Linux Containers
[Prev Page][Next Page]
[RFC PATCH seccomp 0/2] seccomp: Add bitmap cache of arg-independent filter results that allow syscalls,
YiFei Zhu
intel/AMD Mini PC iPC, 28 solution options,
Tys
LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces,
Christian Brauner
Re: LPC 2020 Hackroom Session: summary and next steps for isolated user namespaces, Enrico Weigelt, metux IT consult
Per user rlimits,
Eric W. Biederman
Re: Containers Digest, Vol 169, Issue 34, Esther Faride Chau Durazo
Use cases for multiple uid mapping?,
Eric W. Biederman
Re: [PATCH] MAINTAINERS: add namespace entry,
Eric W. Biederman
Overlayfs @Plumbers,
Amir Goldstein
[RFC PATCH 10/30] ima: Add ima namespace ID to the ima ML related structures,
krzysztof.struczynski
- [RFC PATCH 11/30] ima: Keep track of the measurment list per ima namespace, krzysztof.struczynski
- [RFC PATCH 12/30] ima: Check ima namespace ID during digest entry lookup, krzysztof.struczynski
- [RFC PATCH 13/30] ima: Add a new ima template that includes namespace ID, krzysztof.struczynski
- [RFC PATCH 14/30] ima: Add per namespace view of the measurement list, krzysztof.struczynski
- [RFC PATCH 15/30] ima: Add a reader counter to the integrity inode data, krzysztof.struczynski
- [RFC PATCH 16/30] ima: Extend permissions to the ima securityfs entries, krzysztof.struczynski
- [RFC PATCH 17/30] ima: Add the violation counter to the namespace, krzysztof.struczynski
- [RFC PATCH 18/30] ima: Change the owning user namespace of the ima namespace if necessary, krzysztof.struczynski
- [RFC PATCH 19/30] ima: Configure the new ima namespace from securityfs, krzysztof.struczynski
- [RFC PATCH 21/30] user namespace: Add function that checks if the UID map is defined, krzysztof.struczynski
- [RFC PATCH 20/30] ima: Parse per ima namespace policy file, krzysztof.struczynski
- [RFC PATCH 22/30] ima: Remap IDs of subject based rules if necessary, krzysztof.struczynski
- [RFC PATCH 23/30] keys: Add domain tag to the keyring search criteria, krzysztof.struczynski
- [RFC PATCH 24/30] keys: Include key domain tag in the iterative search, krzysztof.struczynski
- [RFC PATCH 25/30] keys: Allow to set key domain tag separately from the key type, krzysztof.struczynski
- [RFC PATCH 26/30] ima: Add key domain to the ima namespace, krzysztof.struczynski
- [RFC PATCH 27/30] integrity: Add key domain tag to the search criteria, krzysztof.struczynski
- [RFC PATCH 28/30] ima: Load per ima namespace x509 certificate, krzysztof.struczynski
- [RFC PATCH 29/30] ima: Add dummy boot aggregate to per ima namespace measurement list, krzysztof.struczynski
- [RFC PATCH 30/30] ima: Set ML template per ima namespace, krzysztof.struczynski
[RFC PATCH 00/30] ima: Introduce IMA namespace,
krzysztof.struczynski
- [RFC PATCH 02/30] ima: Add a list of the installed ima namespaces, krzysztof.struczynski
- [RFC PATCH 03/30] ima: Bind ima namespace to the file descriptor, krzysztof.struczynski
- [RFC PATCH 04/30] ima: Add ima policy related data to the ima namespace, krzysztof.struczynski
- [RFC PATCH 01/30] ima: Introduce ima namespace, krzysztof.struczynski
- [RFC PATCH 05/30] ima: Add methods for parsing ima policy configuration string, krzysztof.struczynski
- [RFC PATCH 07/30] ima: Extend the APIs in the integrity subsystem, krzysztof.struczynski
- [RFC PATCH 08/30] ima: Add integrity inode related data to the ima namespace, krzysztof.struczynski
- [RFC PATCH 06/30] ima: Add ima namespace to the ima subsystem APIs, krzysztof.struczynski
- [RFC PATCH 09/30] ima: Enable per ima namespace policy settings, krzysztof.struczynski
- Re: [RFC PATCH 00/30] ima: Introduce IMA namespace, Christian Brauner
- Re: [RFC PATCH 00/30] ima: Introduce IMA namespace, James Bottomley
- Re: [RFC PATCH 00/30] ima: Introduce IMA namespace, Christian Brauner
[RFC PATCH 0/5] keys: Security changes, ACLs and Container keyring,
David Howells
[PATCH v7 0/9] Add seccomp notifier ioctl that enables adding fds,
Kees Cook
[PATCH v6 0/7] Add seccomp notifier ioctl that enables adding fds,
Kees Cook
Virtual Linux Plumbers 2020, 24-28 August: Containers and Checkpoint/Restore microconference CFP Open until 20 July, Christian Brauner
Re: [PATCH 0/5] RFC: connector: Add network namespace awareness,
Eric W. Biederman
[PATCH ghau51/ghau40 v9 00/11] add support for audit container identifier,
Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 05/11] start normalization containerid support, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 02/11] AUDIT_CONTAINER_ID message type basic support, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 03/11] auditctl: add support for AUDIT_CONTID filter, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 01/11] AUDIT_CONTAINER_OP message type basic support, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 06/11] libaudit: add support to get the task audit container identifier, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 04/11] add ausearch containerid support, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 07/11] signal_info: only print context if it is available., Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 08/11] add support for audit_signal_info2, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 09/11] contid: interpret correctly CONTAINER_ID contid field csv, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 10/11] ausearch: convert contid to comma-sep/carrat-mod cnode/clist, Richard Guy Briggs
- [PATCH ghau51/ghau40 v9 11/11] libaudit: add support to get and set capcontid on a task, Richard Guy Briggs
[PATCH ghak90 V9 00/13] audit: implement container identifier,
Richard Guy Briggs
- [PATCH ghak90 V9 01/13] audit: collect audit task parameters, Richard Guy Briggs
- [PATCH ghak90 V9 02/13] audit: add container id, Richard Guy Briggs
- [PATCH ghak90 V9 03/13] audit: read container ID of a process, Richard Guy Briggs
- [PATCH ghak90 V9 04/13] audit: log drop of contid on exit of last task, Richard Guy Briggs
- [PATCH ghak90 V9 05/13] audit: log container info of syscalls, Richard Guy Briggs
- [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon, Richard Guy Briggs
- [PATCH ghak90 V9 07/13] audit: add support for non-syscall auxiliary records, Richard Guy Briggs
- [PATCH ghak90 V9 08/13] audit: add containerid support for user records, Richard Guy Briggs
- [PATCH ghak90 V9 09/13] audit: add containerid filtering, Richard Guy Briggs
- [PATCH ghak90 V9 10/13] audit: add support for containerid to network namespaces, Richard Guy Briggs
- [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting, Richard Guy Briggs
- [PATCH ghak90 V9 12/13] audit: track container nesting, Richard Guy Briggs
- [PATCH ghak90 V9 13/13] audit: add capcontid to set contid outside init_user_ns, Richard Guy Briggs
[PATCH v5 0/7] Add seccomp notifier ioctl that enables adding fds,
Kees Cook
[RFC][PATCH 0/8] seccomp: Implement constant action bitmaps,
Kees Cook
[PATCH v4 00/11] Add seccomp notifier ioctl that enables adding fds,
Kees Cook
- [PATCH v4 02/11] fs: Move __scm_install_fd() to __fd_install_received(), Kees Cook
- [PATCH v4 03/11] fs: Add fd_install_received() wrapper for __fd_install_received(), Kees Cook
- [PATCH v4 04/11] pidfd: Replace open-coded partial fd_install_received(), Kees Cook
- [PATCH v4 09/11] selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall(), Kees Cook
- [PATCH v4 01/11] net/scm: Regularize compat handling of scm_detach_fds(), Kees Cook
- [PATCH v4 07/11] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD, Kees Cook
- [PATCH v4 11/11] seccomp: Fix ioctl number for SECCOMP_IOCTL_NOTIF_ID_VALID, Kees Cook
- [PATCH v4 05/11] fs: Expand __fd_install_received() to accept fd, Kees Cook
- [PATCH v4 08/11] selftests/seccomp: Make kcmp() less required, Kees Cook
- [PATCH v4 06/11] seccomp: Introduce addfd ioctl to seccomp user notifier, Kees Cook
- [PATCH v4 10/11] seccomp: Switch addfd to Extensible Argument ioctl, Kees Cook
- Re: [PATCH v4 00/11] Add seccomp notifier ioctl that enables adding fds, Sargun Dhillon
[RFC PATCH] seccomp: Add extensibility mechanism to read notifications,
Sargun Dhillon
Virtual Linux Plumbers 2020: Containers and Checkpoint/Restore microconference CFP Open until 20 July,
Christian Brauner
Re: [PATCH 0/2] proc: use subset option to hide some top-level procfs entries,
Eric W. Biederman
[PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds,
Sargun Dhillon
- [PATCH v3 2/4] pid: Use file_receive helper to copy FDs, Sargun Dhillon
- [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, David Laight
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, David Laight
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, David Laight
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, David Laight
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, David Laight
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Kees Cook
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- RE: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, David Laight
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Christian Brauner
- Re: [PATCH v3 1/4] fs, net: Standardize on file_receive helper to move fds across processes, Sargun Dhillon
- [PATCH v3 3/4] seccomp: Introduce addfd ioctl to seccomp user notifier, Sargun Dhillon
- [PATCH v3 4/4] selftests/seccomp: Test SECCOMP_IOCTL_NOTIF_ADDFD, Sargun Dhillon
- Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds, Robert Sesek via Containers
- Re: [PATCH v3 0/4] Add seccomp notifier ioctl that enables adding fds, Kees Cook
[PATCH v3] seccomp: Add find_notification helper,
Sargun Dhillon
[PATCH v3 1/4] seccomp: rename "usage" to "refs" and document,
Christian Brauner
[PATCH v2 1/2] seccomp: notify user trap about unused filter,
Christian Brauner
[PATCH v2 0/3] Add seccomp notifier ioctl that enables adding fds,
Sargun Dhillon
[PATCH 1/2] seccomp: notify user trap about unused filter,
Christian Brauner
[PATCH 0/5] Add seccomp notifier ioctl that enables adding fds,
Sargun Dhillon
[ANNOUNCE] Containers and Checkpoint/Restore Microconference Accepted into 2020 Linux Plumbers Conference, Mike Rapoport
seccomp feature development,
Kees Cook
[Index of Archives]
[Cgroups]
[Kernel]
[Kernel Announce]
[Kernel Newbies]
[IETF Annouce]
[Security]
[Netfilter]
[Bugtraq]
