Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp316892imj; Sat, 16 Feb 2019 00:48:27 -0800 (PST) X-Google-Smtp-Source: AHgI3Ib4qaZtDAsIgNh2r22N9aJnTwNIhs6igcxmbz40P9W54O2aDf348WRo75q1Tx8BSD/hR6/d X-Received: by 2002:a17:902:64:: with SMTP id 91mr14962251pla.229.1550306907517; Sat, 16 Feb 2019 00:48:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1550306907; cv=none; d=google.com; s=arc-20160816; b=UCkX8tZFpYkAF9Rip0EVu4J7JcQI1k+2ubL2LqbhsXZRAgV6ejbp9Qbvy0+2gve/zc nW5c4mhoq4gjvoeIP3lWlbkfYKLYq7mBSIUY62ECGnaMYP3hDig2ZGQrXoN+8vWy4ulh LpbJC2dWoYGW8PwIW+CtEKo4BZ+jcG3jpDC0c7hFoQoBp+U48XMGrTWf9Eu3z97YJtOv y381xKw18Qhwv9Et4g6+Y/vePyMkigb6It5Ha7aGd0hLsc5KlX2BzqRqBA6fWvlU9o+a i9/euvDsqRceAI05ZJDCTJ2OqV+uFX/9hbAHIozICLQ4wtdFRfkDV4X5TCKN1j2cTKa4 PbdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=eSXZ5h03usU0GIgRAQPhC/PxdOPicFGfY/oL2WNnjeI=; b=dgl8jM6oQBcblx0RPIuI5yhO/xG6AF07pXN9+Nxj4A6MqHe+j4KbAx+J7fSZnJyx9i 2ah523Jf1OwYduwz+1miLCrDw4Z8Dz+r2DQ9FIccSpEj2QH09Lbn2Q6udg8WZqSpe8ef r96eUkRPxBsvhloAIRv3pNrqDcP4qH3OFpv6aEl6p3baNHSXu/Y4uNUV4uxw6+MnMzWs IGJMkSeQIhtLMlqwA2ShowXO6vK018Z+TkZx+MfCX+WiZupPVQSZLIgPSBpof6iFoINu Ff9Qo7p/fb2A43/P+tub6WdOqVwkMTb68AsAh4IvDigpHpLqxF/nty6+9zC8ZykQ2KFO uapw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n14si7499662plp.257.2019.02.16.00.48.11; Sat, 16 Feb 2019 00:48:27 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391605AbfBOWgV (ORCPT + 99 others); Fri, 15 Feb 2019 17:36:21 -0500 Received: from namei.org ([65.99.196.166]:52504 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390411AbfBOWgU (ORCPT ); Fri, 15 Feb 2019 17:36:20 -0500 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id x1FMa4QR006885; Fri, 15 Feb 2019 22:36:04 GMT Date: Sat, 16 Feb 2019 09:36:04 +1100 (AEDT) From: James Morris To: David Howells cc: keyrings@vger.kernel.org, trond.myklebust@hammerspace.com, sfrench@samba.org, linux-security-module@vger.kernel.org, linux-nfs@vger.kernel.org, linux-cifs@vger.kernel.org, linux-fsdevel@vger.kernel.org, rgb@redhat.com, linux-kernel@vger.kernel.org, ebiederm@xmission.com Subject: Re: [RFC PATCH 00/27] Containers and using authenticated filesystems In-Reply-To: <155024683432.21651.14153938339749694146.stgit@warthog.procyon.org.uk> Message-ID: References: <155024683432.21651.14153938339749694146.stgit@warthog.procyon.org.uk> User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 15 Feb 2019, David Howells wrote: > > Here's a collection of patches that containerises the kernel keys and makes > it possible to separate keys by namespace. This can be extended to any > filesystem that uses request_key() to obtain the pertinent authentication > token on entry to VFS or socket methods. Shouldn't Eric Biederman be cc'd on this? -- James Morris