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org,
Tom Gundersen <teg-B22kvLQNl6c@public.gmane.org>
Subject: Re: kdbus: add code to gather metadata
Date: Thu, 30 Oct 2014 09:09:38 +0100 [thread overview]
Message-ID: <5451F242.4070106@zonque.org> (raw)
In-Reply-To: <CALCETrWqbpxk83L0k0_78JZCO+ntZhx_hHMcRu=vxs6VE2f5JQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
On 10/29/2014 11:33 PM, Andy Lutomirski wrote:
> On Wed, Oct 29, 2014 at 3:00 PM, Greg Kroah-Hartman
>> +/**
>> + * kdbus_meta_new() - create new metadata object
>> + * @meta: New metadata object
>> + *
>> + * Return: 0 on success, negative errno on failure.
>> + */
>> +int kdbus_meta_new(struct kdbus_meta **meta)
>> +{
>> + struct kdbus_meta *m;
>> +
>> + BUG_ON(*meta);
>> +
>> + m = kzalloc(sizeof(*m), GFP_KERNEL);
>> + if (!m)
>> + return -ENOMEM;
>> +
>> + /*
>> + * Remember the PID and user namespaces our credentials belong to;
>> + * we need to prevent leaking authorization and security-relevant
>> + * data across different namespaces.
>> + */
>> + m->pid_namespace = get_pid_ns(task_active_pid_ns(current));
>> + m->user_namespace = get_user_ns(current_user_ns());
>> +
>
> This is unusual, and it could be very expensive (it will serialize
> essentially everyone on an exclusive cacheline). What attack is it
> protecting against?
As mentioned before, we currently prevent metadata from crossing over
user and pid namespace boundaries. In order to detect such situations,
we need to pin the namespaces of the the task creating such a metadata
object, so we can compare them later, even when the original task is not
alive anymore. But I'm open for cheaper solutions for this, as I'm
admittedly not an expert in these APIs.
>> +static int kdbus_meta_append_cred(struct kdbus_meta *meta)
>> +{
>> + struct kdbus_creds creds = {
>> + .uid = from_kuid_munged(current_user_ns(), current_uid()),
>> + .gid = from_kgid_munged(current_user_ns(), current_gid()),
>> + .pid = task_pid_vnr(current),
>> + .tid = task_tgid_vnr(current),
>> + .starttime = current->start_time,
>> + };
>> +
>> + return kdbus_meta_append_data(meta, KDBUS_ITEM_CREDS,
>> + &creds, sizeof(creds));
>> +}
>
> This seems wrong to me. Shouldn't this store kuid_t, etc. directly?
The metadata item's memory that is appended here is directly copied into
the final message in the receiver's pool later, so the information has
to be authoritative and translated at this point. This is currently not
a problem as in cases where we cross namespaces, the metadata will not
be added to the final message anyway.
But you're right, if we support translation between namespaces later, we
need to store the kuid_t here, and patch in the the translated version
later, when the message is installed by the receiving peer (which is
when we know which namespace to translate the kuid_t for).
> Also, why pid, tid, and starttime?
Because pid is also part of struct ucred, and starttime seemed to fit in
here as well. After all, an item has some overhead with its header, so
we tried to group information that will most probably be needed
together. Any strong reason not to store it here?
Thanks,
Daniel
WARNING: multiple messages have this Message-ID (diff)
From: Daniel Mack <daniel@zonque.org>
To: Andy Lutomirski <luto@amacapital.net>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Linux API <linux-api@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
John Stultz <john.stultz@linaro.org>,
Arnd Bergmann <arnd@arndb.de>, Tejun Heo <tj@kernel.org>,
Marcel Holtmann <marcel@holtmann.org>,
Ryan Lortie <desrt@desrt.ca>, Bastien Nocera <hadess@hadess.net>,
David Herrmann <dh.herrmann@gmail.com>,
Djalal Harouni <tixxdz@opendz.org>,
simon.mcvittie@collabora.co.uk, alban.crequy@collabora.co.uk,
javier.martinez@collabora.co.uk, Tom Gundersen <teg@jklm.no>
Subject: Re: kdbus: add code to gather metadata
Date: Thu, 30 Oct 2014 09:09:38 +0100 [thread overview]
Message-ID: <5451F242.4070106@zonque.org> (raw)
In-Reply-To: <CALCETrWqbpxk83L0k0_78JZCO+ntZhx_hHMcRu=vxs6VE2f5JQ@mail.gmail.com>
On 10/29/2014 11:33 PM, Andy Lutomirski wrote:
> On Wed, Oct 29, 2014 at 3:00 PM, Greg Kroah-Hartman
>> +/**
>> + * kdbus_meta_new() - create new metadata object
>> + * @meta: New metadata object
>> + *
>> + * Return: 0 on success, negative errno on failure.
>> + */
>> +int kdbus_meta_new(struct kdbus_meta **meta)
>> +{
>> + struct kdbus_meta *m;
>> +
>> + BUG_ON(*meta);
>> +
>> + m = kzalloc(sizeof(*m), GFP_KERNEL);
>> + if (!m)
>> + return -ENOMEM;
>> +
>> + /*
>> + * Remember the PID and user namespaces our credentials belong to;
>> + * we need to prevent leaking authorization and security-relevant
>> + * data across different namespaces.
>> + */
>> + m->pid_namespace = get_pid_ns(task_active_pid_ns(current));
>> + m->user_namespace = get_user_ns(current_user_ns());
>> +
>
> This is unusual, and it could be very expensive (it will serialize
> essentially everyone on an exclusive cacheline). What attack is it
> protecting against?
As mentioned before, we currently prevent metadata from crossing over
user and pid namespace boundaries. In order to detect such situations,
we need to pin the namespaces of the the task creating such a metadata
object, so we can compare them later, even when the original task is not
alive anymore. But I'm open for cheaper solutions for this, as I'm
admittedly not an expert in these APIs.
>> +static int kdbus_meta_append_cred(struct kdbus_meta *meta)
>> +{
>> + struct kdbus_creds creds = {
>> + .uid = from_kuid_munged(current_user_ns(), current_uid()),
>> + .gid = from_kgid_munged(current_user_ns(), current_gid()),
>> + .pid = task_pid_vnr(current),
>> + .tid = task_tgid_vnr(current),
>> + .starttime = current->start_time,
>> + };
>> +
>> + return kdbus_meta_append_data(meta, KDBUS_ITEM_CREDS,
>> + &creds, sizeof(creds));
>> +}
>
> This seems wrong to me. Shouldn't this store kuid_t, etc. directly?
The metadata item's memory that is appended here is directly copied into
the final message in the receiver's pool later, so the information has
to be authoritative and translated at this point. This is currently not
a problem as in cases where we cross namespaces, the metadata will not
be added to the final message anyway.
But you're right, if we support translation between namespaces later, we
need to store the kuid_t here, and patch in the the translated version
later, when the message is installed by the receiving peer (which is
when we know which namespace to translate the kuid_t for).
> Also, why pid, tid, and starttime?
Because pid is also part of struct ucred, and starttime seemed to fit in
here as well. After all, an item has some overhead with its header, so
we tried to group information that will most probably be needed
together. Any strong reason not to store it here?
Thanks,
Daniel
next prev parent reply other threads:[~2014-10-30 8:09 UTC|newest]
Thread overview: 192+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-29 22:00 [PATCH 00/12] Add kdbus implementation Greg Kroah-Hartman
2014-10-29 22:00 ` Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add documentation Greg Kroah-Hartman
2014-10-30 12:20 ` Peter Meerwald
[not found] ` <alpine.DEB.2.02.1410301231040.32212-jW+XmwGofnusTnJN9+BGXg@public.gmane.org>
2014-11-02 1:29 ` Greg Kroah-Hartman
2014-11-02 1:29 ` Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add driver skeleton, ioctl entry points and utility functions Greg Kroah-Hartman
[not found] ` <1414620056-6675-4-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 3:50 ` Eric W. Biederman
2014-10-30 3:50 ` Eric W. Biederman
2014-10-30 23:45 ` Thomas Gleixner
2014-10-30 23:45 ` Thomas Gleixner
2014-10-31 0:23 ` Jiri Kosina
2014-10-31 0:23 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410310114290.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-31 0:42 ` Thomas Gleixner
2014-10-31 0:42 ` Thomas Gleixner
2014-10-29 22:00 ` kdbus: add connection, queue handling and message validation code Greg Kroah-Hartman
[not found] ` <87k33iw759.fsf@x220.int.ebiederm.org>
[not found] ` <87k33iw759.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 3:55 ` Andy Lutomirski
2014-10-30 3:55 ` Andy Lutomirski
2014-10-30 9:06 ` Djalal Harouni
2014-10-29 22:00 ` kdbus: add code to gather metadata Greg Kroah-Hartman
[not found] ` <1414620056-6675-7-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-29 22:33 ` Andy Lutomirski
2014-10-29 22:33 ` Andy Lutomirski
[not found] ` <CALCETrWqbpxk83L0k0_78JZCO+ntZhx_hHMcRu=vxs6VE2f5JQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 0:13 ` Andy Lutomirski
2014-10-30 0:13 ` Andy Lutomirski
[not found] ` <CALCETrVkuKxMMEw3HBEOZoFUuw8PndXtB13+bLWmcp_E34SaFw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 8:45 ` Daniel Mack
2014-10-30 8:45 ` Daniel Mack
[not found] ` <5451FA9B.8070501-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
2014-10-30 14:07 ` Andy Lutomirski
2014-10-30 14:07 ` Andy Lutomirski
[not found] ` <CALCETrWjOS0AHF33zN0Vy1NC1441To7AgNPge3sKCz8bn2d8gg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 15:54 ` Daniel Mack
2014-10-30 15:54 ` Daniel Mack
[not found] ` <54525F32.3040502-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
2014-10-30 21:01 ` Andy Lutomirski
2014-10-30 21:01 ` Andy Lutomirski
[not found] ` <CALCETrV6MLYUQN6mqZbH=FrLyrETVoemtdC05po8+X=6SKQ70A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-01 11:05 ` Daniel Mack
2014-11-01 11:05 ` Daniel Mack
[not found] ` <5454BE6E.5040507-cYrQPVfZoowdnm+yROfE0A@public.gmane.org>
2014-11-01 16:19 ` Andy Lutomirski
2014-11-01 16:19 ` Andy Lutomirski
[not found] ` <CALCETrXxx4juUGA3mwOxq0BtErM0kj7_THxiO5LwCVLzCXnd2A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-03 12:00 ` Simon McVittie
2014-11-03 12:00 ` Simon McVittie
[not found] ` <54576E48.40800-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2014-11-03 17:05 ` Andy Lutomirski
2014-11-03 17:05 ` Andy Lutomirski
2014-10-30 8:09 ` Daniel Mack [this message]
2014-10-30 8:09 ` Daniel Mack
2014-10-29 22:00 ` kdbus: add code for notifications and matches Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add code for buses, domains and endpoints Greg Kroah-Hartman
[not found] ` <1414620056-6675-9-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 3:59 ` Eric W. Biederman
2014-10-30 3:59 ` Eric W. Biederman
2014-10-30 9:58 ` Djalal Harouni
2014-10-30 12:15 ` Eric W. Biederman
2014-10-30 12:15 ` Eric W. Biederman
[not found] ` <87wq7hiwjb.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 14:48 ` Djalal Harouni
2014-10-30 14:48 ` Djalal Harouni
2014-10-30 14:58 ` Andy Lutomirski
2014-10-30 14:58 ` Andy Lutomirski
2014-10-30 18:08 ` Djalal Harouni
2014-10-30 18:46 ` Simon McVittie
2014-10-30 18:46 ` Simon McVittie
[not found] ` <54528798.40107-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org>
2014-11-05 19:59 ` Djalal Harouni
2014-11-05 19:59 ` Djalal Harouni
2014-10-30 20:37 ` Andy Lutomirski
2014-10-30 20:37 ` Andy Lutomirski
2014-10-30 21:47 ` Alex Elsayed
2014-10-30 22:00 ` Andy Lutomirski
2014-10-30 22:00 ` Andy Lutomirski
2014-10-30 23:38 ` How Not To Use kref (was Re: kdbus: add code for buses, domains and endpoints) Al Viro
2014-10-30 23:38 ` Al Viro
[not found] ` <20141030233801.GF7996-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2014-10-31 18:00 ` Linus Torvalds
2014-10-31 18:00 ` Linus Torvalds
[not found] ` <CA+55aFxB=jWGvPH3TMhB=ungOg9TBai5Ak-ma5vChBB-H2AgnQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-31 19:56 ` Al Viro
2014-10-31 19:56 ` Al Viro
2014-11-04 9:11 ` David Herrmann
2014-11-04 9:11 ` David Herrmann
2014-10-31 1:39 ` kdbus: add code for buses, domains and endpoints Al Viro
2014-10-31 1:39 ` Al Viro
[not found] ` <20141031013922.GG7996-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2014-10-31 9:55 ` Daniel Mack
2014-10-31 9:55 ` Daniel Mack
2014-10-29 22:00 ` kdbus: add name registry implementation Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add policy database implementation Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add Makefile, Kconfig and MAINTAINERS entry Greg Kroah-Hartman
2014-10-29 22:00 ` kdbus: add selftests Greg Kroah-Hartman
[not found] ` <1414620056-6675-13-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 8:31 ` Arnd Bergmann
2014-10-30 8:31 ` Arnd Bergmann
2014-11-14 3:42 ` Michael Ellerman
2014-11-14 3:42 ` Michael Ellerman
2014-11-14 8:56 ` Daniel Mack
2014-11-14 8:56 ` Daniel Mack
2014-10-29 22:15 ` [PATCH 00/12] Add kdbus implementation Andy Lutomirski
[not found] ` <CALCETrWrxc8foPYbRPtxwNX0sHK_=vLFLDXXyXu+2U2=B+=qCQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-29 22:27 ` Greg Kroah-Hartman
2014-10-29 22:27 ` Greg Kroah-Hartman
2014-10-29 22:34 ` Andy Lutomirski
[not found] ` <20141029222729.GB8129-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-30 2:27 ` Andy Lutomirski
2014-10-30 2:27 ` Andy Lutomirski
[not found] ` <CALCETrVxvF2ie=vVgpjeqikn+nci_9jyKfU4s3t=4cjyNZNaNQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 4:20 ` Eric W. Biederman
2014-10-30 4:20 ` Eric W. Biederman
[not found] ` <87bnourxx4.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 10:15 ` Tom Gundersen
2014-10-30 10:15 ` Tom Gundersen
[not found] ` <CAG-2HqUChohNrRSdXzckSiv8ZUYwFLMvRTc41Uo7-b-qmkSFMQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 12:02 ` Eric W. Biederman
2014-10-30 12:02 ` Eric W. Biederman
2014-10-30 13:48 ` Andy Lutomirski
2014-10-30 13:48 ` Andy Lutomirski
[not found] ` <1414620056-6675-1-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-29 22:00 ` kdbus: add header file Greg Kroah-Hartman
2014-10-29 22:00 ` Greg Kroah-Hartman
[not found] ` <1414620056-6675-3-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-10-30 8:20 ` Arnd Bergmann
2014-10-30 8:20 ` Arnd Bergmann
2014-10-30 11:02 ` Tom Gundersen
2014-10-30 11:26 ` Arnd Bergmann
2014-10-30 11:52 ` Daniel Mack
2014-10-30 11:52 ` Daniel Mack
2014-10-30 12:03 ` Arnd Bergmann
2014-10-31 10:03 ` Daniel Mack
2014-10-31 10:03 ` Daniel Mack
2014-10-29 22:00 ` kdbus: add connection pool implementation Greg Kroah-Hartman
2014-10-29 22:00 ` Greg Kroah-Hartman
2014-10-29 22:15 ` [PATCH 00/12] Add kdbus implementation Greg KH
2014-10-29 22:15 ` Greg KH
[not found] ` <20141029221505.GA7812-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-30 4:04 ` Eric W. Biederman
2014-10-30 4:04 ` Eric W. Biederman
[not found] ` <87egtqurrp.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org>
2014-10-30 7:12 ` Daniel Mack
2014-10-30 7:12 ` Daniel Mack
2014-10-29 22:19 ` Andy Lutomirski
2014-10-29 22:19 ` Andy Lutomirski
2014-10-29 22:25 ` Greg Kroah-Hartman
2014-10-29 22:28 ` Andy Lutomirski
2014-10-29 22:36 ` Andy Lutomirski
[not found] ` <CALCETrX6vf7cKy=XDhDtn9hn1W930MRxBa=pk93RnyuZ-EaNyw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 7:44 ` Daniel Mack
2014-10-30 7:44 ` Daniel Mack
[not found] ` <CALCETrUBegZ4F1sKq3LxUgANX3=syYOrqOp9=F--g9pkVHHgUA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-11-05 14:34 ` Daniel Mack
2014-11-05 14:34 ` Daniel Mack
2014-10-29 23:00 ` Jiri Kosina
2014-10-29 23:00 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410292354480.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-29 23:11 ` Greg Kroah-Hartman
2014-10-29 23:11 ` Greg Kroah-Hartman
[not found] ` <20141029231106.GB16548-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-29 23:12 ` Greg Kroah-Hartman
2014-10-29 23:12 ` Greg Kroah-Hartman
2014-10-29 23:24 ` Jiri Kosina
2014-10-29 23:24 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410300019570.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-29 23:26 ` Jiri Kosina
2014-10-29 23:26 ` Jiri Kosina
[not found] ` <alpine.LRH.2.00.1410300024530.11562-1ReQVI26iDCaZKY3DrU6dA@public.gmane.org>
2014-10-29 23:34 ` Greg Kroah-Hartman
2014-10-29 23:34 ` Greg Kroah-Hartman
2014-10-29 23:40 ` Greg Kroah-Hartman
2014-10-29 23:40 ` Greg Kroah-Hartman
2014-10-29 23:55 ` Andy Lutomirski
2014-10-30 11:52 ` Tom Gundersen
[not found] ` <CAG-2HqX9RUQHiF1U_CXiDVVLS-7aUOQdYn7EVNSMZNdbe38cTA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-10-30 12:28 ` Simon McVittie
2014-10-30 12:28 ` Simon McVittie
2014-10-30 13:59 ` Andy Lutomirski
2014-10-30 20:28 ` Alex Elsayed
2014-10-30 9:51 ` Karol Lewandowski
2014-10-30 9:51 ` Karol Lewandowski
[not found] ` <54520A21.20404-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-30 10:44 ` Karol Lewandowski
2014-10-30 10:44 ` Karol Lewandowski
[not found] ` <54521697.1030900-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-30 14:47 ` Greg Kroah-Hartman
2014-10-30 14:47 ` Greg Kroah-Hartman
[not found] ` <20141030144709.GA19721-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-10-30 19:55 ` Karol Lewandowski
2014-10-30 19:55 ` Karol Lewandowski
[not found] ` <545297CC.6020306-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-30 20:24 ` Greg Kroah-Hartman
2014-10-30 20:24 ` Greg Kroah-Hartman
2014-10-31 11:15 ` Karol Lewandowski
2014-10-30 23:13 ` One Thousand Gnomes
2014-10-30 23:13 ` One Thousand Gnomes
[not found] ` <20141030231310.0b65b762-mUKnrFFms3BCCTY1wZZT65JpZx93mCW/@public.gmane.org>
2014-10-31 10:58 ` Karol Lewandowski
2014-10-31 10:58 ` Karol Lewandowski
2014-10-30 23:39 ` Paul Moore
2014-10-31 14:21 ` Karol Lewandowski
2014-10-31 14:21 ` Karol Lewandowski
2014-10-31 16:36 ` [RFC PATCH 0/5] kdbus: add support for lsm Karol Lewandowski
2014-10-31 16:36 ` [PATCH 1/5] kdbus: extend structures with security pointer " Karol Lewandowski
[not found] ` <1414773397-26490-2-git-send-email-k.lewandowsk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-11-17 1:47 ` Karol Lewandowski
2014-11-17 1:47 ` Karol Lewandowski
2014-11-17 18:37 ` Greg KH
2014-11-17 18:37 ` Greg KH
2014-10-31 16:36 ` [PATCH 2/5] security: export security_file_receive for modules Karol Lewandowski
2014-10-31 16:36 ` [PATCH 3/5] kdbus: check if lsm permits installing received fds Karol Lewandowski
[not found] ` <1414773397-26490-1-git-send-email-k.lewandowsk-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org>
2014-10-31 16:36 ` [PATCH 4/5] security: introduce lsm hooks for kdbus Karol Lewandowski
2014-10-31 16:36 ` [PATCH 5/5] kdbus: make use of new lsm hooks Karol Lewandowski
2014-10-31 17:19 ` [PATCH 3/5] kdbus: check if lsm permits installing received fds Karol Lewandowski
2014-11-07 18:01 ` [RFC PATCH 0/5] kdbus: add support for lsm Greg KH
[not found] ` <20141107180120.GA15387-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-11-09 0:07 ` Karol Lewandowski
2014-11-09 0:07 ` Karol Lewandowski
2014-11-02 1:21 ` [PATCH 00/12] Add kdbus implementation Greg Kroah-Hartman
2014-11-02 1:21 ` Greg Kroah-Hartman
[not found] ` <20141102012130.GA9335-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-11-03 14:38 ` One Thousand Gnomes
2014-11-03 14:38 ` One Thousand Gnomes
2014-10-30 8:33 ` Arnd Bergmann
2014-10-30 8:33 ` Arnd Bergmann
2014-10-30 16:17 ` Greg Kroah-Hartman
-- strict thread matches above, loose matches on Subject: below --
2014-11-21 5:02 [PATCH v2 00/13] " Greg Kroah-Hartman
2014-11-21 5:02 ` kdbus: add code to gather metadata Greg Kroah-Hartman
[not found] ` <1416546149-24799-8-git-send-email-gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
2014-11-21 19:50 ` Andy Lutomirski
2014-11-21 19:50 ` Andy Lutomirski
[not found] ` <546F977B.7040500-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>
2014-12-01 13:50 ` Daniel Mack
2014-12-01 13:50 ` Daniel Mack
2014-12-01 14:46 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5451F242.4070106@zonque.org \
--to=daniel-cyrqpvfzoowdnm+yrofe0a@public.gmane.org \
--cc=alban.crequy-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org \
--cc=arnd-r2nGTMty4D4@public.gmane.org \
--cc=desrt-0xnayjDhYQY@public.gmane.org \
--cc=dh.herrmann-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org \
--cc=hadess-0MeiytkfxGOsTnJN9+BGXg@public.gmane.org \
--cc=javier.martinez-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org \
--cc=john.stultz-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org \
--cc=marcel-kz+m5ild9QBg9hUCZPvPmw@public.gmane.org \
--cc=simon.mcvittie-ZGY8ohtN/8pPYcu2f3hruQ@public.gmane.org \
--cc=teg-B22kvLQNl6c@public.gmane.org \
--cc=tixxdz-Umm1ozX2/EEdnm+yROfE0A@public.gmane.org \
--cc=tj-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.