Re: [PATCH 0/3] Introduce user namespace capabilities

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu May 16, 2024 at 4:30 PM EEST, Ben Boeckel wrote:
> On Thu, May 16, 2024 at 02:22:02 -0700, Jonathan Calmels wrote:
> > Jonathan Calmels (3):
> >   capabilities: user namespace capabilities
> >   capabilities: add securebit for strict userns caps
> >   capabilities: add cap userns sysctl mask
> > 
> >  fs/proc/array.c                 |  9 ++++
> >  include/linux/cred.h            |  3 ++
> >  include/linux/securebits.h      |  1 +
> >  include/linux/user_namespace.h  |  7 +++
> >  include/uapi/linux/prctl.h      |  7 +++
> >  include/uapi/linux/securebits.h | 11 ++++-
> >  kernel/cred.c                   |  3 ++
> >  kernel/sysctl.c                 | 10 ++++
> >  kernel/umh.c                    | 16 +++++++
> >  kernel/user_namespace.c         | 83 ++++++++++++++++++++++++++++++---
> >  security/commoncap.c            | 59 +++++++++++++++++++++++
> >  security/keys/process_keys.c    |  3 ++
> >  12 files changed, 204 insertions(+), 8 deletions(-)
>
> I note a lack of any changes to `Documentation/` which seems quite
> glaring for something with such a userspace visibility aspect to it.
>
> --Ben

Yeah, also in cover letter it would be nice to refresh what is
a bounding set. I had to xref that (recalled what it is), and
then got bored reading the rest :-)

Not exactly in the nutshell cover letter tbh, but maybe the
content in that would be better put to Documentation/

BR, Jarkko





[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux