Linux Containers

Date Index

[PATCH v6 02/17] ima: Define ns_status for storing namespaced iint data, (continued)
- [PATCH v6 02/17] ima: Define ns_status for storing namespaced iint data, Stefan Berger
  - Re: [PATCH v6 02/17] ima: Define ns_status for storing namespaced iint data, Mimi Zohar
    - Re: [PATCH v6 02/17] ima: Define ns_status for storing namespaced iint data, Stefan Berger
      - Re: [PATCH v6 02/17] ima: Define ns_status for storing namespaced iint data, Mimi Zohar
        
        Re: [PATCH v6 02/17] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [PATCH v6 07/17] ima: Move ima_htable into ima_namespace, Stefan Berger
- [PATCH v6 11/17] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Stefan Berger
- [PATCH v6 13/17] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [PATCH v6 17/17] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [PATCH v6 17/17] ima: Setup securityfs for IMA namespace, Mimi Zohar
    - Re: [PATCH v6 17/17] ima: Setup securityfs for IMA namespace, Stefan Berger
- [PATCH v6 08/17] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [PATCH v6 14/17] ima: Tie opened SecurityFS files to the IMA namespace it belongs to, Stefan Berger
  - Re: [PATCH v6 14/17] ima: Tie opened SecurityFS files to the IMA namespace it belongs to, Christian Brauner
    - Re: [PATCH v6 14/17] ima: Tie opened SecurityFS files to the IMA namespace it belongs to, Stefan Berger
- [PATCH v6 01/17] ima: Add IMA namespace support, Stefan Berger
  - Re: [PATCH v6 01/17] ima: Add IMA namespace support, Stefan Berger
    - Re: [PATCH v6 01/17] ima: Add IMA namespace support, Mimi Zohar
  - Re: [PATCH v6 01/17] ima: Add IMA namespace support, Mimi Zohar
    - Re: [PATCH v6 01/17] ima: Add IMA namespace support, Stefan Berger
- [PATCH v6 15/17] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
  - Re: [PATCH v6 15/17] ima: Use mac_admin_ns_capable() to check corresponding capability, Serge E. Hallyn
    - Re: [PATCH v6 15/17] ima: Use mac_admin_ns_capable() to check corresponding capability, James Bottomley
      - Re: [PATCH v6 15/17] ima: Use mac_admin_ns_capable() to check corresponding capability, Serge E. Hallyn
        
        Re: [PATCH v6 15/17] ima: Use mac_admin_ns_capable() to check corresponding capability, James Bottomley
- [PATCH v6 16/17] ima: Move dentry into ima_namespace and others onto stack, Stefan Berger
- [PATCH v6 06/17] ima: Move policy related variables into ima_namespace, Stefan Berger
  - Re: [PATCH v6 06/17] ima: Move policy related variables into ima_namespace, Stefan Berger
- [PATCH v6 10/17] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [PATCH v6 09/17] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [PATCH v6 04/17] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [PATCH v6 03/17] ima: Namespace audit status flags, Stefan Berger
  - Re: [PATCH v6 03/17] ima: Namespace audit status flags, Mimi Zohar
    - Re: [PATCH v6 03/17] ima: Namespace audit status flags, Stefan Berger
      - Re: [PATCH v6 03/17] ima: Namespace audit status flags, Mimi Zohar
- [PATCH v6 12/17] securityfs: Extend securityfs with namespacing support, Stefan Berger
  - Re: [PATCH v6 12/17] securityfs: Extend securityfs with namespacing support, Christian Brauner
    - Re: [PATCH v6 12/17] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [PATCH v6 05/17] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
[PATCH v5 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [PATCH v5 02/16] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [PATCH v5 04/16] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
  - Re: [PATCH v5 04/16] ima: Move delayed work queue and variables into ima_namespace, Christian Brauner
    - Re: [PATCH v5 04/16] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [PATCH v5 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Stefan Berger
- [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
  - Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Christian Brauner
    - Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Christian Brauner
      - Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Christian Brauner
      - Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, James Bottomley
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, James Bottomley
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Mimi Zohar
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Mimi Zohar
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, James Bottomley
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Mimi Zohar
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Mimi Zohar
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, James Bottomley
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Mimi Zohar
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, James Bottomley
        
        Re: [PATCH v5 15/16] ima: Move dentries into ima_namespace, Christian Brauner
- [PATCH v5 12/16] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [PATCH v5 05/16] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [PATCH v5 07/16] ima: Move ima_htable into ima_namespace, Stefan Berger
  - Re: [PATCH v5 07/16] ima: Move ima_htable into ima_namespace, kernel test robot
- [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
  - RE: [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Denis Semakin
    - Re: [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, James Bottomley
  - RE: [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Denis Semakin
    - Re: [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Serge E. Hallyn
      - Re: [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
        
        Re: [PATCH v5 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, James Bottomley
- [PATCH v5 08/16] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [PATCH v5 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [PATCH v5 03/16] ima: Namespace audit status flags, Stefan Berger
- [PATCH v5 01/16] ima: Add IMA namespace support, Stefan Berger
  - Re: [PATCH v5 01/16] ima: Add IMA namespace support, kernel test robot
  - Re: [PATCH v5 01/16] ima: Add IMA namespace support, kernel test robot
  - Re: [PATCH v5 01/16] ima: Add IMA namespace support, kernel test robot
  - Re: [PATCH v5 01/16] ima: Add IMA namespace support, kernel test robot
- [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
  - Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
    - Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
    - Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
      - Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, James Bottomley
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
        
        Re: [PATCH v5 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Christian Brauner
- [PATCH v5 09/16] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [PATCH v5 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
- [PATCH v5 06/16] ima: Move policy related variables into ima_namespace, Stefan Berger
[PATCH v4 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [PATCH v4 01/16] ima: Add IMA namespace support, Stefan Berger
  - Re: [PATCH v4 01/16] ima: Add IMA namespace support, Christian Brauner
    - Re: [PATCH v4 01/16] ima: Add IMA namespace support, Christian Brauner
      - Re: [PATCH v4 01/16] ima: Add IMA namespace support, Stefan Berger
- [PATCH v4 03/16] ima: Namespace audit status flags, Stefan Berger
- [PATCH v4 04/16] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [PATCH v4 02/16] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [PATCH v4 05/16] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [PATCH v4 06/16] ima: Move policy related variables into ima_namespace, Stefan Berger
- [PATCH v4 07/16] ima: Move ima_htable into ima_namespace, Stefan Berger
- [PATCH v4 08/16] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [PATCH v4 09/16] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
  - Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Christian Brauner
    - Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Christian Brauner
      - Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
        
        Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
        
        Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Mimi Zohar
        
        Re: [PATCH v4 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Stefan Berger
  - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Christian Brauner
    - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Stefan Berger
  - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Christian Brauner
  - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, Jarkko Sakkinen
    - Re: [PATCH v4 11/16] securityfs: Only use simple_pin_fs/simple_release_fs for init_user_ns, James Bottomley
- [PATCH v4 12/16] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [PATCH v4 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [PATCH v4 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
  - Re: [PATCH v4 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Christian Brauner
- [PATCH v4 15/16] ima: Move dentries into ima_namespace, Stefan Berger
- [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
    - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
    - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, James Bottomley
      - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
    - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
      - Re: [PATCH v4 16/16] ima: Setup securityfs for IMA namespace, Christian Brauner
[PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [PATCH v3 10/16] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [PATCH v3 08/16] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [PATCH v3 09/16] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [PATCH v3 11/16] securityfs: Move vfsmount into user_namespace, Stefan Berger
- [PATCH v3 02/16] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [PATCH v3 15/16] ima: Move dentries into ima_namespace, Stefan Berger
- [PATCH v3 03/16] ima: Namespace audit status flags, Stefan Berger
- [PATCH v3 16/16] ima: Setup securityfs for IMA namespace, Stefan Berger
- [PATCH v3 13/16] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [PATCH v3 01/16] ima: Add IMA namespace support, Stefan Berger
- [PATCH v3 05/16] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [PATCH v3 14/16] ima: Use mac_admin_ns_capable() to check corresponding capability, Stefan Berger
- [PATCH v3 12/16] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [PATCH v3 06/16] ima: Move policy related variables into ima_namespace, Stefan Berger
- [PATCH v3 07/16] ima: Move ima_htable into ima_namespace, Stefan Berger
- [PATCH v3 04/16] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
  - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
  - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Christian Brauner
    - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
      - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
        
        Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Casey Schaufler
        
        Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
    - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, James Bottomley
- Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Christian Brauner
  - Re: [PATCH v3 00/16] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
[RFC v2 00/19] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [RFC v2 02/19] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [RFC v2 01/19] ima: Add IMA namespace support, Stefan Berger
- [RFC v2 04/19] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [RFC v2 06/19] ima: Move policy related variables into ima_namespace, Stefan Berger
- [RFC v2 03/19] ima: Namespace audit status flags, Stefan Berger
- [RFC v2 07/19] ima: Move ima_htable into ima_namespace, Stefan Berger
- [RFC v2 09/19] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [RFC v2 11/19] securityfs: Prefix global variables with securityfs_, Stefan Berger
- [RFC v2 12/19] securityfs: Pass static variables as parameters from top level functions, Stefan Berger
- [RFC v2 10/19] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [RFC v2 13/19] securityfs: Extend securityfs with namespacing support, Stefan Berger
- [RFC v2 08/19] ima: Move measurement list related variables into ima_namespace, Stefan Berger
- [RFC v2 14/19] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [RFC v2 16/19] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
- [RFC v2 15/19] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
  - Re: [RFC v2 15/19] capabilities: Introduce CAP_INTEGRITY_ADMIN, Casey Schaufler
    - Re: [RFC v2 15/19] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
- [RFC v2 17/19] userns: Introduce a refcount variable for calling early teardown function, Stefan Berger
- [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
  - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
    - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
      - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Stefan Berger
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Casey Schaufler
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
      - Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, Christian Brauner
        
        Re: [RFC v2 19/19] ima: Setup securityfs for IMA namespace, James Bottomley
- [RFC v2 05/19] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [RFC v2 18/19] ima/userns: Define early teardown function for IMA namespace, Stefan Berger
[RFC v2 0/3] Namespace IMA log entries, James Bottomley
- [RFC v2 1/3] userns: add ima_ns_info field containing a settable namespace label, James Bottomley
- [RFC v2 2/3] ima: show the namespace label in the ima-ns template, James Bottomley
- [RFC v2 3/3] ima: make the integrity inode cache per namespace, James Bottomley
[RFC 00/20] ima: Namespace IMA with audit support in IMA-ns, Stefan Berger
- [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
  - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
    - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
      - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, James Bottomley
        
        Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
  - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Christian Brauner
    - Re: [RFC 20/20] ima: Setup securityfs_ns for IMA namespace, Stefan Berger
- [RFC 01/20] ima: Add IMA namespace support, Stefan Berger
- [RFC 14/20] ima: Move some IMA policy and filesystem related variables into ima_namespace, Stefan Berger
- [RFC 10/20] ima: Implement hierarchical processing of file accesses, Stefan Berger
- [RFC 09/20] ima: Only accept AUDIT rules for IMA non-init_ima_ns namespaces for now, Stefan Berger
- [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
  - Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, James Bottomley
    - Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
      - Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, James Bottomley
        
        RE: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Denis Semakin
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, James Bottomley
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Stefan Berger
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Christian Brauner
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Christian Brauner
        
        Re: [RFC 17/20] ima: Use integrity_admin_ns_capable() to check corresponding capability, Casey Schaufler
- [RFC 02/20] ima: Define ns_status for storing namespaced iint data, Stefan Berger
- [RFC 18/20] userns: Introduce a refcount variable for calling early teardown function, Stefan Berger
- [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
  - Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
    - Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
      - Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, Stefan Berger
        
        Re: [RFC 08/20] ima: Move measurement list related variables into ima_namespace, James Bottomley
- [RFC 13/20] securityfs: Build securityfs_ns for namespacing support, Stefan Berger
  - Re: [RFC 13/20] securityfs: Build securityfs_ns for namespacing support, Christian Brauner
    - Re: [RFC 13/20] securityfs: Build securityfs_ns for namespacing support, Stefan Berger
- [RFC 07/20] ima: Move ima_htable into ima_namespace, Stefan Berger
- [RFC 12/20] securityfs: Pass static variables as parameters from top level functions, Stefan Berger
- [RFC 16/20] ima: Use ns_capable() for namespace policy access, Stefan Berger
- [RFC 03/20] ima: Namespace audit status flags, Stefan Berger
- [RFC 11/20] securityfs: Prefix global variables with securityfs_, Stefan Berger
- [RFC 04/20] ima: Move delayed work queue and variables into ima_namespace, Stefan Berger
- [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
  - Re: [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Casey Schaufler
    - Re: [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Stefan Berger
      - Re: [RFC 15/20] capabilities: Introduce CAP_INTEGRITY_ADMIN, Casey Schaufler
- [RFC 05/20] ima: Move IMA's keys queue related variables into ima_namespace, Stefan Berger
- [RFC 06/20] ima: Move policy related variables into ima_namespace, Stefan Berger
- [RFC 19/20] ima/userns: Define early teardown function for IMA namespace, Stefan Berger
[RFC 0/3] Namespace IMA, James Bottomley
- [RFC 1/3] userns: add uuid field, James Bottomley
  - Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
    - Re: [RFC 1/3] userns: add uuid field, James Bottomley
      - Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Serge E. Hallyn
        
        Re: [RFC 1/3] userns: add uuid field, Stefan Berger
        
        Re: [RFC 1/3] userns: add uuid field, Christian Brauner
        
        Re: [RFC 1/3] userns: add uuid field, Stefan Berger
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
        
        Re: [RFC 1/3] userns: add uuid field, Christian Brauner
        
        Re: [RFC 1/3] userns: add uuid field, James Bottomley
- [RFC 2/3] ima: Namespace IMA, James Bottomley
  - Re: [RFC 2/3] ima: Namespace IMA, Serge E. Hallyn
- [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
  - Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
    - Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
      - Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Serge E. Hallyn
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Stefan Berger
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, James Bottomley
        
        Re: [RFC 3/3] ima: make the integrity inode cache per namespace, Christian Brauner
[PATCH v1 0/2] ucounts: Fix rlimit max values check, Alexey Gladkov
- [PATCH v1 1/2] ucounts: Fix rlimit max values check, Alexey Gladkov
- [PATCH v1 2/2] ucounts: Move rlimit max values from ucounts max, Alexey Gladkov
  - [ucounts] dc7e5f9d41: UBSAN:array-index-out-of-bounds_in_kernel/ucount.c, kernel test robot
    - [PATCH v2 0/2] ucounts: Fix rlimit max values check, Alexey Gladkov
      - [PATCH v2 2/2] ucounts: Move rlimit max values from ucounts max, Alexey Gladkov
        
        Re: [PATCH v2 2/2] ucounts: Move rlimit max values from ucounts max, Eric W. Biederman
        
        [PATCH v3] ucounts: Split rlimit and ucount values and max values, Alexey Gladkov
        
        Re: [PATCH v3] ucounts: Split rlimit and ucount values and max values, Eric W. Biederman
      - [PATCH v2 1/2] ucounts: Fix rlimit max values check, Alexey Gladkov
  - Re: [PATCH v1 2/2] ucounts: Move rlimit max values from ucounts max, Dan Carpenter
    - Re: [PATCH v1 2/2] ucounts: Move rlimit max values from ucounts max, Alexey Gladkov
    - Re: [PATCH v1 2/2] ucounts: Move rlimit max values from ucounts max, Alexey Gladkov
      - RE: [PATCH v1 2/2] ucounts: Move rlimit max values from ucounts max, David Laight
Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Eric W. Biederman
- Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Steven Rostedt
  - Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Eric W. Biederman
    - Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Steven Rostedt
- Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Steven Rostedt
  - Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Kirill Tkhai
  - Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
    - Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Steven Rostedt
      - Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Yordan Karadzhov
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Steven Rostedt
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Steven Rostedt
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
      - Message not available
        
        Message not available
        
        Message not available
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Yordan Karadzhov
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Yordan Karadzhov
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, James Bottomley
        
        Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Yordan Karadzhov
- Re: [RFC PATCH 0/4] namespacefs: Proof-of-Concept, Yordan Karadzhov
[PATCH 1/2] binfmt_misc: cleanup on filesystem umount, Christian Brauner
- [PATCH 2/2] binfmt_misc: enable sandboxed mounts, Christian Brauner
  - Re: [PATCH 2/2] binfmt_misc: enable sandboxed mounts, Serge E. Hallyn
    - Re: [PATCH 2/2] binfmt_misc: enable sandboxed mounts, Christian Brauner
- Re: [PATCH 1/2] binfmt_misc: cleanup on filesystem umount, Serge E. Hallyn
[RFC 0/5] kernel: Introduce CPU Namespace, Pratik R. Sampat
- [RFC 2/5] ns: Add scrambling functionality to CPU namespace, Pratik R. Sampat
- [RFC 1/5] ns: Introduce CPU Namespace, Pratik R. Sampat
  - Re: [RFC 1/5] ns: Introduce CPU Namespace, Peter Zijlstra
- [RFC 3/5] cpuset/cpuns: Make cgroup CPUset CPU namespace aware, Pratik R. Sampat
- [RFC 4/5] cpu/cpuns: Make sysfs CPU namespace aware, Pratik R. Sampat
- [RFC 5/5] proc/cpuns: Make procfs load stats CPU namespace aware, Pratik R. Sampat
- Re: [RFC 0/5] kernel: Introduce CPU Namespace, Peter Zijlstra
- Re: [RFC 0/5] kernel: Introduce CPU Namespace, Christian Brauner
  - Re: [RFC 0/5] kernel: Introduce CPU Namespace, Michal Koutný
    - Re: [RFC 0/5] kernel: Introduce CPU Namespace, Tejun Heo
  - Re: [RFC 0/5] kernel: Introduce CPU Namespace, Pratik Sampat
    - Re: [RFC 0/5] kernel: Introduce CPU Namespace, Tejun Heo
      - Re: [RFC 0/5] kernel: Introduce CPU Namespace, Pratik Sampat
        
        Re: [RFC 0/5] kernel: Introduce CPU Namespace, Tejun Heo
        
        Re: [RFC 0/5] kernel: Introduce CPU Namespace, Pratik Sampat
        
        Re: [RFC 0/5] kernel: Introduce CPU Namespace, Tejun Heo
        
        Re: [RFC 0/5] kernel: Introduce CPU Namespace, Pratik Sampat
        
        Re: [RFC 0/5] kernel: Introduce CPU Namespace, Tejun Heo
        
        Re: [RFC 0/5] kernel: Introduce CPU Namespace, Eric W. Biederman
Re: Landlock news #1, Mickaël Salaün
[PATCH v1] ucounts: Increase ucounts reference counter before the security hook, Alexey Gladkov
- Re: [PATCH v1] ucounts: Increase ucounts reference counter before the security hook, Eric W. Biederman
[RFD] Provide virtualized CPU system information for containers, Pratik Sampat
- Re: [RFD] Provide virtualized CPU system information for containers, Eric W. Biederman
  - Re: [RFD] Provide virtualized CPU system information for containers, Pratik Sampat
[PATCH] Documentation: seccomp: Fix typo in user notification, Rodrigo Campos
- Re: [PATCH] Documentation: seccomp: Fix typo in user notification, Christian Brauner
- Re: [PATCH] Documentation: seccomp: Fix typo in user notification, Kees Cook
[GIT PULL] ucounts: Count rlimits in each user namespace, Eric W. Biederman
- Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Linus Torvalds
  - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Eric W. Biederman
  - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Eric W. Biederman
    - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Linus Torvalds
      - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Eric W. Biederman
        
        Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Eric W. Biederman
        
        Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Alexey Gladkov
        
        Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Eric W. Biederman
  - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Alexey Gladkov
    - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Linus Torvalds
      - Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Alexey Gladkov
        
        Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Linus Torvalds
        
        Re: [GIT PULL] ucounts: Count rlimits in each user namespace, Alexey Gladkov
        
        [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Alexey Gladkov
        
        Re: [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Linus Torvalds
        
        Re: [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Alexey Gladkov
        
        Re: [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Linus Torvalds
        
        [PATCH v2] Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Alexey Gladkov
        
        Re: [PATCH v2] Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Linus Torvalds
        
        Re: [PATCH] ucounts: Fix UCOUNT_RLIMIT_SIGPENDING counter leak, Alexey Gladkov
- Re: [GIT PULL] ucounts: Count rlimits in each user namespace, pr-tracker-bot
[PATCH v1] proc: Implement /proc/self/meminfo, legion
- Re: [PATCH v1] proc: Implement /proc/self/meminfo, Michal Hocko
- Re: [PATCH v1] proc: Implement /proc/self/meminfo, Chris Down
  - Re: [PATCH v1] proc: Implement /proc/self/meminfo, Enrico Weigelt, metux IT consult
    - Re: [PATCH v1] proc: Implement /proc/self/meminfo, Eric W. Biederman
      - Re: [PATCH v1] proc: Implement /proc/self/meminfo, Johannes Weiner
        
        Re: [PATCH v1] proc: Implement /proc/self/meminfo, Eric W. Biederman
        
        Re: [PATCH v1] proc: Implement /proc/self/meminfo, Daniel Walsh
        
        Re: [PATCH v1] proc: Implement /proc/self/meminfo, Enrico Weigelt, metux IT consult
- Re: [PATCH v1] proc: Implement /proc/self/meminfo, Christian Brauner
  - Re: [PATCH v1] proc: Implement /proc/self/meminfo, Alexey Gladkov
    - Re: [PATCH v1] proc: Implement /proc/self/meminfo, Shakeel Butt
      - Re: [PATCH v1] proc: Implement /proc/self/meminfo, Eric W. Biederman
        
        Re: [PATCH v1] proc: Implement /proc/self/meminfo, Michal Hocko
        
        Re: [PATCH v1] proc: Implement /proc/self/meminfo, Shakeel Butt
[PATCH] selftests/seccomp: More closely track fds being assigned, Kees Cook
- Re: [PATCH] selftests/seccomp: More closely track fds being assigned, Rodrigo Campos
  - Re: [PATCH] selftests/seccomp: More closely track fds being assigned, Kees Cook
- Re: [PATCH] selftests/seccomp: More closely track fds being assigned, Christian Brauner
Preemption Signal Management, Sargun Dhillon
- Re: Preemption Signal Management, Eric W. Biederman
- Re: Preemption Signal Management, Andy Lutomirski
  - Re: Preemption Signal Management, Christian Brauner
Linux Plumbers 2021: Containers and Checkpoint/Restore micro-conference CFP, Christian Brauner
[PATCH v2 0/4] Atomic addfd send and reply, Sargun Dhillon
- [PATCH v2 1/4] Documentation: seccomp: Fix user notification documentation, Sargun Dhillon
- [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Sargun Dhillon
  - Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Rodrigo Campos
    - Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Sargun Dhillon
  - Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Rodrigo Campos
    - Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Kees Cook
      - Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Rodrigo Campos
        
        Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Kees Cook
        
        Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Kees Cook
        
        Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Rodrigo Campos
        
        Re: [PATCH v2 2/4] seccomp: Refactor notification handler to prepare for new semantics, Kees Cook
- [PATCH v2 3/4] seccomp: Support atomic "addfd + send reply", Sargun Dhillon
  - Re: [PATCH v2 3/4] seccomp: Support atomic "addfd + send reply", Christian Brauner
- [PATCH v2 4/4] selftests/seccomp: Add test for atomic addfd+send, Sargun Dhillon
- Re: [PATCH v2 0/4] Atomic addfd send and reply, Andy Lutomirski
- Re: [PATCH v2 0/4] Atomic addfd send and reply, Christian Brauner
- Re: [PATCH v2 0/4] Atomic addfd send and reply, Kees Cook
[RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, YiFei Zhu
- [RFC PATCH bpf-next seccomp 01/12] seccomp: Move no_new_privs check to after prepare_filter, YiFei Zhu
- [RFC PATCH bpf-next seccomp 02/12] bpf, seccomp: Add eBPF filter capabilities, YiFei Zhu
- [RFC PATCH bpf-next seccomp 03/12] seccomp, ptrace: Add a mechanism to retrieve attached eBPF seccomp filters, YiFei Zhu
- [RFC PATCH bpf-next seccomp 04/12] libbpf: recognize section "seccomp", YiFei Zhu
- [RFC PATCH bpf-next seccomp 05/12] samples/bpf: Add eBPF seccomp sample programs, YiFei Zhu
- [RFC PATCH bpf-next seccomp 06/12] lsm: New hook seccomp_extended, YiFei Zhu
- [RFC PATCH bpf-next seccomp 07/12] bpf/verifier: allow restricting direct map access, YiFei Zhu
- [RFC PATCH bpf-next seccomp 08/12] seccomp-ebpf: restrict filter to almost cBPF if LSM request such, YiFei Zhu
- [RFC PATCH bpf-next seccomp 09/12] yama: (concept) restrict seccomp-eBPF with ptrace_scope, YiFei Zhu
- [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, YiFei Zhu
  - Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, Alexei Starovoitov
    - Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, YiFei Zhu
      - Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, Alexei Starovoitov
        
        Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, YiFei Zhu
        
        Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, Andy Lutomirski
        
        Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, YiFei Zhu
        
        Re: [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory, Andy Lutomirski
- [RFC PATCH bpf-next seccomp 11/12] bpf/verifier: support NULL-able ptr to BTF ID as helper argument, YiFei Zhu
- [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader, YiFei Zhu
  - Re: [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader, Alexei Starovoitov
    - Re: [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader, YiFei Zhu
      - Re: [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader, Alexei Starovoitov
- Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Andy Lutomirski
  - Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, YiFei Zhu
    - Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Andy Lutomirski
      - Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Christian Brauner
    - Message not available
      - Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Tianyin Xu
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Tycho Andersen
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Sargun Dhillon
        
        Message not available
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Tianyin Xu
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Christian Brauner
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Christian Brauner
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Kees Cook
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Jinghao Jia
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Jinghao Jia
        
        Message not available
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Tianyin Xu
        
        Message not available
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Tianyin Xu
        
        Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters, Sargun Dhillon
[PATCH v3 1/5] cgroup: introduce cgroup.kill, Christian Brauner
- [PATCH v3 2/5] docs/cgroup: add entry for cgroup.kill, Christian Brauner
- [PATCH v3 3/5] tests/cgroup: use cgroup.kill in cg_killall(), Christian Brauner
- [PATCH v3 4/5] tests/cgroup: move cg_wait_for(), cg_prepare_for_wait(), Christian Brauner
- [PATCH v3 5/5] tests/cgroup: test cgroup.kill, Christian Brauner
  - Re: [PATCH v3 5/5] tests/cgroup: test cgroup.kill, Shakeel Butt
- Re: [PATCH v3 1/5] cgroup: introduce cgroup.kill, Tejun Heo
  - Re: [PATCH v3 1/5] cgroup: introduce cgroup.kill, Christian Brauner
- Re: [PATCH v3 1/5] cgroup: introduce cgroup.kill, Jonathan Corbet
  - Re: [PATCH v3 1/5] cgroup: introduce cgroup.kill, Roman Gushchin
[PATCH v2 1/5] cgroup: introduce cgroup.kill, Christian Brauner
- [PATCH v2 2/5] docs/cgroup: add entry for cgroup.kill, Christian Brauner
  - Re: [PATCH v2 2/5] docs/cgroup: add entry for cgroup.kill, Shakeel Butt
- [PATCH v2 3/5] tests/cgroup: use cgroup.kill in cg_killall(), Christian Brauner
  - Re: [PATCH v2 3/5] tests/cgroup: use cgroup.kill in cg_killall(), Shakeel Butt
- [PATCH v2 4/5] tests/cgroup: move cg_wait_for(), cg_prepare_for_wait(), Christian Brauner
  - Re: [PATCH v2 4/5] tests/cgroup: move cg_wait_for(), cg_prepare_for_wait(), Shakeel Butt
- [PATCH v2 5/5] tests/cgroup: test cgroup.kill, Christian Brauner
  - Re: [PATCH v2 5/5] tests/cgroup: test cgroup.kill, Shakeel Butt
    - Re: [PATCH v2 5/5] tests/cgroup: test cgroup.kill, Christian Brauner
- Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Shakeel Butt
- Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Serge E. Hallyn
- Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Shakeel Butt
- Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Roman Gushchin
  - Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Christian Brauner
    - Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Roman Gushchin
- Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Eric W. Biederman
  - Re: [PATCH v2 1/5] cgroup: introduce cgroup.kill, Christian Brauner
[PATCH 0/4] Atomic addfd send and reply, Sargun Dhillon
- [PATCH 1/4] Documentation: seccomp: Fix user notification documentation, Sargun Dhillon
- [PATCH 2/4] seccomp: Refactor notification handler to prepare for new semantics, Sargun Dhillon
- [PATCH 3/4] seccomp: Support atomic "addfd + send reply", Sargun Dhillon
  - Re: [PATCH 3/4] seccomp: Support atomic "addfd + send reply", Tycho Andersen
    - Re: [PATCH 3/4] seccomp: Support atomic "addfd + send reply", Sargun Dhillon
      - Re: [PATCH 3/4] seccomp: Support atomic "addfd + send reply", Tycho Andersen
- [PATCH 4/4] selftests/seccomp: Add test for atomic addfd+send, Sargun Dhillon
The containers list has moved!, Konstantin Ryabitsev
[PATCH v2 0/5] Handle seccomp notification preemption, Sargun Dhillon
- [PATCH v2 1/5] seccomp: Refactor notification handler to prepare for new semantics, Sargun Dhillon
- [PATCH v2 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
  - Re: [PATCH v2 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Andy Lutomirski
    - Re: [PATCH v2 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
- [PATCH v2 4/5] seccomp: Support atomic "addfd + send reply", Sargun Dhillon
- [PATCH v2 3/5] selftests/seccomp: Add test for wait killable notifier, Sargun Dhillon
- [PATCH v2 5/5] selftests/seccomp: Add test for atomic addfd+send, Sargun Dhillon
[PATCH RESEND 0/5] Handle seccomp notification preemption, Sargun Dhillon
- [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
  - Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Tycho Andersen
    - Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
      - Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Tycho Andersen
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Andy Lutomirski
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Tycho Andersen
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Andy Lutomirski
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Tycho Andersen
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Rodrigo Campos
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Rodrigo Campos
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Tycho Andersen
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
        
        Re: [PATCH RESEND 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
- [PATCH RESEND 1/5] seccomp: Refactor notification handler to prepare for new semantics, Sargun Dhillon
- [PATCH RESEND 3/5] selftests/seccomp: Add test for wait killable notifier, Sargun Dhillon
  - Re: [PATCH RESEND 3/5] selftests/seccomp: Add test for wait killable notifier, Tycho Andersen
- [PATCH RESEND 4/5] seccomp: Support atomic "addfd + send reply", Sargun Dhillon
- [PATCH RESEND 5/5] selftests/seccomp: Add test for atomic addfd+send, Sargun Dhillon
[PATCH v11 0/9] Count rlimits in each user namespace, legion
- [PATCH v11 1/9] Increase size of ucounts to atomic_long_t, legion
- [PATCH v11 2/9] Add a reference to ucounts for each cred, legion
- [PATCH v11 3/9] Use atomic_t for ucounts reference counting, legion
- [PATCH v11 4/9] Reimplement RLIMIT_NPROC on top of ucounts, legion
  - Re: [PATCH v11 4/9] Reimplement RLIMIT_NPROC on top of ucounts, Dan Carpenter
    - [PATCH] ucounts: Silence warning in dec_rlimit_ucounts, Eric W. Biederman
- [PATCH v11 5/9] Reimplement RLIMIT_MSGQUEUE on top of ucounts, legion
- [PATCH v11 6/9] Reimplement RLIMIT_SIGPENDING on top of ucounts, legion
- [PATCH v11 7/9] Reimplement RLIMIT_MEMLOCK on top of ucounts, legion
- [PATCH v11 8/9] kselftests: Add test to check for rlimit changes in different user namespaces, legion
- [PATCH v11 9/9] ucounts: Set ucount_max to the largest positive value the type can hold, legion
Containers Development List Migration, Christian Brauner
- Re: Containers Development List Migration, Christian Brauner
: Containers Digest, Vol 165, Issue 20, Esther Faride Chau Durazo
Containers Digest, Vol 177, Issue 20, Esther Faride Chau Durazo
[PATCH 0/1] seccomp: Erroneous return on interrupted addfd ioctl(), Rodrigo Campos
- [PATCH 1/1] seccomp: Always "goto wait" if the list is empty, Rodrigo Campos
  - Re: [PATCH 1/1] seccomp: Always "goto wait" if the list is empty, Christian Brauner
    - Re: [PATCH 1/1] seccomp: Always "goto wait" if the list is empty, Rodrigo Campos
Re: [PATCH v6 24/40] fs: make helpers idmap mount aware, Anton Altaparmakov
- Re: [PATCH v6 24/40] fs: make helpers idmap mount aware, Linus Torvalds
  - Re: [PATCH v6 24/40] fs: make helpers idmap mount aware, Christian Brauner
[PATCH v10 0/9] Count rlimits in each user namespace, Alexey Gladkov
- [PATCH v10 3/9] Use atomic_t for ucounts reference counting, Alexey Gladkov
- [PATCH v10 1/9] Increase size of ucounts to atomic_long_t, Alexey Gladkov
- [PATCH v10 2/9] Add a reference to ucounts for each cred, Alexey Gladkov
- [PATCH v10 4/9] Reimplement RLIMIT_NPROC on top of ucounts, Alexey Gladkov
- [PATCH v10 6/9] Reimplement RLIMIT_SIGPENDING on top of ucounts, Alexey Gladkov
  - 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, kernel test robot
    - Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Linus Torvalds
      - Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Alexey Gladkov
      - Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Eric W. Biederman
        
        Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Alexey Gladkov
        
        Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Oliver Sang
        
        Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Alexey Gladkov
        
        Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Oliver Sang
        
        Re: 08ed4efad6: stress-ng.sigsegv.ops_per_sec -41.9% regression, Alexey Gladkov
- [PATCH v10 5/9] Reimplement RLIMIT_MSGQUEUE on top of ucounts, Alexey Gladkov
- [PATCH v10 7/9] Reimplement RLIMIT_MEMLOCK on top of ucounts, Alexey Gladkov
  - Re: [PATCH v10 7/9] Reimplement RLIMIT_MEMLOCK on top of ucounts, kernel test robot
- [PATCH v10 8/9] kselftests: Add test to check for rlimit changes in different user namespaces, Alexey Gladkov
- [PATCH v10 9/9] ucounts: Set ucount_max to the largest positive value the type can hold, Alexey Gladkov
Re: Broken link on lists.linuxfoundation.org, Adam Carter
[PATCH v9 0/8] Count rlimits in each user namespace, Alexey Gladkov
- [PATCH v9 1/8] Increase size of ucounts to atomic_long_t, Alexey Gladkov
- [PATCH v9 3/8] Use atomic_t for ucounts reference counting, Alexey Gladkov
  - Re: [PATCH v9 3/8] Use atomic_t for ucounts reference counting, Eric W. Biederman
- [PATCH v9 5/8] Reimplement RLIMIT_MSGQUEUE on top of ucounts, Alexey Gladkov
- [PATCH v9 4/8] Reimplement RLIMIT_NPROC on top of ucounts, Alexey Gladkov
  - Re: [PATCH v9 4/8] Reimplement RLIMIT_NPROC on top of ucounts, Eric W. Biederman
    - Re: [PATCH v9 4/8] Reimplement RLIMIT_NPROC on top of ucounts, Alexey Gladkov
      - Re: [PATCH v9 4/8] Reimplement RLIMIT_NPROC on top of ucounts, Eric W. Biederman
- [PATCH v9 2/8] Add a reference to ucounts for each cred, Alexey Gladkov
- [PATCH v9 7/8] Reimplement RLIMIT_MEMLOCK on top of ucounts, Alexey Gladkov
- [PATCH v9 6/8] Reimplement RLIMIT_SIGPENDING on top of ucounts, Alexey Gladkov
  - Re: [PATCH v9 6/8] Reimplement RLIMIT_SIGPENDING on top of ucounts, Eric W. Biederman
- [PATCH v9 8/8] kselftests: Add test to check for rlimit changes in different user namespaces, Alexey Gladkov
- Re: [PATCH v9 0/8] Count rlimits in each user namespace, Eric W. Biederman
[PATCH] seccomp: fix the cond to report loaded filters, Kenta.Tada
- Re: [PATCH] seccomp: fix the cond to report loaded filters, Kees Cook
[PATCH 0/5] Handle seccomp notification preemption, Sargun Dhillon
- Re: [PATCH 0/5] Handle seccomp notification preemption, Rodrigo Campos
- <Possible follow-ups>
- [PATCH 0/5] Handle seccomp notification preemption, Sargun Dhillon
  - [PATCH 1/5] seccomp: Refactor notification handler to prepare for new semantics, Sargun Dhillon
    - Re: [PATCH 1/5] seccomp: Refactor notification handler to prepare for new semantics, Rodrigo Campos
  - [PATCH 2/5] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
  - [PATCH 3/5] selftests/seccomp: Add test for wait killable notifier, Sargun Dhillon
  - [PATCH 4/5] seccomp: Support atomic "addfd + send reply", Sargun Dhillon
  - [PATCH 5/5] selftests/seccomp: Add test for atomic addfd+send, Sargun Dhillon
    - Re: [PATCH 5/5] selftests/seccomp: Add test for atomic addfd+send, Rodrigo Campos
[PATCH v6 0/5] proc: subset=pid: Relax check of mount visibility, Alexey Gladkov
- [PATCH v6 1/5] docs: proc: add documentation about mount restrictions, Alexey Gladkov
- [PATCH v6 4/5] proc: Relax check of mount visibility, Alexey Gladkov
- [PATCH v6 2/5] proc: subset=pid: Show /proc/self/net only for CAP_NET_ADMIN, Alexey Gladkov
- [PATCH v6 5/5] docs: proc: add documentation about relaxing visibility restrictions, Alexey Gladkov
- [PATCH v6 3/5] proc: Disable cancellation of subset=pid option, Alexey Gladkov
[PATCH v5 0/5] proc: Relax check of mount visibility, Alexey Gladkov
- [PATCH v5 3/5] proc: Disable cancellation of subset=pid option, Alexey Gladkov
- [PATCH v5 1/5] docs: proc: add documentation about mount restrictions, Alexey Gladkov
- [PATCH v5 5/5] docs: proc: add documentation about relaxing visibility restrictions, Alexey Gladkov
- [PATCH v5 2/5] proc: Show /proc/self/net only for CAP_NET_ADMIN, Alexey Gladkov
- [PATCH v5 4/5] proc: Relax check of mount visibility, Alexey Gladkov
  - Re: [PATCH v5 4/5] proc: Relax check of mount visibility, kernel test robot
- Re: [PATCH v5 0/5] proc: Relax check of mount visibility, Alexey Gladkov
[PATCH v8 0/8] Count rlimits in each user namespace, Alexey Gladkov
- [PATCH v8 1/8] Increase size of ucounts to atomic_long_t, Alexey Gladkov
- [PATCH v8 2/8] Add a reference to ucounts for each cred, Alexey Gladkov
- [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Alexey Gladkov
  - Re: [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Linus Torvalds
  - Re: [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Kees Cook
    - Re: [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Linus Torvalds
      - Re: [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Kees Cook
        
        Re: [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Linus Torvalds
        
        Re: [PATCH v8 3/8] Use atomic_t for ucounts reference counting, Kees Cook
- [PATCH v8 4/8] Reimplement RLIMIT_NPROC on top of ucounts, Alexey Gladkov
- [PATCH v8 5/8] Reimplement RLIMIT_MSGQUEUE on top of ucounts, Alexey Gladkov
- [PATCH v8 8/8] kselftests: Add test to check for rlimit changes in different user namespaces, Alexey Gladkov
- [PATCH v8 6/8] Reimplement RLIMIT_SIGPENDING on top of ucounts, Alexey Gladkov
- [PATCH v8 7/8] Reimplement RLIMIT_MEMLOCK on top of ucounts, Alexey Gladkov
Re: seccomp: Delay filter activation, Christian Brauner
- Re: seccomp: Delay filter activation, Christian Brauner
  - Re: seccomp: Delay filter activation, Kees Cook
    - Re: seccomp: Delay filter activation, Christian Brauner
      - Re: seccomp: Delay filter activation, Sargun Dhillon
        
        Re: seccomp: Delay filter activation, Rodrigo Campos
        
        Re: seccomp: Delay filter activation, Christian Brauner
[PATCH v7 0/7] Count rlimits in each user namespace, Alexey Gladkov
- [PATCH v7 4/7] Reimplement RLIMIT_MSGQUEUE on top of ucounts, Alexey Gladkov
- [PATCH v7 2/7] Add a reference to ucounts for each cred, Alexey Gladkov
  - e1e57d56fe: stress-ng.access.ops_per_sec -41.6% regression, kernel test robot
- [PATCH v7 1/7] Increase size of ucounts to atomic_long_t, Alexey Gladkov
- [PATCH v7 6/7] Reimplement RLIMIT_MEMLOCK on top of ucounts, Alexey Gladkov
  - 5b5c35b757: BUG:KASAN:use-after-free_in_dec_rlimit_ucounts, kernel test robot
- [PATCH v7 5/7] Reimplement RLIMIT_SIGPENDING on top of ucounts, Alexey Gladkov
  - d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, kernel test robot
    - Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, Eric W. Biederman
      - Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, Alexey Gladkov
        
        Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, Eric W. Biederman
        
        Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, Alexey Gladkov
        
        Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, Eric W. Biederman
        
        Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression, Linus Torvalds
- [PATCH v7 7/7] kselftests: Add test to check for rlimit changes in different user namespaces, Alexey Gladkov
- [PATCH v7 3/7] Reimplement RLIMIT_NPROC on top of ucounts, Alexey Gladkov
[RFC PATCH 0/3] Seccomp non-preemptible notifier, Sargun Dhillon
- [RFC PATCH 2/3] seccomp: Add wait_killable semantic to seccomp user notifier, Sargun Dhillon
  - Re: [RFC PATCH 2/3] seccomp: Add wait_killable semantic to seccomp user notifier, Rodrigo Campos

[Index of Archives] [Cgroups] [Kernel] [Kernel Announce] [Kernel Newbies] [IETF Annouce] [Security] [Netfilter] [Bugtraq]