Searched hist:"3 cee6079" (Results 1 – 3 of 3) sorted by relevance
/openbmc/linux/security/apparmor/ |
H A D | file.c | 3cee6079 Thu Jan 21 07:19:44 CST 2021 Christian Brauner <christian.brauner@ubuntu.com> apparmor: handle idmapped mounts
The i_uid and i_gid are mostly used when logging for AppArmor. This is broken in a bunch of places where the global root id is reported instead of the i_uid or i_gid of the file. Nonetheless, be kind and log the mapped inode if we're coming from an idmapped mount. If the initial user namespace is passed nothing changes so non-idmapped mounts will see identical behavior as before.
Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
H A D | lsm.c | 3cee6079 Thu Jan 21 07:19:44 CST 2021 Christian Brauner <christian.brauner@ubuntu.com> apparmor: handle idmapped mounts
The i_uid and i_gid are mostly used when logging for AppArmor. This is broken in a bunch of places where the global root id is reported instead of the i_uid or i_gid of the file. Nonetheless, be kind and log the mapped inode if we're coming from an idmapped mount. If the initial user namespace is passed nothing changes so non-idmapped mounts will see identical behavior as before.
Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|
H A D | domain.c | 3cee6079 Thu Jan 21 07:19:44 CST 2021 Christian Brauner <christian.brauner@ubuntu.com> apparmor: handle idmapped mounts
The i_uid and i_gid are mostly used when logging for AppArmor. This is broken in a bunch of places where the global root id is reported instead of the i_uid or i_gid of the file. Nonetheless, be kind and log the mapped inode if we're coming from an idmapped mount. If the initial user namespace is passed nothing changes so non-idmapped mounts will see identical behavior as before.
Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
|