Linux Containers

• Thread Index

• Re: fanotify sb/mount watch inside userns (Was: [PATCH RFC] : fhandle: relax open_by_handle_at() permission checks)
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: CFP for the containers and checkpoint-restore micro-conference at LPC 2024 mailing/containers
  • From: Enrico Bravi <enrico.bravi@xxxxxxxxxxxxxxx>
• Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps
  • From: Jarkko Sakkinen <jarkko.sakkinen@xxxxxx>
• Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps
  • From: Jarkko Sakkinen <jarkko.sakkinen@xxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: "Dr. Greg" <greg@xxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH v2 0/4] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 0/4] Introduce user namespace capabilities
  • From: Josef Bacik <josef@xxxxxxxxxxxxxx>
• Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH v2 3/4] capabilities: Add sysctl to mask off userns caps
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH v2 1/4] capabilities: Add user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH v2 0/4] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• CFP for the containers and checkpoint-restore micro-conference at LPC 2024 mailing/containers
  • From: Stéphane Graber <stgraber@xxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: Tycho Andersen <tycho@tycho.pizza>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH 2/3] capabilities: add securebit for strict userns caps
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Serge Hallyn <serge@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: John Johansen <john.johansen@xxxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 0/3] Introduce user namespace capabilities
  • From: Ben Boeckel <me@xxxxxxxxxxxxxx>
• Re: [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 2/3] capabilities: add securebit for strict userns caps
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• Re: [PATCH 1/3] capabilities: user namespace capabilities
  • From: "Jarkko Sakkinen" <jarkko@xxxxxxxxxx>
• [PATCH 3/3] capabilities: add cap userns sysctl mask
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH 2/3] capabilities: add securebit for strict userns caps
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH 1/3] capabilities: user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [PATCH 0/3] Introduce user namespace capabilities
  • From: Jonathan Calmels <jcalmels@xxxxxxxx>
• [RESEND PATCH v3 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RESEND PATCH v3 3/3] sysctl: Allow to change limits for posix messages queues
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RESEND PATCH v3 2/3] docs: Add information about ipc sysctls limitations
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RESEND PATCH v3 0/3] Allow to change ipc/mq sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [External] Re: [PATCH] pid_ns: support pidns switching between sibling
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [External] Re: [PATCH] pid_ns: support pidns switching between sibling
  • From: yunhui cui <cuiyunhui@xxxxxxxxxxxxx>
• Re: [External] Re: [PATCH] pid_ns: support pidns switching between sibling
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [External] Re: [PATCH] pid_ns: support pidns switching between sibling
  • From: yunhui cui <cuiyunhui@xxxxxxxxxxxxx>
• Re: [External] Re: [PATCH] pid_ns: support pidns switching between sibling
  • From: yunhui cui <cuiyunhui@xxxxxxxxxxxxx>
• Re: [PATCH] pid_ns: support pidns switching between sibling
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: Daniel Walsh <dwalsh@xxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: Akihiro Suda <suda.kyoto@xxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH linux 3/3] userns: add sysctl "kernel.userns_group_range"
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH linux 2/3] group_range: allow GID from 2147483648 to 4294967294
  • From: ~akihirosuda <akihirosuda@xxxxxxxxx>
• [PATCH linux 1/3] net/ipv4: split group_range logic to kernel/group_range.c
  • From: ~akihirosuda <akihirosuda@xxxxxxxxx>
• [PATCH linux 0/3] [PATCH] userns: add sysctl "kernel.userns_group_range"
  • From: ~akihirosuda <akihirosuda@xxxxxxxxx>
• [PATCH linux 3/3] userns: add sysctl "kernel.userns_group_range"
  • From: ~akihirosuda <akihirosuda@xxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Jan Kiszka <jan.kiszka@xxxxxxxxxxx>
• Re: [PATCH v15 01/26] securityfs: rework dentry creation
  • From: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
• [PATCH v15 17/26] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 26/26] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 24/26] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 25/26] ima: Restrict informational audit messages to init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 19/26] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 22/26] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 23/26] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 21/26] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 20/26] ima: Remove unused iints from the integrity_iint_cache
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 16/26] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 18/26] integrity: Add optional callback function to integrity_inode_free()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 01/26] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 14/26] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 09/26] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 10/26] ima: Switch to lazy lsm policy updates for better performance
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 08/26] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 02/26] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 05/26] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v15 06/26] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [RFC PATCH v1 0/6] proc: Add allowlist for procfs files
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH v1 0/6] proc: Add allowlist for procfs files
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH v1 0/6] proc: Add allowlist for procfs files
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH v1 2/6] proc: Add allowlist to control access to procfs files
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH v1 0/6] proc: Add allowlist for procfs files
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [RFC PATCH v1 2/6] proc: Add allowlist to control access to procfs files
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 2/6] proc: Add allowlist to control access to procfs files
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH v1 0/6] proc: Add allowlist for procfs files
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• [RFC PATCH v1 4/6] proc: Allow to use the allowlist filter in userns
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v1 1/6] proc: Fix separator for subset option
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v1 3/6] proc: Check that subset= option has been set
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v1 0/6] proc: Add allowlist for procfs files
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v1 5/6] proc: Validate incoming allowlist
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v1 2/6] proc: Add allowlist to control access to procfs files
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v1 6/6] doc: proc: Add description of subset=allowlist
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v3 3/3] docs: Add information about ipc sysctls limitations
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v3 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v3 2/3] sysctl: Allow to change limits for posix messages queues
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v3 0/3] Allow to change ipc/mq sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v2 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v14 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v2 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v2 0/3] Allow to change ipc/mq sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v2 3/3] docs: Add information about ipc sysctls limitations
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v2 2/3] sysctl: Allow to change limits for posix messages queues
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v1 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v1 2/3] sysctl: Allow to change limits for posix messages queues
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v1 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v1 3/3] docs: Add information about ipc sysctls limitations
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v14 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v14 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v14 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v14 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v14 05/26] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 10/26] ima: Switch to lazy lsm policy updates for better performance
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 23/26] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 26/26] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 17/26] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 25/26] ima: Restrict informational audit messages to init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 18/26] integrity: Add optional callback function to integrity_inode_free()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 20/26] ima: Remove unused iints from the integrity_iint_cache
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 08/26] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 21/26] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 02/26] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 01/26] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 22/26] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 19/26] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 16/26] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 09/26] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 06/26] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 14/26] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 24/26] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v14 12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v1 3/3] docs: Add information about ipc sysctls limitations
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v1 2/3] sysctl: Allow to change limits for posix messages queues
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v1] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v1 1/3] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v1] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v2 3/4] seccomp: Support atomic "addfd + send reply"
  • From: Robin Naccari <robianna1973@xxxxxxxxxx>
• Re: [RFC PATCH 0/2] Keyagents: another call_usermodehelper approach for namespaces
  • From: "Benjamin Coddington" <bcodding@xxxxxxxxxx>
• [PATCH v1] sysctl: Allow change system v ipc sysctls inside ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH 0/2] Keyagents: another call_usermodehelper approach for namespaces
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• [PATCH v13 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 18/26] integrity: Add optional callback function to integrity_inode_free()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 17/26] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 22/26] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 20/26] ima: Remove unused iints from the integrity_iint_cache
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 09/26] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 23/26] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 06/26] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 05/26] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 14/26] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 19/26] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 10/26] ima: Switch to lazy lsm policy updates for better performance
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 25/26] ima: Restrict informational audit messages to init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 26/26] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 08/26] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 16/26] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 24/26] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 21/26] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 01/26] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v13 02/26] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 02/26] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH] ipc: Free mq_sysctls if ipc namespace creation failed
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• [PATCH] ipc: Free mq_sysctls if ipc namespace creation failed
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH 2/4] sysctl: ipc: Do not use dynamic memory
  • From: Luis Chamberlain <mcgrof@xxxxxxxxxx>
• Re: [RFC PATCH 0/4] API extension for handling sysctl
  • From: Luis Chamberlain <mcgrof@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [GIT PULL] ipc: per namespace ipc sysctl changes for v5.19
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [GIT PULL] ipc: per namespace ipc sysctl changes for v5.19
  • From: pr-tracker-bot@xxxxxxxxxx
• Re: [GIT PULL] ipc: per namespace ipc sysctl changes for v5.19
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• [GIT PULL] ipc: per namespace ipc sysctl changes for v5.19
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [RFC PATCH 1/4] sysctl: API extension for handling sysctl
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH 1/4] sysctl: API extension for handling sysctl
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 1/4] sysctl: API extension for handling sysctl
  • From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
• Re: [RFC PATCH 1/4] sysctl: API extension for handling sysctl
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 1/4] sysctl: API extension for handling sysctl
  • From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
• Re: [RFC PATCH 2/4] sysctl: ipc: Do not use dynamic memory
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH 2/4] sysctl: ipc: Do not use dynamic memory
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/4] sysctl: ipc: Do not use dynamic memory
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [RFC PATCH 2/4] sysctl: ipc: Do not use dynamic memory
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• [RFC PATCH 2/4] sysctl: ipc: Do not use dynamic memory
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH 3/4] sysctl: userns: Do not use dynamic memory
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH 1/4] sysctl: API extension for handling sysctl
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH 0/4] API extension for handling sysctl
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH 4/4] sysctl: mqueue: Do not use dynamic memory
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v12 21/26] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 21/26] ima: Setup securityfs for IMA namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 16/26] ima: Add functions for creating and freeing of an ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Jan Kiszka <jan.kiszka@xxxxxxxxxxx>
• Re: [PATCH v12 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 23/26] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 14/26] ima: Implement hierarchical processing of file accesses
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 23/26] ima: Show owning user namespace's uid and gid when displaying policy
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 10/26] ima: Switch to lazy lsm policy updates for better performance
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 09/26] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 02/26] securityfs: Extend securityfs with namespacing support
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 02/26] securityfs: Extend securityfs with namespacing support
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 08/26] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 06/26] ima: Move measurement list related variables into ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 05/26] ima: Move ima_htable into ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 02/26] securityfs: Extend securityfs with namespacing support
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v12 01/26] securityfs: rework dentry creation
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v1 0/4] ipc: Remove extra1 field abuse to pass ipc namespace
  • From: Philip Rhoades <phil@xxxxxxxxxxxxx>
• Re: [PATCH v4 0/3] Handle seccomp notification preemption
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• [PATCH v2 2/4] ipc: Remove extra1 field abuse to pass ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v2 1/4] ipc: Use the same namespace to modify and validate
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v2 3/4] ipc: Check permissions for checkpoint_restart sysctls at open time
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v2 4/4] ipc: Remove extra braces
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v1 2/4] ipc: Use proper ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v4 3/3] selftests/seccomp: Add test for wait killable notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v4 2/3] selftests/seccomp: Refactor get_proc_stat to split out file reading code
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v4 1/3] seccomp: Add wait_killable semantic to seccomp user notifier
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• [PATCH v4 0/3] Handle seccomp notification preemption
  • From: Sargun Dhillon <sargun@xxxxxxxxx>
• Re: [PATCH v1 2/4] ipc: Use proper ipc namespace
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v1 1/4] ipc: Remove extra1 field abuse to pass ipc namespace
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v1 0/4] ipc: Remove extra1 field abuse to pass ipc namespace
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• [PATCH v1 2/4] ipc: Use proper ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v1 1/4] ipc: Remove extra1 field abuse to pass ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v1 0/4] ipc: Remove extra1 field abuse to pass ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v1 4/4] ipc: Remove extra braces
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v1 3/4] ipc: Check permissions for checkpoint_restart sysctls at open time
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v12 14/26] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 23/26] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 11/26] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 16/26] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 26/26] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 04/26] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 03/26] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 18/26] integrity: Add optional callback function to integrity_inode_free()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 19/26] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 05/26] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 25/26] ima: Restrict informational audit messages to init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 07/26] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 20/26] ima: Remove unused iints from the integrity_iint_cache
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 24/26] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 17/26] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 22/26] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 06/26] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 00/26] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 01/26] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 21/26] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 15/26] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 02/26] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 13/26] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 09/26] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 12/26] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 10/26] ima: Switch to lazy lsm policy updates for better performance
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v12 08/26] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [GIT PULL] ipc: Bind to the ipc namespace at open time.
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [GIT PULL] ipc: Bind to the ipc namespace at open time.
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• Re: [GIT PULL] ipc: Bind to the ipc namespace at open time.
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [GIT PULL] ipc: Bind to the ipc namespace at open time.
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• [GIT PULL] ipc: Bind to the ipc namespace at open time.
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v11 26/27] ima: Restrict informational audit messages to init_ima_ns
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v11 23/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v11 22/27] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 14/27] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 04/27] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 03/27] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 05/27] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 06/27] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 02/27] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 13/27] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 08/27] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 20/27] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 26/27] ima: Restrict informational audit messages to init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 09/27] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 01/27] ima: Return error code obtained from securityfs functions
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 24/27] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 23/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 21/27] ima: Remove unused iints from the integrity_iint_cache
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 07/27] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 17/27] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 19/27] integrity: Add optional callback function to integrity_inode_free()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 10/27] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 27/27] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 11/27] ima: Switch to lazy lsm policy updates for better performance
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 18/27] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 25/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v11 15/27] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Dave Chinner <david@xxxxxxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Dave Chinner <david@xxxxxxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Miklos Szeredi <miklos@xxxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re: [PATCH v2 4/6] fs: report per-mount io stats
  • From: Miklos Szeredi <miklos@xxxxxxxxxx>
• [PATCH v2 6/6] fuse: opt-in for per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• [PATCH v2 5/6] ovl: opt-in for per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• [PATCH v2 4/6] fs: report per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• [PATCH v2 3/6] fs: collect per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• [PATCH v2 2/6] fs: tidy up fs_flags definitions
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• [PATCH v2 1/6] fs: add iostats counters to struct mount
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• [PATCH v2 0/6] Generic per-mount io stats
  • From: Amir Goldstein <amir73il@xxxxxxxxx>
• Re:Re: [PATCH resend] kernel: Make taskstats available via genetlink per namespace
  • From: cgel.zte@xxxxxxxxx
• Re: [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 27/27] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v10 27/27] ima: Enable IMA namespaces
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 25/27] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 23/27] ima: Setup securityfs for IMA namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH resend] kernel: Make taskstats available via genetlink per namespace
  • From: cgel.zte@xxxxxxxxx
• Re: [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH resend] kernel: Make taskstats available via genetlink per namespace
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 17/27] ima: Add functions for creating and freeing of an ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 15/27] ima: Implement hierarchical processing of file accesses
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 14/27] userns: Add pointer to ima_namespace to user_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 13/27] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 08/27] ima: Move measurement list related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 10/27] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 09/27] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 05/27] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 05/27] ima: Define ima_namespace struct and start moving variables into it
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 07/27] ima: Move ima_htable into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [Bug 215596] New: Commit 59ec715 breaks systemd LimitNPROC with PrivateUsers
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v10 03/27] ima: Return error code obtained from securityfs functions
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• [PATCH v4 2/2] ipc: Store ipc sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v4 0/2] ipc: Store mq and ipc sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [PATCH v4 1/2] ipc: Store mqueue sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH 6/8] ucounts: Handle inc_rlimit_ucounts wrapping in fork
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH 6/8] ucounts: Handle inc_rlimit_ucounts wrapping in fork
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v10 04/27] securityfs: rework dentry creation
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 03/27] ima: Return error code obtained from securityfs functions
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 01/27] ima: Remove ima_policy file before directory
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v10 02/27] ima: Do not print policy rule with inactive LSM labels
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• [PATCH] ima: fix semicolon.cocci warnings
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v10 15/27] ima: Implement hierarchical processing of file accesses
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v10 14/27] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 02/27] ima: Do not print policy rule with inactive LSM labels
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 09/27] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 25/27] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 04/27] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 16/27] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 00/27] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 15/27] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 17/27] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 10/27] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 24/27] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 27/27] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 08/27] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 22/27] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 20/27] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 05/27] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 12/27] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 13/27] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 19/27] integrity: Add optional callback function to integrity_inode_free()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 06/27] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 07/27] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 01/27] ima: Remove ima_policy file before directory
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 23/27] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 11/27] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 18/27] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 21/27] ima: Remove unused iints from the integrity_iint_cache
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 03/27] ima: Return error code obtained from securityfs functions
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• [PATCH v10 26/27] ima: Limit number of policy rules in non-init_ima_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 04/23] securityfs: Extend securityfs with namespacing support
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 04/23] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 16/23] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 00/23] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [GIT PULL] ucount rlimit fixes for v5.17-rc2
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 09/23] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 09/23] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 08/23] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 16/23] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 10/23] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 09/23] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 08/23] ima: Move measurement list related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 06/23] ima: Move arch_policy_entry into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 10/23] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 04/23] securityfs: Extend securityfs with namespacing support
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 21/23] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 02/23] ima: Do not print policy rule with inactive LSM labels
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v9 22/23] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 08/23] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 15/23] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 11/23] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 00/23] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v9 23/23] ima: Enable IMA namespaces
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 14/23] userns: Add pointer to ima_namespace to user_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 22/23] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 22/23] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 21/23] ima: Introduce securityfs file to activate an IMA namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 20/23] ima: Setup securityfs for IMA namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 17/23] ima: Add functions for creating and freeing of an ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 13/23] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 12/23] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 00/23] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 11/23] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 15/23] ima: Implement hierarchical processing of file accesses
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 10/23] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 09/23] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 08/23] ima: Move measurement list related variables into ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 07/23] ima: Move ima_htable into ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 06/23] ima: Move arch_policy_entry into ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 05/23] ima: Define ima_namespace struct and start moving variables into it
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 02/23] ima: Do not print policy rule with inactive LSM labels
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v9 01/23] ima: Remove ima_policy file before directory
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• [PATCH v9 05/23] ima: Define ima_namespace struct and start moving variables into it
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 22/23] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 12/23] ima: Define mac_admin_ns_capable() as a wrapper for ns_capable()
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 06/23] ima: Move arch_policy_entry into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 00/23] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 18/23] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 16/23] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 23/23] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 07/23] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 13/23] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 10/23] ima: Move IMA securityfs files into ima_namespace or onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 03/23] securityfs: rework dentry creation
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 08/23] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 14/23] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 09/23] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 20/23] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 17/23] ima: Add functions for creating and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 15/23] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 04/23] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 19/23] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 21/23] ima: Introduce securityfs file to activate an IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 01/23] ima: Remove ima_policy file before directory
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 11/23] ima: Move ima_lsm_policy_notifier into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v9 02/23] ima: Do not print policy rule with inactive LSM labels
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [RFC PATCH v3 1/4] ipc: Store mqueue sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v3 4/4] ipc: Allow to modify ipc/mq sysctls if CAP_SYS_RESOURCE is present
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v3 0/4] ipc: Store mq and ipc sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v3 3/4] ipc: Merge ipc_sysctl and mq_sysctl
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• [RFC PATCH v3 2/4] ipc: Store ipc sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v8 03/19] ima: Move policy related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 05/19] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 18/19] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 07/19] ima: Move dentry into ima_namespace and others onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 07/19] ima: Move dentry into ima_namespace and others onto stack
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v8 07/19] ima: Move dentry into ima_namespace and others onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 10/19] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 18/19] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 18/19] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 13/19] ima: Add functions for creation and freeing of an ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 10/19] ima: Implement hierarchical processing of file accesses
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 03/19] ima: Move policy related variables into ima_namespace
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 08/19] ima: Use mac_admin_ns_capable() to check corresponding capability
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v8 07/19] ima: Move dentry into ima_namespace and others onto stack
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v8 05/19] ima: Move measurement list related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v8 03/19] ima: Move policy related variables into ima_namespace
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: Anders Roxell <anders.roxell@xxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: Anders Roxell <anders.roxell@xxxxxxxxxx>
• Re: [next]: LTP: getxattr05.c:97: TFAIL: unshare(CLONE_NEWUSER) failed: ENOSPC (28)
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v8 01/19] securityfs: Extend securityfs with namespacing support
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v8 01/19] securityfs: Extend securityfs with namespacing support
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
• Re: [PATCH v8 08/19] ima: Use mac_admin_ns_capable() to check corresponding capability
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v8 16/19] ima: Enable re-auditing of modified files
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v8 01/19] securityfs: Extend securityfs with namespacing support
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v8 01/19] securityfs: Extend securityfs with namespacing support
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: Manfred Spraul <manfred@xxxxxxxxxxxxxxxx>
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: Manfred Spraul <manfred@xxxxxxxxxxxxxxxx>
• [PATCH v8 19/19] ima: Enable IMA namespaces
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 15/19] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 03/19] ima: Move policy related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 04/19] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 13/19] ima: Add functions for creation and freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 17/19] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 18/19] ima: Show owning user namespace's uid and gid when displaying policy
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 12/19] userns: Add pointer to ima_namespace to user_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 16/19] ima: Enable re-auditing of modified files
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 09/19] ima: Only accept AUDIT rules for non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 08/19] ima: Use mac_admin_ns_capable() to check corresponding capability
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 11/19] ima: Implement ima_free_policy_rules() for freeing of an ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 07/19] ima: Move dentry into ima_namespace and others onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 14/19] integrity/ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 00/19] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 10/19] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 05/19] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 06/19] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 02/19] ima: Define ima_namespace structure and implement basic functions
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v8 01/19] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v2] ipc: Store mqueue sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v1] ipc: Store mqueue sysctls in the ipc namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v1] ipc: Store mqueue sysctls in the ipc namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v1] ipc: Store mqueue sysctls in the ipc namespace
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v7 10/14] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
• Re: [GIT PULL] ucount fix for v5.16-rc7
  • From: pr-tracker-bot@xxxxxxxxxx
• [GIT PULL]
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• [GIT PULL] ucount fix for v5.16-rc7
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH v3] ucounts: Split rlimit and ucount values and max values
  • From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v7 10/14] securityfs: Extend securityfs with namespacing support
  • From: kernel test robot <lkp@xxxxxxxxx>
• [RFC PATCH] securityfs: securityfs_dir_inode_operations can be static
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v3] ucounts: Split rlimit and ucount values and max values
  • From: Alexey Gladkov <legion@xxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 01/14] ima: Add IMA namespace support
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 01/14] ima: Add IMA namespace support
  • From: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v7 14/14] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxx>
• Re: [PATCH v7 10/14] securityfs: Extend securityfs with namespacing support
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 04/14] ima: Move policy related variables into ima_namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH v7 01/14] ima: Add IMA namespace support
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 14/14] ima: Setup securityfs for IMA namespace
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 10/14] securityfs: Extend securityfs with namespacing support
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH v7 14/14] ima: Setup securityfs for IMA namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v2 2/2] binfmt_misc: enable sandboxed mounts
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• [PATCH v2 1/2] binfmt_misc: cleanup on filesystem umount
  • From: Christian Brauner <brauner@xxxxxxxxxx>
• Re: [PATCH v7 14/14] ima: Setup securityfs for IMA namespace
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH v7 07/14] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 08/14] ima: Implement hierarchical processing of file accesses
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 05/14] ima: Move ima_htable into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 01/14] ima: Add IMA namespace support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 04/14] ima: Move policy related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 14/14] ima: Setup securityfs for IMA namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 12/14] ima: Use mac_admin_ns_capable() to check corresponding capability
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 02/14] ima: Define ns_status for storing namespaced iint data
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 10/14] securityfs: Extend securityfs with namespacing support
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 00/14] ima: Namespace IMA with audit support in IMA-ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 13/14] ima: Move dentry into ima_namespace and others onto stack
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 06/14] ima: Move measurement list related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 11/14] ima: Move some IMA policy and filesystem related variables into ima_namespace
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 09/14] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>
• [PATCH v7 03/14] ima: Namespace audit status flags
  • From: Stefan Berger <stefanb@xxxxxxxxxxxxxxxxxx>