On Fri, 15 Feb 2019, David Howells wrote: > > Here's a collection of patches that containerises the kernel keys and makes > it possible to separate keys by namespace. This can be extended to any > filesystem that uses request_key() to obtain the pertinent authentication > token on entry to VFS or socket methods. Shouldn't Eric Biederman be cc'd on this? -- James Morris <jmorris@xxxxxxxxx>
