mirror of
https://github.com/followmsi/android_kernel_google_msm.git
synced 2024-11-06 23:17:41 +00:00
d621e5dc9c
The user namespace which creates a new network namespace owns that namespace and all resources created in it. This way we can target capability checks for privileged operations against network resources to the user_ns which created the network namespace in which the resource lives. Privilege to the user namespace which owns the network namespace, or any parent user namespace thereof, provides the same privilege to the network resource. This patch is reworked from a version originally by Serge E. Hallyn <serge.hallyn@canonical.com> Change-Id: Ifa426537c47cce669099cc96e80b17e1d814457b Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> |
||
|---|---|---|
| .. | ||
| datagram.c | ||
| dev.c | ||
| dev_addr_lists.c | ||
| drop_monitor.c | ||
| dst.c | ||
| ethtool.c | ||
| fib_rules.c | ||
| filter.c | ||
| flow.c | ||
| flow_dissector.c | ||
| gen_estimator.c | ||
| gen_stats.c | ||
| iovec.c | ||
| kmap_skb.h | ||
| link_watch.c | ||
| Makefile | ||
| neighbour.c | ||
| net-sysfs.c | ||
| net-sysfs.h | ||
| net-traces.c | ||
| net_namespace.c | ||
| netevent.c | ||
| netpoll.c | ||
| netprio_cgroup.c | ||
| pktgen.c | ||
| request_sock.c | ||
| rtnetlink.c | ||
| scm.c | ||
| secure_seq.c | ||
| skbuff.c | ||
| sock.c | ||
| sock_diag.c | ||
| stream.c | ||
| sysctl_net_core.c | ||
| timestamping.c | ||
| user_dma.c | ||
| utils.c | ||