[GIT PULL] capabilities update for v6.19

[GIT PULL] capabilities update for v6.19

[Serge E. Hallyn]

Hi Linus,

This contains the capabilities changes for 6.19.  There is only a single commit,

   Clarify the rootid_owns_currentns

which introduces no functional change.  Ryan Foster had sent a patch
to add testing of the security/commoncap.c:rootid_owns_currentns()
function.  The patch pointed out that this function was not as clear
as it should be.

This commit has two purposes:

1. Clarify the intent of the function in the name
2. Split the function so that the base functionality is easier
   to test from a kunit test.

This commit has been in linux-next since November 18 with no reported
issues.  Ryan has posted an updated test patch based on this commit.

The following changes since commit 211ddde0823f1442e4ad052a2f30f050145ccada:

  Linux 6.18-rc2 (2025-10-19 15:19:16 -1000)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git tags/caps-pr-20251204

for you to fetch changes up to 9891d2f79a9fe9b77ad290f950eb8fa3e375330e:

  Clarify the rootid_owns_currentns (2025-11-18 18:00:19 -0600)

----------------------------------------------------------------
Capabilities patch for v6.19

There is only a single commit,

   Clarify the rootid_owns_currentns

which introduces no functional change.  Ryan Foster had sent a patch
to add testing of the security/commoncap.c:rootid_owns_currentns()
function.  The patch pointed out that this function was not as clear
as it should be.

This commit has two purposes:

1. Clarify the intent of the function in the name
2. Split the function so that the base functionality is easier
   to test from a kunit test.

This commit has been in linux-next since November 18 with no reported
issues.  Ryan has posted an updated test patch based on this commit.

----------------------------------------------------------------
Serge Hallyn (1):
      Clarify the rootid_owns_currentns

 security/commoncap.c | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

Re: [GIT PULL] capabilities update for v6.19

[Linus Torvalds]

On Thu, Dec 4, 2025 at 4:27 PM Serge E. Hallyn <serge@hallyn.com> wrote:
>
> This contains the capabilities changes for 6.19.

This email was in my spam folder.

The reason appears to be due to it being marked as "DMARC: FAIL".

I think it's simply because your mail domain doesn't have a dmarc
policy at all, and gmail has been getting more strict about having
both dkim and dmarc set up.

Anyway, I obviously found the email, but I thought I'd mention it,
because while I check my spam folder fairly religiously, it's still
mostly a pretty quick scan for possible emails. There's no guarantee I
always notice...

           Linus

Re: [GIT PULL] capabilities update for v6.19

[pr-tracker-bot]

The pull request you sent on Thu, 4 Dec 2025 18:27:22 -0600:

> https://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git tags/caps-pr-20251204

has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/2061f18ad76ecaddf8ed17df81b8611ea88dbddd

Thank you!

-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/prtracker.html

Re: [GIT PULL] capabilities update for v6.19

[Serge E. Hallyn]

On Thu, Dec 04, 2025 at 05:20:18PM -0800, Linus Torvalds wrote:
> On Thu, Dec 4, 2025 at 4:27 PM Serge E. Hallyn <serge@hallyn.com> wrote:
> >
> > This contains the capabilities changes for 6.19.
> 
> This email was in my spam folder.
> 
> The reason appears to be due to it being marked as "DMARC: FAIL".
> 
> I think it's simply because your mail domain doesn't have a dmarc
> policy at all, and gmail has been getting more strict about having
> both dkim and dmarc set up.
> 
> Anyway, I obviously found the email, but I thought I'd mention it,
> because while I check my spam folder fairly religiously, it's still
> mostly a pretty quick scan for possible emails. There's no guarantee I
> always notice...
> 
>            Linus

Thanks!  I set up SPF years ago, but guess I will have to figure out
DKIM.

The odd thing is, when I send emails to my own gmail account I don't see
any complaints about DKIM or DMARC, only:

ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of serge@hallyn.com designates 178.63.66.53 as permitted sender) smtp.mailfrom=serge@hallyn.com

But I'll fix it.

thanks,
-serge

Re: [GIT PULL] capabilities update for v6.19

[Linus Torvalds]

On Thu, 4 Dec 2025 at 20:43, Serge E. Hallyn <serge@hallyn.com> wrote:
>
> The odd thing is, when I send emails to my own gmail account I don't see
> any complaints about DKIM or DMARC, only:
>
> ARC-Authentication-Results: i=1; mx.google.com;
>        spf=pass (google.com: domain of serge@hallyn.com designates 178.63.66.53 as permitted sender) smtp.mailfrom=serge@hallyn.com

Yes, that's what I see the headers say too - but then in gmail if you
go to "show original", it will also say "DMARC: FAIL" at the top. So
gmail seems to internally consider "no dmarc" to be a failure.

Note that it's entirely possible that your email was marked as spam
for random other reasons, but I've seen this thing before with other
cases that don't do the full dkim and dmarc setup. So I think it just
raises the likelihood of email being marked as spam.

             Linus