subject:"\[PATCH v2 4\/4\] bpf,lsm\: Allow editing capabilities in BPF\-LSM hooks"

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-15 Thread Serge E. Hallyn

On Thu, Jun 13, 2024 at 01:50:29AM -0700, Jonathan Calmels wrote: > On Wed, Jun 12, 2024 at 08:54:28PM GMT, John Johansen wrote: > > On 6/12/24 10:29, Paul Moore wrote: > > > On Wed, Jun 12, 2024 at 4:15 AM Jonathan Calmels > > > wrote: > > > > On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore w

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-13 Thread Paul Moore

On Thu, Jun 13, 2024 at 4:45 AM Jonathan Calmels wrote: > On Wed, Jun 12, 2024 at 08:54:28PM GMT, John Johansen wrote: > > On 6/12/24 10:29, Paul Moore wrote: > > > On Wed, Jun 12, 2024 at 4:15 AM Jonathan Calmels > > > wrote: > > > > On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: > >

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-13 Thread Paul Moore

On Wed, Jun 12, 2024 at 11:54 PM John Johansen wrote: > On 6/12/24 10:29, Paul Moore wrote: > > On Wed, Jun 12, 2024 at 4:15 AM Jonathan Calmels wrote: > >> On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: > >>> On Tue, Jun 11, 2024 at 6:15 PM Jonathan Calmels > >>> wrote: > > > > ...

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-13 Thread Dr. Greg

On Wed, Jun 12, 2024 at 08:54:28PM -0700, John Johansen wrote: Good morning, I hope the day is going well for everyone. > On 6/12/24 10:29, Paul Moore wrote: > >On Wed, Jun 12, 2024 at 4:15???AM Jonathan Calmels > >wrote: > >>On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: > >>>On Tue

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-13 Thread Jonathan Calmels

On Wed, Jun 12, 2024 at 08:54:28PM GMT, John Johansen wrote: > On 6/12/24 10:29, Paul Moore wrote: > > On Wed, Jun 12, 2024 at 4:15 AM Jonathan Calmels wrote: > > > On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: > > > > On Tue, Jun 11, 2024 at 6:15 PM Jonathan Calmels > > > > wrote: >

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-12 Thread John Johansen

On 6/12/24 10:29, Paul Moore wrote: On Wed, Jun 12, 2024 at 4:15 AM Jonathan Calmels wrote: On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: On Tue, Jun 11, 2024 at 6:15 PM Jonathan Calmels wrote: ... Arguably, if we do want fine-grained userns policies, we need LSMs to influence

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-12 Thread Paul Moore

On Wed, Jun 12, 2024 at 4:15 AM Jonathan Calmels wrote: > On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: > > On Tue, Jun 11, 2024 at 6:15 PM Jonathan Calmels wrote: ... > > > Arguably, if we do want fine-grained userns policies, we need LSMs to > > > influence the userns capset at so

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-12 Thread Jonathan Calmels

On Tue, Jun 11, 2024 at 06:38:31PM GMT, Paul Moore wrote: > On Tue, Jun 11, 2024 at 6:15 PM Jonathan Calmels wrote: > > On Tue, Jun 11, 2024 at 03:01:01PM GMT, Paul Moore wrote: > > > On Tue, Jun 11, 2024 at 6:32 AM John Johansen > > > wrote: > > > > > > > > On 6/11/24 01:09, Jonathan Calmels wro

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-11 Thread Paul Moore

On Tue, Jun 11, 2024 at 6:15 PM Jonathan Calmels wrote: > On Tue, Jun 11, 2024 at 03:01:01PM GMT, Paul Moore wrote: > > On Tue, Jun 11, 2024 at 6:32 AM John Johansen > > wrote: > > > > > > On 6/11/24 01:09, Jonathan Calmels wrote: > > > > On Sun, Jun 09, 2024 at 08:18:48PM GMT, Paul Moore wrote:

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-11 Thread Jonathan Calmels

On Tue, Jun 11, 2024 at 03:01:01PM GMT, Paul Moore wrote: > On Tue, Jun 11, 2024 at 6:32 AM John Johansen > wrote: > > > > On 6/11/24 01:09, Jonathan Calmels wrote: > > > On Sun, Jun 09, 2024 at 08:18:48PM GMT, Paul Moore wrote: > > >> On Sun, Jun 9, 2024 at 6:40 AM Jonathan Calmels > > >> wrote

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-11 Thread Paul Moore

On Tue, Jun 11, 2024 at 6:32 AM John Johansen wrote: > > On 6/11/24 01:09, Jonathan Calmels wrote: > > On Sun, Jun 09, 2024 at 08:18:48PM GMT, Paul Moore wrote: > >> On Sun, Jun 9, 2024 at 6:40 AM Jonathan Calmels wrote: > >>> > >>> This patch allows modifying the various capabilities of the stru

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-11 Thread John Johansen

On 6/11/24 01:09, Jonathan Calmels wrote: On Sun, Jun 09, 2024 at 08:18:48PM GMT, Paul Moore wrote: On Sun, Jun 9, 2024 at 6:40 AM Jonathan Calmels wrote: This patch allows modifying the various capabilities of the struct cred in BPF-LSM hooks. More specifically, the userns_create hook called

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-11 Thread Jonathan Calmels

On Sun, Jun 09, 2024 at 08:18:48PM GMT, Paul Moore wrote: > On Sun, Jun 9, 2024 at 6:40 AM Jonathan Calmels wrote: > > > > This patch allows modifying the various capabilities of the struct cred > > in BPF-LSM hooks. More specifically, the userns_create hook called > > prior to creating a new user

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-09 Thread Paul Moore

On Sun, Jun 9, 2024 at 6:40 AM Jonathan Calmels wrote: > > This patch allows modifying the various capabilities of the struct cred > in BPF-LSM hooks. More specifically, the userns_create hook called > prior to creating a new user namespace. > > With the introduction of userns capabilities, this e

[PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

2024-06-09 Thread Jonathan Calmels

This patch allows modifying the various capabilities of the struct cred in BPF-LSM hooks. More specifically, the userns_create hook called prior to creating a new user namespace. With the introduction of userns capabilities, this effectively provides a simple way for LSMs to control the capabiliti

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

[PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks

15 matches

Site Navigation

Mail list logo

Footer information