ima: Change the owning user namespace of the ima namespace if necessary
hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I49KW1 CVE: NA -------------------------------- It's possible that the user first unshares the ima namespace and then creates a new user namespace using clone3(). In that case the owning user namespace is the newly created one, because it is associated with the first process in the new ima namespace. Signed-off-by: NKrzysztof Struczynski <krzysztof.struczynski@huawei.com> Reviewed-by: NZhang Tianxing <zhangtianxing3@huawei.com> Signed-off-by: NZheng Zengkai <zhengzengkai@huawei.com>
Showing
想要评论请 注册 或 登录