mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-12 21:57:43 +00:00
0f44e4d976
Move the user and user-session keyrings to the user_namespace struct rather than pinning them from the user_struct struct. This prevents these keyrings from propagating across user-namespaces boundaries with regard to the KEY_SPEC_* flags, thereby making them more useful in a containerised environment. The issue is that a single user_struct may be represent UIDs in several different namespaces. The way the patch does this is by attaching a 'register keyring' in each user_namespace and then sticking the user and user-session keyrings into that. It can then be searched to retrieve them. Signed-off-by: David Howells <dhowells@redhat.com> cc: Jann Horn <jannh@google.com> |
||
---|---|---|
.. | ||
autogroup.h | ||
clock.h | ||
coredump.h | ||
cpufreq.h | ||
cputime.h | ||
deadline.h | ||
debug.h | ||
hotplug.h | ||
idle.h | ||
init.h | ||
isolation.h | ||
jobctl.h | ||
loadavg.h | ||
mm.h | ||
nohz.h | ||
numa_balancing.h | ||
prio.h | ||
rt.h | ||
signal.h | ||
smt.h | ||
stat.h | ||
sysctl.h | ||
task.h | ||
task_stack.h | ||
topology.h | ||
user.h | ||
wake_q.h | ||
xacct.h |