Linux Containers

• Thread Index

• [PATCH v2 2/2] selftests: openat2: add RESOLVE_ conflict test
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• [PATCH v2 0/2] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• Re: [PATCH] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• Re: [PATCH] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT
  • From: Shuah Khan <skhan@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig
  • From: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page [v2]
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: For review: seccomp_user_notif(2) manual page [v2]
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page [v2]
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• For review: seccomp_user_notif(2) manual page [v2]
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: "Dr. Greg" <greg@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Steve Grubb <sgrubb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v2 2/2] selftests: add tests for CLOSE_RANGE_CLOEXEC
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [RFC][PATCH] userns: Limit process in a user namespace to what the creator is allowed
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [RFC][PATCH] userns: Limit process in a user namespace to what the creator is allowed
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• [PATCH v2 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• [PATCH v2 2/2] selftests: add tests for CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• [PATCH v2 0/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• RE: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Krzysztof Struczynski <krzysztof.struczynski@xxxxxxxxxx>
• Re: The problem of setgroups and containers
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• The problem of setgroups and containers
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: "Enrico Weigelt, metux IT consult" <lkml@xxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• RE: [PATCH 2/2] selftests: add tests for CLOSE_RANGE_CLOEXEC
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• [PATCH 2/2] selftests: add tests for CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• [PATCH 1/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• [PATCH 0/2] fs, close_range: add flag CLOSE_RANGE_CLOEXEC
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v5 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v5 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v5 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Andy Lutomirski <luto@xxxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Josh Triplett <josh@xxxxxxxxxxxxxxxx>
• [PATCH v5 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v5 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v5 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v5 seccomp 3/5] x86: Enable seccomp architecture tracking
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v5 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v5 seccomp 0/5]seccomp: Add bitmap cache of constant allow filter results
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v4 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking
  • From: Andy Lutomirski <luto@xxxxxxxxxx>
• Re: [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• [PATCH v4 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v4 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v4 seccomp 3/5] x86: Enable seccomp architecture tracking
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v4 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v4 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v4 seccomp 1/5] seccomp/cache: Lookup syscall allowlist bitmap for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Christian Brauner <christian.brauner@xxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Christian Brauner <christian.brauner@xxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Christian Brauner <christian.brauner@xxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Christian Brauner <christian.brauner@xxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH v3 seccomp 5/5] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v3 seccomp 4/5] selftests/seccomp: Compare bitmap vs filter overhead
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v3 seccomp 3/5] seccomp/cache: Lookup syscall allowlist for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v3 seccomp 2/5] seccomp/cache: Add "emulator" to check if filter is constant allow
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v3 seccomp 1/5] x86: Enable seccomp architecture tracking
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v3 seccomp 0/5] seccomp: Add bitmap cache of constant allow filter results
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: For review: seccomp_user_notif(2) manual page
  • From: Tycho Andersen <tycho@tycho.pizza>
• For review: seccomp_user_notif(2) manual page
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: Use cases for multiple uid mapping?
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Tianyin Xu <tyxu@xxxxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Andrea Arcangeli <aarcange@xxxxxxxxxx>
• Re: Use cases for multiple uid mapping?
  • From: Alban Crequy <alban.crequy@xxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• RE: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• RE: [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH v2 seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v2 seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v2 seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v2 seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v2 seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v2 seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH v2 seccomp 0/6] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• RE: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH seccomp 5/6] selftests/seccomp: Compare bitmap vs filter overhead
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH seccomp 3/6] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH seccomp 6/6] seccomp/cache: Report cache data through /proc/pid/seccomp_cache
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH seccomp 4/6] seccomp/cache: Lookup syscall allowlist for fast path
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH seccomp 2/6] asm/syscall.h: Add syscall_arches[] array
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH seccomp 0/6] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [PATCH seccomp 1/6] seccomp: Move config option SECCOMP to arch/Kconfig
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 2/6] x86: Enable seccomp architecture tracking
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 1/6] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 2/6] x86: Enable seccomp architecture tracking
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 1/6] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH 3/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 5/6] selftests/seccomp: Compare bitmap vs filter overhead
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v1 0/6] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 6/6] [DEBUG] seccomp: Report bitmap coverage ranges
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 1/6] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 2/6] x86: Enable seccomp architecture tracking
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 4/6] seccomp: Emulate basic filters for constant action results
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• RE: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: "Hubertus Franke" <frankeh@xxxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• Re: [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [RFC PATCH seccomp 1/2] seccomp/cache: Add "emulator" to check if filter is arg-dependent
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• [RFC PATCH seccomp 2/2] seccomp/cache: Cache filter results that allow syscalls
  • From: YiFei Zhu <zhuyifei1999@xxxxxxxxx>
• intel/AMD Mini PC iPC, 28 solution options
  • From: Tys <tys@xxxxxxxxxxxxxx>
• RE: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Krzysztof Struczynski <krzysztof.struczynski@xxxxxxxxxx>
• RE: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Krzysztof Struczynski <krzysztof.struczynski@xxxxxxxxxx>
• intel/AMD Mini PC iPC, 28 solution options
  • From: Tys <tys@xxxxxxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Evgeniy Polyakov <zbr@xxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: "Dr. Greg" <greg@xxxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Luke Hinds <lhinds@xxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: "Dr. Greg" <greg@xxxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: "Dr. Greg" <greg@xxxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: Use cases for multiple uid mapping?
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: Use cases for multiple uid mapping?
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: Per user rlimits
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: Per user rlimits
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• Re: Per user rlimits
  • From: Aleksa Sarai <asarai@xxxxxxx>
• LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: Overlayfs @Plumbers
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: Overlayfs @Plumbers
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: Overlayfs @Plumbers
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• Re: Use cases for multiple uid mapping?
  • From: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>
• Re: Overlayfs @Plumbers
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: Per user rlimits
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Per user rlimits
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: Containers Digest, Vol 169, Issue 34
  • From: Esther Faride Chau Durazo <takpkyra666@xxxxxxxxx>
• Re: Use cases for multiple uid mapping?
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: Overlayfs @Plumbers
  • From: Aleksa Sarai <asarai@xxxxxxx>
• Re: Use cases for multiple uid mapping?
  • From: Stéphane Graber via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: Overlayfs @Plumbers
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Use cases for multiple uid mapping?
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH] MAINTAINERS: add namespace entry
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• Re: [PATCH] MAINTAINERS: add namespace entry
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH] MAINTAINERS: add namespace entry
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH] MAINTAINERS: add namespace entry
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Overlayfs @Plumbers
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 02/13] audit: add container id
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 08/13] audit: add containerid support for user records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• RE: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Krzysztof Struczynski <krzysztof.struczynski@xxxxxxxxxx>
• RE: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Krzysztof Struczynski <krzysztof.struczynski@xxxxxxxxxx>
• RE: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Krzysztof Struczynski <krzysztof.struczynski@xxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [RFC PATCH 30/30] ima: Set ML template per ima namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 29/30] ima: Add dummy boot aggregate to per ima namespace measurement list
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 28/30] ima: Load per ima namespace x509 certificate
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 27/30] integrity: Add key domain tag to the search criteria
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 26/30] ima: Add key domain to the ima namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 25/30] keys: Allow to set key domain tag separately from the key type
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 24/30] keys: Include key domain tag in the iterative search
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 23/30] keys: Add domain tag to the keyring search criteria
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 22/30] ima: Remap IDs of subject based rules if necessary
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 20/30] ima: Parse per ima namespace policy file
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 21/30] user namespace: Add function that checks if the UID map is defined
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 19/30] ima: Configure the new ima namespace from securityfs
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 18/30] ima: Change the owning user namespace of the ima namespace if necessary
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 17/30] ima: Add the violation counter to the namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 16/30] ima: Extend permissions to the ima securityfs entries
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 15/30] ima: Add a reader counter to the integrity inode data
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 14/30] ima: Add per namespace view of the measurement list
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 13/30] ima: Add a new ima template that includes namespace ID
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 12/30] ima: Check ima namespace ID during digest entry lookup
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 10/30] ima: Add ima namespace ID to the ima ML related structures
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 11/30] ima: Keep track of the measurment list per ima namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 09/30] ima: Enable per ima namespace policy settings
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 06/30] ima: Add ima namespace to the ima subsystem APIs
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 08/30] ima: Add integrity inode related data to the ima namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 07/30] ima: Extend the APIs in the integrity subsystem
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 05/30] ima: Add methods for parsing ima policy configuration string
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 01/30] ima: Introduce ima namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 04/30] ima: Add ima policy related data to the ima namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 03/30] ima: Bind ima namespace to the file descriptor
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 02/30] ima: Add a list of the installed ima namespaces
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• [RFC PATCH 00/30] ima: Introduce IMA namespace
  • From: <krzysztof.struczynski@xxxxxxxxxx>
• Re: OverlaysFS offline tools
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH v7 3/9] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v7 3/9] net/scm: Regularize compat handling of scm_detach_fds()
  • From: John Stultz <john.stultz@xxxxxxxxxx>
• Re: [PATCH v7 3/9] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v7 3/9] net/scm: Regularize compat handling of scm_detach_fds()
  • From: John Stultz <john.stultz@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 02/13] audit: add container id
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 10/13] audit: add support for containerid to network namespaces
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [RFC PATCH 0/5] keys: Security changes, ACLs and Container keyring
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH ghak90 V9 08/13] audit: add containerid support for user records
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [RFC PATCH 5/5] keys: Implement a 'container' keyring
  • From: David Howells <dhowells@xxxxxxxxxx>
• [RFC PATCH 4/5] keys: Split the search perms between KEY_NEED_USE and KEY_NEED_SEARCH
  • From: David Howells <dhowells@xxxxxxxxxx>
• [RFC PATCH 3/5] keys: Provide KEYCTL_GRANT_PERMISSION
  • From: David Howells <dhowells@xxxxxxxxxx>
• [RFC PATCH 2/5] keys: Replace uid/gid/perm permissions checking with an ACL
  • From: David Howells <dhowells@xxxxxxxxxx>
• [RFC PATCH 1/5] keys: Move permissions checking decisions into the checking code
  • From: David Howells <dhowells@xxxxxxxxxx>
• [RFC PATCH 0/5] keys: Security changes, ACLs and Container keyring
  • From: David Howells <dhowells@xxxxxxxxxx>
• Re: [PATCH v7 8/9] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Will Drewry <wad@xxxxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Matt Bennett <Matt.Bennett@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Aleksa Sarai <cyphar@xxxxxxxxxx>
• Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH v7 1/9] net/compat: Add missing sock updates for SCM_RIGHTS
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 2/9] pidfd: Add missing sock updates for pidfd_getfd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v7 2/9] pidfd: Add missing sock updates for pidfd_getfd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v7 2/9] pidfd: Add missing sock updates for pidfd_getfd()
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH v7 8/9] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 9/9] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 6/9] pidfd: Replace open-coded receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 7/9] fs: Expand __receive_fd() to accept existing fd
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 5/9] fs: Add receive_fd() wrapper for __receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 1/9] net/compat: Add missing sock updates for SCM_RIGHTS
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 4/9] fs: Move __scm_install_fd() to __receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 3/9] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 0/9] Add seccomp notifier ioctl that enables adding fds
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v7 2/9] pidfd: Add missing sock updates for pidfd_getfd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v6 6/7] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 4/7] pidfd: Replace open-coded partial receive_fd()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 4/7] pidfd: Replace open-coded partial receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v6 6/7] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v6 5/7] fs: Expand __receive_fd() to accept existing fd
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v6 4/7] pidfd: Replace open-coded partial receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v6 3/7] fs: Add receive_fd() wrapper for __receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v6 1/7] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v6 6/7] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 5/7] fs: Expand __receive_fd() to accept existing fd
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 4/7] pidfd: Replace open-coded partial receive_fd()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 3/7] fs: Add receive_fd() wrapper for __receive_fd()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 2/7] fs: Move __scm_install_fd() to __receive_fd()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 1/7] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v6 3/7] fs: Add receive_fd() wrapper for __receive_fd()
  • From: Christoph Hellwig <hch@xxxxxx>
• Re: [PATCH v6 2/7] fs: Move __scm_install_fd() to __receive_fd()
  • From: Christoph Hellwig <hch@xxxxxx>
• Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH v6 6/7] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 5/7] fs: Expand __receive_fd() to accept existing fd
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 3/7] fs: Add receive_fd() wrapper for __receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 7/7] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 4/7] pidfd: Replace open-coded partial receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 2/7] fs: Move __scm_install_fd() to __receive_fd()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 1/7] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v6 0/7] Add seccomp notifier ioctl that enables adding fds
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v5 4/7] pidfd: Replace open-coded partial fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v5 4/7] pidfd: Replace open-coded partial fd_install_received()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v5 4/7] pidfd: Replace open-coded partial fd_install_received()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v5 4/7] pidfd: Replace open-coded partial fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v5 4/7] pidfd: Replace open-coded partial fd_install_received()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Matt Bennett <Matt.Bennett@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Matt Bennett <Matt.Bennett@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 08/13] audit: add containerid support for user records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 10/13] audit: add support for containerid to network namespaces
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 13/13] audit: add capcontid to set contid outside init_user_ns
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 12/13] audit: track container nesting
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 07/13] audit: add support for non-syscall auxiliary records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 04/13] audit: log drop of contid on exit of last task
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 02/13] audit: add container id
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 01/13] audit: collect audit task parameters
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 02/13] audit: add container id
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH ghak90 V9 02/13] audit: add container id
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Virtual Linux Plumbers 2020, 24-28 August: Containers and Checkpoint/Restore microconference CFP Open until 20 July
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Aleksa Sarai <asarai@xxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH 0/5] RFC: connector: Add network namespace awareness
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• [PATCH ghau51/ghau40 v9 11/11] libaudit: add support to get and set capcontid on a task
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 10/11] ausearch: convert contid to comma-sep/carrat-mod cnode/clist
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 09/11] contid: interpret correctly CONTAINER_ID contid field csv
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 08/11] add support for audit_signal_info2
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 07/11] signal_info: only print context if it is available.
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 04/11] add ausearch containerid support
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 06/11] libaudit: add support to get the task audit container identifier
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 01/11] AUDIT_CONTAINER_OP message type basic support
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 00/11] add support for audit container identifier
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 03/11] auditctl: add support for AUDIT_CONTID filter
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 02/11] AUDIT_CONTAINER_ID message type basic support
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghau51/ghau40 v9 05/11] start normalization containerid support
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 13/13] audit: add capcontid to set contid outside init_user_ns
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 12/13] audit: track container nesting
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 10/13] audit: add support for containerid to network namespaces
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 09/13] audit: add containerid filtering
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 08/13] audit: add containerid support for user records
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 07/13] audit: add support for non-syscall auxiliary records
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 05/13] audit: log container info of syscalls
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 04/13] audit: log drop of contid on exit of last task
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 03/13] audit: read container ID of a process
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 02/13] audit: add container id
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 01/13] audit: collect audit task parameters
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH ghak90 V9 00/13] audit: implement container identifier
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v4 2/3] nsproxy: attach to namespaces via pidfds
  • From: Michal Koutný <mkoutny@xxxxxxxx>
• Re: [PATCH v4 2/3] nsproxy: attach to namespaces via pidfds
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v4 2/3] nsproxy: attach to namespaces via pidfds
  • From: Michal Koutný <mkoutny@xxxxxxxx>
• Virtual Linux Plumbers 2020 (24-28 August): Containers and Checkpoint/Restore microconference CFP Open until 20 July
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• RE: [PATCH v5 3/7] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v4 00/11] Add seccomp notifier ioctl that enables adding fds
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v5 3/7] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• RE: [PATCH v4 03/11] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3] seccomp: Add find_notification helper
  • From: Nathan Chancellor <natechancellor@xxxxxxxxx>
• Re: [PATCH v5 3/7] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3] seccomp: Add find_notification helper
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v5 6/7] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 5/7] fs: Expand __fd_install_received() to accept fd
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 7/7] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 1/7] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 0/7] Add seccomp notifier ioctl that enables adding fds
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 2/7] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 4/7] pidfd: Replace open-coded partial fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v5 3/7] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v3] seccomp: Add find_notification helper
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3] seccomp: Add find_notification helper
  • From: Nathan Chancellor <natechancellor@xxxxxxxxx>
• Re: [PATCH v4 03/11] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• RE: [PATCH v4 03/11] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Andy Lutomirski <luto@xxxxxxxxxx>
• RE: [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 6/8] x86: Provide API for local kernel TLB flushing
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
• Re: [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps
  • From: Andy Lutomirski <luto@xxxxxxxxxx>
• Re: [PATCH 6/8] x86: Provide API for local kernel TLB flushing
  • From: Andy Lutomirski <luto@xxxxxxxxxx>
• Re: [PATCH v4 10/11] seccomp: Switch addfd to Extensible Argument ioctl
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v4 10/11] seccomp: Switch addfd to Extensible Argument ioctl
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 08/11] selftests/seccomp: Make kcmp() less required
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 08/11] selftests/seccomp: Make kcmp() less required
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v4 09/11] selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall()
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v4 10/11] seccomp: Switch addfd to Extensible Argument ioctl
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Dave Hansen <dave.hansen@xxxxxxxxx>
• Re: [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• [PATCH 8/8] [DEBUG] seccomp: Report bitmap coverage ranges
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 4/8] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 6/8] x86: Provide API for local kernel TLB flushing
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 7/8] x86: Enable seccomp constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 5/8] selftests/seccomp: Compare bitmap vs filter overhead
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 2/8] seccomp: Use pr_fmt
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [RFC][PATCH 0/8] seccomp: Implement constant action bitmaps
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 3/8] seccomp: Introduce SECCOMP_PIN_ARCHITECTURE
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH 1/8] selftests/seccomp: Improve calibration loop
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [RFC PATCH] seccomp: Add extensibility mechanism to read notifications
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v4 10/11] seccomp: Switch addfd to Extensible Argument ioctl
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 06/11] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 08/11] selftests/seccomp: Make kcmp() less required
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 05/11] fs: Expand __fd_install_received() to accept fd
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 11/11] seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 07/11] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 01/11] net/scm: Regularize compat handling of scm_detach_fds()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 09/11] selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 04/11] pidfd: Replace open-coded partial fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 00/11] Add seccomp notifier ioctl that enables adding fds
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 03/11] fs: Add fd_install_received() wrapper for __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received()
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [RFC PATCH] seccomp: Add extensibility mechanism to read notifications
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 3/4] nsproxy: attach to namespaces via pidfds
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [RFC PATCH] seccomp: Add extensibility mechanism to read notifications
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v2 3/4] nsproxy: attach to namespaces via pidfds
  • From: "Michael Kerrisk (man-pages)" <mtk.manpages@xxxxxxxxx>
• Re: [RFC PATCH] seccomp: Add extensibility mechanism to read notifications
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• [RFC PATCH] seccomp: Add extensibility mechanism to read notifications
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: OverlaysFS offline tools
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: OverlaysFS offline tools
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries
  • From: Alexey Gladkov <gladkov.alexey@xxxxxxxxx>
• Re: OverlaysFS offline tools
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: OverlaysFS offline tools
  • From: Vivek Goyal <vgoyal@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: OverlaysFS offline tools
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries
  • From: Alexey Gladkov <gladkov.alexey@xxxxxxxxx>
• Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries
  • From: Alexey Gladkov <gladkov.alexey@xxxxxxxxx>
• Virtual Linux Plumbers 2020: Containers and Checkpoint/Restore microconference CFP Open until 20 July
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: David Laight <David.Laight@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds
  • From: Robert Sesek via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: seccomp feature development
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v3 4/4] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v3 3/4] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v3 2/4] pid: Use file_receive helper to copy FDs
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 3/4] seccomp: notify about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 4/4] tests: test seccomp filter notifications
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 3/4] seccomp: notify about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v3 2/4] seccomp: release filter after task is fully dead
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3 1/4] seccomp: rename "usage" to "refs" and document
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v3] seccomp: Add find_notification helper
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v3] seccomp: Add find_notification helper
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v3 3/4] seccomp: notify about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [PATCH v3 1/4] seccomp: rename "usage" to "refs" and document
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [PATCH v3 2/4] seccomp: release filter after task is fully dead
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [PATCH v3 4/4] tests: test seccomp filter notifications
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v2 1/3] seccomp: Add find_notification helper
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 3/3] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 3/3] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v2 3/3] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v2 1/3] seccomp: Add find_notification helper
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 0/3] Add seccomp notifier ioctl that enables adding fds
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v2 3/3] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Tycho Andersen <tycho@xxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/3] seccomp: Add find_notification helper
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Giuseppe Scrivano <gscrivan@xxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/2] tests: test seccomp filter notifications
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 3/3] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 1/3] seccomp: Add find_notification helper
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/2] tests: test seccomp filter notifications
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v2 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [PATCH v2 2/2] tests: test seccomp filter notifications
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• [PATCH v2 0/3] Add seccomp notifier ioctl that enables adding fds
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v2 1/3] seccomp: Add find_notification helper
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v2 3/3] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v2 2/3] seccomp: Introduce addfd ioctl to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Jann Horn via Containers <containers@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 1/2] seccomp: notify user trap about unused filter
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>