Re: [RFC] lsm: namespace hooks

From: Lukasz Pawelczyk
Date: Thu Nov 27 2014 - 09:35:41 EST

Next message: Jon Medhurst (Tixy): "Re: [PATCH v10 2/2] ARM: kprobes: enable OPTPROBES for ARM 32"
Previous message: Michal Marek: "Re: [PATCH] scripts/package: binrpm-pkg do not build source tar file"
In reply to: Richard Weinberger: "Re: [RFC] lsm: namespace hooks"
Next in thread: Lukasz Pawelczyk: "Re: [RFC] lsm: namespace hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On czw, 2014-11-27 at 15:18 +0100, Richard Weinberger wrote:
> On Thu, Nov 27, 2014 at 3:01 PM, Lukasz Pawelczyk
> <l.pawelczyk@xxxxxxxxxxx> wrote:
> > -/* 0x02000000 was previously the unused CLONE_STOPPED (Start in stopped state)
> > - and is now available for re-use. */
> > +#define CLONE_NEWLSM 0x02000000 /* New LSM namespace */
>
> FYI, CLONE_NEWCGROUP also claims last flag [1].

Yes, I'm perfectly aware of that. I've seen those patches.
This is RFC for now and CGROUP NS is not merged yet. I'll rebase when
time comes.

> As it looks we will get more and more namespaces, more than clone() can handle.
>
> [1] https://lkml.org/lkml/2014/7/17/588
>

--
Lukasz Pawelczyk
Samsung R&D Institute Poland
Samsung Electronics

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jon Medhurst (Tixy): "Re: [PATCH v10 2/2] ARM: kprobes: enable OPTPROBES for ARM 32"
Previous message: Michal Marek: "Re: [PATCH] scripts/package: binrpm-pkg do not build source tar file"
In reply to: Richard Weinberger: "Re: [RFC] lsm: namespace hooks"
Next in thread: Lukasz Pawelczyk: "Re: [RFC] lsm: namespace hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]