From mboxrd@z Thu Jan  1 00:00:00 1970
From: James Bottomley <James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
Subject: Re: [RFC PATCH v2 1/3] ima: extend clone() with IMA namespace support
Date: Thu, 15 Mar 2018 12:01:07 -0700
Message-ID: <1521140467.5348.94.camel@HansenPartnership.com>
References: <20180309201421.6150-1-stefanb@linux.vnet.ibm.com>
	<20180309201421.6150-2-stefanb@linux.vnet.ibm.com>
	<87vadxfwqj.fsf@xmission.com>
	<c18b6e92-57f0-5994-eb60-5fadc6671832@linux.vnet.ibm.com>
	<1521135192.5348.64.camel@HansenPartnership.com>
	<2183a3b4-6270-d2e9-70ad-a7399eb1681c@linux.vnet.ibm.com>
	<1521139535.5348.89.camel@HansenPartnership.com>
	<0dc5b856-8dc6-7b5a-eeac-febd19f6498c@linux.vnet.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Return-path: <containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>
In-Reply-To: <0dc5b856-8dc6-7b5a-eeac-febd19f6498c-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/containers>,
	<mailto:containers-request-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/containers/>
List-Post: <mailto:containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>
List-Help: <mailto:containers-request-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/containers>,
	<mailto:containers-request-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org?subject=subscribe>
Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
To: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>, "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Cc: mkayaalp-4hyTIkVWTs8LubxHQvXPfYdd74u8MsAO@public.gmane.org, Mehmet Kayaalp <mkayaalp-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>, sunyuqiong1988-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org, containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, david.safford-JJi787mZWgc@public.gmane.org, linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-integrity-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, zohar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org
List-Id: containers.vger.kernel.org

T24gVGh1LCAyMDE4LTAzLTE1IGF0IDE0OjUxIC0wNDAwLCBTdGVmYW4gQmVyZ2VyIHdyb3RlOgo+
IE9uIDAzLzE1LzIwMTggMDI6NDUgUE0sIEphbWVzIEJvdHRvbWxleSB3cm90ZToKWy4uLl0KPiA+
ID4gPiBnb2luZyB0byBuZWVkIHNvbWUgdHlwZSBvZiBrZXlyaW5nIG5hbWVzcGFjZSBhbmQgdGhl
cmUncwo+ID4gPiA+IGFscmVhZHkKPiA+ID4gPiBvbmUgaGFuZ2luZyBvZmYgdGhlIHVzZXJfbnM6
Cj4gPiA+ID4gCj4gPiA+ID4gY29tbWl0IGYzNmY4Yzc1YWUyZTdkNGRhMzRmNGM5MDhjZWJkYjRh
YTQyYzk3N2UKPiA+ID4gPiBBdXRob3I6IERhdmlkIEhvd2VsbHMgPGRob3dlbGxzQHJlZGhhdC5j
b20+Cj4gPiA+ID4gRGF0ZTrCoMKgwqBUdWUgU2VwIDI0IDEwOjM1OjE5IDIwMTMgKzAxMDAKPiA+
ID4gPiAKPiA+ID4gPiDCoMKgwqDCoMKgwqBLRVlTOiBBZGQgcGVyLXVzZXJfbmFtZXNwYWNlIHJl
Z2lzdGVycyBmb3IgcGVyc2lzdGVudAo+ID4gPiA+IHBlci1VSUQKPiA+ID4gPiBrZXJiZXJvcyBj
YWNoZXMKPiA+ID4gVGhlIGJlbmVmaXQgZm9yIElNQSB3b3VsZCBiZSB0aGF0IHRoaXMgd291bGQg
dGhlbiB0aWUgdGhlIGtleXMKPiA+ID4gbmVlZGVkIGZvciBhcHByYWlzaW5nIHRvIHRoZSBJTUEg
bmFtZXNwYWNlJ3MgcG9saWN5Lgo+ID4gPiBIb3dldmVyLCBpZiB5b3UgaGF2ZSBhbiBhcHByYWlz
ZSBwb2xpY3kgaW4geW91ciBJTUEgbmFtZXNwYWNlLAo+ID4gPiB3aGljaCBpcyBub3cgaG9va2Vk
IHRvIHRoZSB1c2VyIG5hbWVzcGFjZSwgYW5kIHlvdSBqb2luIHRoYXQgdXNlcgo+ID4gPiBuYW1l
c3BhY2UgYnV0IHlvdXIgZmlsZXMgZG9uJ3QgaGF2ZSBzaWduYXR1cmVzLCBub3RoaW5nIHdpbGwK
PiA+ID4gZXhlY3V0ZSBhbnltb3JlLiBUaGF0J3Mgbm93IGEgc2lkZSBlZmZlY3Qgb2Ygam9pbmlu
ZyB0aGlzIHVzZXIKPiA+ID4gbmFtZXNwYWNlIHVubGVzcyB3ZSBoYXZlIGEgbWFnaWPCoMKgZXhj
ZXB0aW9uLiBNeSBmZWVsaW5nIGlzLAo+ID4gPiBwZW9wbGUgbWF5IG5vdCBsaWtlIHRoYXQuLi4K
PiA+IEFncmVlLCBidXQgSSB0aGluayB0aGUgbWFnaWMgbWlnaHQgYmUgdG8gcG9wdWxhdGUgdGhl
IGltYSBrZXlyaW5nCj4gPiB3aXRoIHRoZSBwYXJlbnQgb24gdXNlcl9ucyBjcmVhdGlvbi7CoMKg
VGhhdCB3YXkgdGhlIHVzZXJfbnMgb3duZXIKPiA+IGNhbiBkZWxldGUgdGhlIHBhcmVudCBrZXlz
IGlmIHRoZXkgZG9uJ3QgbGlrZSB0aGVtLCBidXQgYnkgZGVmYXVsdAo+ID4gdGhlIHBhcmVudCBh
cHByYWlzYWwgcG9saWN5IHNob3VsZCBqdXN0IHdvcmsuCj4gCj4gVGhhdCBtYXkgYWRkIGtleXMg
dG8geW91ciBrZXlyaW5nIGJ1dCBkb2Vzbid0IGdldCB5b3Ugc2lnbmF0dXJlcyBvbgo+IHlvdXIg
wqBmaWxlcy4KCkJ1dCBpdCBkb2Vzbid0IG5lZWQgdG8uIMKgVGhlIG9ubHkgd2F5IHdlJ2QgZ2V0
IGEgZmFpbHVyZSBpcyBpZiB0aGUgZmlsZQppcyBhbHJlYWR5IGJlaW5nIGFwcHJhaXNlZCBhbmQg
d2UgbG9zZSBhY2Nlc3MgdG8gdGhlIGtleS4gwqBJZiB0aGUKcGFyZW50IHBvbGljeSBpc24ndCBh
cHByYWlzYWwsIGVudGVyaW5nIHRoZSBJTUEgTlMgd29uJ3QgY2F1c2UKYXBwcmFpc2FsIHRvIGJl
IHR1cm5lZCBvbiB1bmxlc3MgdGhlIG93bmVyIGFza3MgZm9yIGl0LCBpbiB3aGljaCBjYXNlCml0
J3MgY2F2ZWF0IGVtcHRvcjogQXMgaXQgd29ya3MgdG9kYXksIGlmIGFzIHJvb3QgSSBhZGQgYSBk
ZWZhdWx0CmFwcHJhaXNhbCBwb2xpY3kgdG8gSU1BIHdpdGhvdXQgZWl0aGVyIGEga2V5IG9yIHhh
dHRycywgSSBnZXQgYW4KdW51c2FibGUgc3lzdGVtLgoKSmFtZXMKCl9fX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCkNvbnRhaW5lcnMgbWFpbGluZyBsaXN0CkNv
bnRhaW5lcnNAbGlzdHMubGludXgtZm91bmRhdGlvbi5vcmcKaHR0cHM6Ly9saXN0cy5saW51eGZv
dW5kYXRpb24ub3JnL21haWxtYW4vbGlzdGluZm8vY29udGFpbmVycw==