diff for duplicates of <87vadxfwqj.fsf@xmission.com> diff --git a/a/1.txt b/N1/1.txt index fc8a2f6..4b46ece 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -1,6 +1,6 @@ -Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes: +Stefan Berger <stefanb@linux.vnet.ibm.com> writes: -> From: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> +> From: Yuqiong Sun <suny@us.ibm.com> > > Add new CONFIG_IMA_NS config option. Let clone() create a new IMA > namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy. @@ -17,10 +17,10 @@ I saw that Serge even recently mentioned that you need to take this aspect of the changes back to the drawing board. With my namespace maintainer hat on I repeat that. -From a 10,000 foot view I can already tell that this is hopeless. +>From a 10,000 foot view I can already tell that this is hopeless. So for binding IMA namspaces and CLONE_NEWNS: -Nacked-by: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> +Nacked-by: "Eric W. Biederman" <ebiederm@xmission.com> I am not nacking IMA namespacing just inappropriately tying ima namespaces to mount namespaces. These should be completely separate @@ -42,9 +42,9 @@ Eric > * Move IMA namespace creation from nsproxy into mount namespace > code > -> Signed-off-by: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> -> Signed-off-by: Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> -> Signed-off-by: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> +> Signed-off-by: Yuqiong Sun <suny@us.ibm.com> +> Signed-off-by: Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> +> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > --- > fs/mount.h | 14 ----- > fs/namespace.c | 29 ++++++++-- @@ -379,7 +379,7 @@ Eric > @@ -0,0 +1,38 @@ > +/* > + * Copyright (C) 2016-2018 IBM Corporation -> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> +> + * Author: Yuqiong Sun <suny@us.ibm.com> > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by @@ -423,7 +423,7 @@ Eric > @@ -0,0 +1,91 @@ > +/* > + * Copyright (C) 2016-2018 IBM Corporation -> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> +> + * Author: Yuqiong Sun <suny@us.ibm.com> > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by diff --git a/a/content_digest b/N1/content_digest index 049365c..cc03161 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,27 +1,26 @@ "ref\020180309201421.6150-1-stefanb@linux.vnet.ibm.com\0" "ref\020180309201421.6150-2-stefanb@linux.vnet.ibm.com\0" - "ref\020180309201421.6150-2-stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0" - "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0" + "From\0ebiederm@xmission.com (Eric W. Biederman)\0" "Subject\0Re: [RFC PATCH v2 1/3] ima: extend clone() with IMA namespace support\0" "Date\0Thu, 15 Mar 2018 05:40:04 -0500\0" - "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0" - "Cc\0mkayaalp-4hyTIkVWTs8LubxHQvXPfYdd74u8MsAO@public.gmane.org" - Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> - sunyuqiong1988-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org - containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org - linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - david.safford-JJi787mZWgc@public.gmane.org - James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org - linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - linux-ima-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org - linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> - " zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0" + "To\0Stefan Berger <stefanb@linux.vnet.ibm.com>\0" + "Cc\0linux-ima-devel@lists.sourceforge.net" + mkayaalp@cs.binghamton.edu + Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> + sunyuqiong1988@gmail.com + containers@lists.linux-foundation.org + linux-kernel@vger.kernel.org + david.safford@ge.com + James.Bottomley@hansenpartnership.com + linux-security-module@vger.kernel.org + linux-integrity@vger.kernel.org + Yuqiong Sun <suny@us.ibm.com> + " zohar@linux.vnet.ibm.com\0" "\00:1\0" "b\0" - "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n" + "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n" "\n" - "> From: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" + "> From: Yuqiong Sun <suny@us.ibm.com>\n" ">\n" "> Add new CONFIG_IMA_NS config option. Let clone() create a new IMA\n" "> namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy.\n" @@ -38,10 +37,10 @@ "this aspect of the changes back to the drawing board. With my\n" "namespace maintainer hat on I repeat that.\n" "\n" - "From a 10,000 foot view I can already tell that this is hopeless.\n" + ">From a 10,000 foot view I can already tell that this is hopeless.\n" "So for binding IMA namspaces and CLONE_NEWNS:\n" "\n" - "Nacked-by: \"Eric W. Biederman\" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>\n" + "Nacked-by: \"Eric W. Biederman\" <ebiederm@xmission.com>\n" "\n" "I am not nacking IMA namespacing just inappropriately tying ima\n" "namespaces to mount namespaces. These should be completely separate\n" @@ -63,9 +62,9 @@ "> * Move IMA namespace creation from nsproxy into mount namespace\n" "> code\n" ">\n" - "> Signed-off-by: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" - "> Signed-off-by: Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\n" - "> Signed-off-by: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\n" + "> Signed-off-by: Yuqiong Sun <suny@us.ibm.com>\n" + "> Signed-off-by: Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com>\n" + "> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>\n" "> ---\n" "> fs/mount.h | 14 -----\n" "> fs/namespace.c | 29 ++++++++--\n" @@ -400,7 +399,7 @@ "> @@ -0,0 +1,38 @@\n" "> +/*\n" "> + * Copyright (C) 2016-2018 IBM Corporation\n" - "> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" + "> + * Author: Yuqiong Sun <suny@us.ibm.com>\n" "> + *\n" "> + * This program is free software; you can redistribute it and/or modify\n" "> + * it under the terms of the GNU General Public License as published by\n" @@ -444,7 +443,7 @@ "> @@ -0,0 +1,91 @@\n" "> +/*\n" "> + * Copyright (C) 2016-2018 IBM Corporation\n" - "> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" + "> + * Author: Yuqiong Sun <suny@us.ibm.com>\n" "> + *\n" "> + * This program is free software; you can redistribute it and/or modify\n" "> + * it under the terms of the GNU General Public License as published by\n" @@ -534,4 +533,4 @@ "> +\tdestroy_ima_ns(ns);\n" > +} -bfc33b9555bc50c59f485951681009dc237fbec6c8ad3acc53f4760cbdafcb1d +dcd57cd29113b1c69380c38b07c8f1b8b0b736820101cd0e515eee3e028c0afb
diff --git a/a/1.txt b/N2/1.txt index fc8a2f6..9c679bf 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -1,6 +1,6 @@ -Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes: +Stefan Berger <stefanb@linux.vnet.ibm.com> writes: -> From: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> +> From: Yuqiong Sun <suny@us.ibm.com> > > Add new CONFIG_IMA_NS config option. Let clone() create a new IMA > namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy. @@ -17,10 +17,10 @@ I saw that Serge even recently mentioned that you need to take this aspect of the changes back to the drawing board. With my namespace maintainer hat on I repeat that. -From a 10,000 foot view I can already tell that this is hopeless. +>From a 10,000 foot view I can already tell that this is hopeless. So for binding IMA namspaces and CLONE_NEWNS: -Nacked-by: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> +Nacked-by: "Eric W. Biederman" <ebiederm@xmission.com> I am not nacking IMA namespacing just inappropriately tying ima namespaces to mount namespaces. These should be completely separate @@ -42,9 +42,9 @@ Eric > * Move IMA namespace creation from nsproxy into mount namespace > code > -> Signed-off-by: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> -> Signed-off-by: Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> -> Signed-off-by: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> +> Signed-off-by: Yuqiong Sun <suny@us.ibm.com> +> Signed-off-by: Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com> +> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > --- > fs/mount.h | 14 ----- > fs/namespace.c | 29 ++++++++-- @@ -379,7 +379,7 @@ Eric > @@ -0,0 +1,38 @@ > +/* > + * Copyright (C) 2016-2018 IBM Corporation -> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> +> + * Author: Yuqiong Sun <suny@us.ibm.com> > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by @@ -423,7 +423,7 @@ Eric > @@ -0,0 +1,91 @@ > +/* > + * Copyright (C) 2016-2018 IBM Corporation -> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> +> + * Author: Yuqiong Sun <suny@us.ibm.com> > + * > + * This program is free software; you can redistribute it and/or modify > + * it under the terms of the GNU General Public License as published by @@ -512,3 +512,7 @@ Eric > + > + destroy_ima_ns(ns); > +} +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N2/content_digest index 049365c..7e9ba9a 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -1,27 +1,14 @@ "ref\020180309201421.6150-1-stefanb@linux.vnet.ibm.com\0" "ref\020180309201421.6150-2-stefanb@linux.vnet.ibm.com\0" - "ref\020180309201421.6150-2-stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0" - "From\0ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org (Eric W. Biederman)\0" - "Subject\0Re: [RFC PATCH v2 1/3] ima: extend clone() with IMA namespace support\0" + "From\0ebiederm@xmission.com (Eric W. Biederman)\0" + "Subject\0[RFC PATCH v2 1/3] ima: extend clone() with IMA namespace support\0" "Date\0Thu, 15 Mar 2018 05:40:04 -0500\0" - "To\0Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\0" - "Cc\0mkayaalp-4hyTIkVWTs8LubxHQvXPfYdd74u8MsAO@public.gmane.org" - Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> - sunyuqiong1988-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org - containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org - linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - david.safford-JJi787mZWgc@public.gmane.org - James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org - linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - linux-ima-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org - linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org - Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org> - " zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" - "Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> writes:\n" + "Stefan Berger <stefanb@linux.vnet.ibm.com> writes:\n" "\n" - "> From: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" + "> From: Yuqiong Sun <suny@us.ibm.com>\n" ">\n" "> Add new CONFIG_IMA_NS config option. Let clone() create a new IMA\n" "> namespace upon CLONE_NEWNS flag. Add ima_ns data structure in nsproxy.\n" @@ -38,10 +25,10 @@ "this aspect of the changes back to the drawing board. With my\n" "namespace maintainer hat on I repeat that.\n" "\n" - "From a 10,000 foot view I can already tell that this is hopeless.\n" + ">From a 10,000 foot view I can already tell that this is hopeless.\n" "So for binding IMA namspaces and CLONE_NEWNS:\n" "\n" - "Nacked-by: \"Eric W. Biederman\" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>\n" + "Nacked-by: \"Eric W. Biederman\" <ebiederm@xmission.com>\n" "\n" "I am not nacking IMA namespacing just inappropriately tying ima\n" "namespaces to mount namespaces. These should be completely separate\n" @@ -63,9 +50,9 @@ "> * Move IMA namespace creation from nsproxy into mount namespace\n" "> code\n" ">\n" - "> Signed-off-by: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" - "> Signed-off-by: Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\n" - "> Signed-off-by: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>\n" + "> Signed-off-by: Yuqiong Sun <suny@us.ibm.com>\n" + "> Signed-off-by: Mehmet Kayaalp <mkayaalp@linux.vnet.ibm.com>\n" + "> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>\n" "> ---\n" "> fs/mount.h | 14 -----\n" "> fs/namespace.c | 29 ++++++++--\n" @@ -400,7 +387,7 @@ "> @@ -0,0 +1,38 @@\n" "> +/*\n" "> + * Copyright (C) 2016-2018 IBM Corporation\n" - "> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" + "> + * Author: Yuqiong Sun <suny@us.ibm.com>\n" "> + *\n" "> + * This program is free software; you can redistribute it and/or modify\n" "> + * it under the terms of the GNU General Public License as published by\n" @@ -444,7 +431,7 @@ "> @@ -0,0 +1,91 @@\n" "> +/*\n" "> + * Copyright (C) 2016-2018 IBM Corporation\n" - "> + * Author: Yuqiong Sun <suny-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>\n" + "> + * Author: Yuqiong Sun <suny@us.ibm.com>\n" "> + *\n" "> + * This program is free software; you can redistribute it and/or modify\n" "> + * it under the terms of the GNU General Public License as published by\n" @@ -532,6 +519,10 @@ "> +\tBUG_ON(ns == &init_ima_ns);\n" "> +\n" "> +\tdestroy_ima_ns(ns);\n" - > +} + "> +}\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -bfc33b9555bc50c59f485951681009dc237fbec6c8ad3acc53f4760cbdafcb1d +7cbdd261c45325cfc7fd39f302e62819de905e3b0db6b8005e16f7a698253df2
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.