| [v10,4/4] samples: add an example of seccomp user trap |
|
|
|
2018-12-09 |
Tycho Andersen |
|
New |
| [v10,3/4] seccomp: add a return code to trap to userspace |
1 |
|
|
2018-12-09 |
Tycho Andersen |
|
New |
| [v10,2/4] seccomp: switch system call argument type to void * |
1 |
|
|
2018-12-09 |
Tycho Andersen |
|
New |
| [v10,1/4] seccomp: hoist struct seccomp_data recalculation higher |
1 |
|
|
2018-12-09 |
Tycho Andersen |
|
New |
| [v9,4/4] samples: add an example of seccomp user trap |
|
|
|
2018-12-03 |
Tycho Andersen |
|
New |
| [v9,3/4] seccomp: add a return code to trap to userspace |
1 |
|
|
2018-12-03 |
Tycho Andersen |
|
New |
| [v9,2/4] seccomp: switch system call argument type to void * |
1 |
|
|
2018-12-03 |
Tycho Andersen |
|
New |
| [v9,1/4] seccomp: hoist struct seccomp_data recalculation higher |
1 |
|
|
2018-12-03 |
Tycho Andersen |
|
New |
| NAK: KEYS: keyctl_chown_key: validate current key uid/gid and capabilities wrt namespace |
|
|
|
2018-12-02 |
Dimitri John Ledkov |
|
New |
| [v4,4/4] namei: aggressively check for nd->root escape on ".." resolution |
|
|
|
2018-11-12 |
Aleksa Sarai |
|
New |
| [v4,3/4] namei: O_THISROOT: chroot-like path resolution |
|
|
|
2018-11-12 |
Aleksa Sarai |
|
New |
| [v4,2/4] namei: O_BENEATH-style path resolution flags |
|
|
|
2018-11-12 |
Aleksa Sarai |
|
New |
| [v4,1/4] namei: split out nd->dfd handling to dirfd_path_init |
|
|
|
2018-11-12 |
Aleksa Sarai |
|
New |
| [RFC,6/6] shiftfs: support nested shiftfs mounts |
|
|
|
2018-11-01 |
Seth Forshee |
|
New |
| [RFC,5/6] shiftfs: add support for posix acls |
|
|
|
2018-11-01 |
Seth Forshee |
|
New |
| [RFC,4/6] shiftfs: translate uids using s_user_ns from lower fs |
|
|
|
2018-11-01 |
Seth Forshee |
|
New |
| [RFC,3/6] shiftfs: copy inode attrs up from underlying fs |
|
|
|
2018-11-01 |
Seth Forshee |
|
New |
| [RFC,2/6] shiftfs: map inodes to lower fs inodes instead of dentries |
|
|
|
2018-11-01 |
Seth Forshee |
|
New |
| [RFC,1/6] shiftfs: uid/gid shifting bind mount |
|
|
|
2018-11-01 |
Seth Forshee |
|
New |
| [ghak90,(was,ghak32),V4,09/10] audit: NETFILTER_PKT: record each container ID associated with a n... |
|
|
|
2018-10-31 |
Richard Guy Briggs |
|
New |
| [v8,1/2] seccomp: add a return code to trap to userspace |
|
|
|
2018-10-30 |
Tycho Andersen |
|
New |
| [v8,2/2] samples: add an example of seccomp user trap |
|
|
|
2018-10-29 |
Tycho Andersen |
|
New |
| [v8,1/2] seccomp: add a return code to trap to userspace |
|
|
|
2018-10-29 |
Tycho Andersen |
|
New |
| [v6,1/1] ns: add binfmt_misc to the user namespace |
1 |
|
|
2018-10-10 |
Laurent Vivier |
|
New |
| [RFC,v5,1/1] ns: add binfmt_misc to the user namespace |
|
|
|
2018-10-09 |
Laurent Vivier |
|
New |
| [v3,3/3] namei: aggressively check for nd->root escape on ".." resolution |
|
|
|
2018-10-09 |
Aleksa Sarai |
|
New |
| [v3,2/3] namei: implement AT_THIS_ROOT chroot-like path resolution |
|
|
|
2018-10-09 |
Aleksa Sarai |
|
New |
| [v3,1/3] namei: implement O_BENEATH-style AT_* flags |
|
|
|
2018-10-09 |
Aleksa Sarai |
|
New |
| [v2,1/3] namei: implement O_BENEATH-style AT_* flags |
|
|
|
2018-10-09 |
Aleksa Sarai |
|
New |
| [RFC,v4,1/1] ns: add binfmt_misc to the user namespace |
|
|
|
2018-10-06 |
Laurent Vivier |
|
New |
| [2/3] namei: implement AT_THIS_ROOT chroot-like path resolution |
|
|
|
2018-10-05 |
Aleksa Sarai |
|
New |
| [2/3] namei: implement AT_THIS_ROOT chroot-like path resolution |
|
|
|
2018-10-04 |
Aleksa Sarai |
|
New |
| [RFC,v3,1/1] ns: add binfmt_misc to the user namespace |
|
|
|
2018-10-03 |
Laurent Vivier |
|
New |
| [RFC,v2,v2,1/1] ns: add binfmt_misc to the mount namespace |
|
|
|
2018-10-02 |
Laurent Vivier |
|
New |
| [v7,6/6] samples: add an example of seccomp user trap |
|
|
|
2018-09-27 |
Tycho Andersen |
|
New |
| [v7,5/6] seccomp: add a way to pass FDs via a notification fd |
|
|
|
2018-09-27 |
Tycho Andersen |
|
New |
| [v7,4/6] files: add a replace_fd_files() function |
|
|
|
2018-09-27 |
Tycho Andersen |
|
New |
| [v7,3/6] seccomp: add a way to get a listener fd from ptrace |
|
1 |
|
2018-09-27 |
Tycho Andersen |
|
New |
| [v7,2/6] seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE |
1 |
1 |
|
2018-09-27 |
Tycho Andersen |
|
New |
| [v7,1/6] seccomp: add a return code to trap to userspace |
|
|
|
2018-09-27 |
Tycho Andersen |
|
New |
| [RFC,02/20] timens: Add timens_offsets |
|
|
|
2018-09-19 |
Jann Horn via Containers |
|
New |
| [3.18,28/29] getxattr: use correct xattr length |
1 |
|
|
2018-09-07 |
Greg Kroah-Hartman |
|
New |
| [3.18,21/29] userns: move user access out of the mutex |
2 |
|
|
2018-09-07 |
Greg Kroah-Hartman |
|
New |
| [4.4,42/47] getxattr: use correct xattr length |
1 |
|
|
2018-09-07 |
Greg Kroah-Hartman |
|
New |
| [v6,5/5] samples: add an example of seccomp user trap |
|
|
|
2018-09-06 |
Tycho Andersen |
|
New |
| [v6,4/5] seccomp: add support for passing fds via USER_NOTIF |
|
|
|
2018-09-06 |
Tycho Andersen |
|
New |
| [v6,3/5] seccomp: add a way to get a listener fd from ptrace |
|
|
|
2018-09-06 |
Tycho Andersen |
|
New |
| [v6,2/5] seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE |
|
|
|
2018-09-06 |
Tycho Andersen |
|
New |
| [v6,1/5] seccomp: add a return code to trap to userspace |
|
|
|
2018-09-06 |
Tycho Andersen |
|
New |
| [net-next,v2,9/9] ipv6: add inet6_fill_args |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,8/9] ipv4: add inet_fill_args |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,7/9] rtnetlink: s/IFLA_IF_NETNSID/IFLA_TARGET_NETNSID/g |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,6/9] if_link: add IFLA_TARGET_NETNSID alias |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,5/9] rtnetlink: move type calculation out of loop |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,4/9] ipv6: enable IFA_TARGET_NETNSID for RTM_GETADDR |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,3/9] ipv4: enable IFA_TARGET_NETNSID for RTM_GETADDR |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,2/9] if_addr: add IFA_TARGET_NETNSID |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [net-next,v2,1/9] rtnetlink: add rtnl_get_net_ns_capable() |
|
|
|
2018-09-04 |
Christian Brauner |
|
New |
| [v5,5/5] samples: add an example of seccomp user trap |
|
|
|
2018-08-28 |
Tycho Andersen |
|
New |
| [v5,4/5] seccomp: add support for passing fds via USER_NOTIF |
|
|
|
2018-08-28 |
Tycho Andersen |
|
New |
| [v5,3/5] seccomp: add a way to get a listener fd from ptrace |
|
|
|
2018-08-28 |
Tycho Andersen |
|
New |
| [v5,2/5] seccomp: make get_nth_filter available outside of CHECKPOINT_RESTORE |
1 |
|
|
2018-08-28 |
Tycho Andersen |
|
New |
| [v5,1/5] seccomp: add a return code to trap to userspace |
|
|
|
2018-08-28 |
Tycho Andersen |
|
New |
| [9/9] capability: add cap_set_nsowner() |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [8/9] cap_file: handle run- vs buildtime vfs cap support |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [7/9] cap_file: save rootid in _fcaps_save() |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [6/9] capability: add cap_get_nsowner() |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [5/9] cap_file: initialize rootid in _fcaps_load() |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [4/9] cap_file: add new rootid argument |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [3/9] cap_file: use struct vfs_ns_cap_data if possible |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [2/9] capability: update to new uapi header |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [1/9] cap_file: use v3 xattr macros |
|
1 |
|
2018-08-10 |
Christian Brauner |
|
New |
| [v3] cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() |
2 |
|
|
2018-08-08 |
Amir Goldstein |
|
New |
| [ghau51/ghau40,v4,6/6] libaudit: add support to get the task audit container identifier |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghau51/ghau40,v4,5/6] start normalization containerid support |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghau51/ghau40,v4,4/6] add ausearch containerid support |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghau51/ghau40,v4,3/6] auditctl: add support for AUDIT_CONTID filter |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghau51/ghau40,v4,2/6] AUDIT_CONTAINER message type basic support |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghau51/ghau40,v4,1/6] AUDIT_CONTAINER_OP message type basic support |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,10/10] debug audit: read container ID of a process |
1 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,09/10] audit: NETFILTER_PKT: record each container ID associated with a n... |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,08/10] audit: add support for containerid to network namespaces |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,07/10] audit: add containerid filtering |
1 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,06/10] audit: add containerid support for tty_audit |
1 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,05/10] audit: add support for non-syscall auxiliary records |
1 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,04/10] audit: add containerid support for ptrace and signals |
1 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,03/10] audit: log container info of syscalls |
2 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,02/10] audit: add container id |
2 |
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [ghak90,(was,ghak32),V4,01/10] audit: collect audit task parameters |
|
|
|
2018-07-31 |
Richard Guy Briggs |
|
New |
| [net-next,v3,8/8] bridge: make sure objects belong to container's owner |
|
|
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,7/8] net: create reusable function for getting ownership info of sysfs inodes |
|
|
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,6/8] net-sysfs: make sure objects belong to container's owner |
|
|
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,5/8] net-sysfs: require net admin in the init ns for setting tx_maxrate |
|
|
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,4/8] driver core: set up ownership of class devices in sysfs |
|
1 |
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,3/8] kobject: kset_create_and_add() - fetch ownership info from parent |
|
1 |
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,2/8] sysfs, kobject: allow creating kobject belonging to arbitrary users |
|
|
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v3,1/8] kernfs: allow creating kernfs objects with arbitrary uid/gid |
|
|
|
2018-07-20 |
Tyler Hicks |
|
New |
| [net-next,v2,7/7] bridge: make sure objects belong to container's owner |
|
|
|
2018-07-13 |
Tyler Hicks |
|
New |
| [net-next,v2,6/7] net: Create reusable function for getting ownership info of sysfs inodes |
|
|
|
2018-07-13 |
Tyler Hicks |
|
New |
| [net-next,v2,5/7] net-sysfs: make sure objects belong to contrainer's owner |
|
|
|
2018-07-13 |
Tyler Hicks |
|
New |