Searched hist:"038 e7332b8d4c0629a2965e3ede1a92e8e427bd6" (Results 1 – 3 of 3) sorted by relevance
| /openbmc/linux/kernel/ |
| H A D | nsproxy.c | diff 038e7332b8d4c0629a2965e3ede1a92e8e427bd6 Thu Jun 14 04:31:10 CDT 2012 Eric W. Biederman <ebiederm@xmission.com> userns: make each net (net_ns) belong to a user_ns
The user namespace which creates a new network namespace owns that
namespace and all resources created in it. This way we can target
capability checks for privileged operations against network resources to
the user_ns which created the network namespace in which the resource
lives. Privilege to the user namespace which owns the network
namespace, or any parent user namespace thereof, provides the same
privilege to the network resource.
This patch is reworked from a version originally by
Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
|
| /openbmc/linux/net/core/ |
| H A D | net_namespace.c | diff 038e7332b8d4c0629a2965e3ede1a92e8e427bd6 Thu Jun 14 04:31:10 CDT 2012 Eric W. Biederman <ebiederm@xmission.com> userns: make each net (net_ns) belong to a user_ns
The user namespace which creates a new network namespace owns that
namespace and all resources created in it. This way we can target
capability checks for privileged operations against network resources to
the user_ns which created the network namespace in which the resource
lives. Privilege to the user namespace which owns the network
namespace, or any parent user namespace thereof, provides the same
privilege to the network resource.
This patch is reworked from a version originally by
Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
|
| /openbmc/linux/include/net/ |
| H A D | net_namespace.h | diff 038e7332b8d4c0629a2965e3ede1a92e8e427bd6 Thu Jun 14 04:31:10 CDT 2012 Eric W. Biederman <ebiederm@xmission.com> userns: make each net (net_ns) belong to a user_ns
The user namespace which creates a new network namespace owns that
namespace and all resources created in it. This way we can target
capability checks for privileged operations against network resources to
the user_ns which created the network namespace in which the resource
lives. Privilege to the user namespace which owns the network
namespace, or any parent user namespace thereof, provides the same
privilege to the network resource.
This patch is reworked from a version originally by
Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
|