net · 3cdf5b45ffbac294bcdfac0393df72f7687c01e8 · nexedi / linux

userns: make each net (net_ns) belong to a user_ns

Eric W. Biederman authored 12 years ago


The user namespace which creates a new network namespace owns that
namespace and all resources created in it.  This way we can target
capability checks for privileged operations against network resources to
the user_ns which created the network namespace in which the resource
lives.  Privilege to the user namespace which owns the network
namespace, or any parent user namespace thereof, provides the same
privilege to the network resource.

This patch is reworked from a version originally by
Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

038e7332

Name	Last commit	Last update
..
802	tokenring: delete all remaining driver support	12 years ago
8021q	vlan: allow to change type when no vlan device is hooked on netdev	12 years ago
9p	Merge tag 'for-linus-merge-3.7' of git://git.kernel.org/pub/scm/linux/kernel/git/ericvh/v9fs	12 years ago
appletalk	userns: Print out socket uids in a user namespace aware fashion.	12 years ago
atm	net:atm:fix up ENOIOCTLCMD error handling	12 years ago
ax25	userns: Convert net/ax25 to use kuid_t where appropriate	12 years ago
batman-adv	batman-adv: Fix potential broadcast BLA-duplicate-check race condition	12 years ago
bluetooth	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth	12 years ago
bridge	bridge: Pull ip header into skb->data before looking into ip header.	12 years ago
caif	caif: move the dereference below the NULL test	12 years ago
can	sections: fix section conflicts in net/can	12 years ago
ceph	Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux	12 years ago
core	userns: make each net (net_ns) belong to a user_ns	12 years ago
dcb	netlink: Rename pid to portid to avoid confusion	12 years ago
dccp	dccp: fix info leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO)	12 years ago
decnet	sections: fix section conflicts in net	12 years ago
dns_resolver	Merge branch 'modules-next' of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux	12 years ago
dsa	workqueue: deprecate flush[_delayed]_work_sync()	12 years ago
ethernet	ipx: move peII functions	12 years ago
ieee802154	net/ieee802154/6lowpan.c: Remove unecessary semicolon	12 years ago
ipv4	tcp: Reject invalid ack_seq to Fast Open sockets	12 years ago
ipv6	ipv6: Set default hoplimit as zero.	12 years ago
ipx	userns: Print out socket uids in a user namespace aware fashion.	12 years ago
irda	Merge 3.7-rc1 into tty-linus	12 years ago
iucv	net: remove skb_orphan_try()	12 years ago
key
l2tp
lapb
llc
mac80211
mac802154
netfilter
netlabel
netlink
netrom
nfc
openvswitch
packet
phonet
rds
rfkill
rose
rxrpc
sched
sctp
sunrpc
tipc
unix
wanrouter
wimax
wireless
x25
xfrm
Kconfig
Makefile
compat.c
nonet.c
socket.c
sysctl_net.c

Download source code

Download this directory