| Message ID | 20250122165626.331786-1-mic@digikod.net (mailing list archive) |
|---|---|
| State | Handled Elsewhere |
| Headers | show |
| Series | [GIT,PULL] Landlock updates for v6.14 | expand |
The pull request you sent on Wed, 22 Jan 2025 17:56:26 +0100:
> https://git.kernel.org/pub/scm/linux/kernel/git/mic/linux.git tags/landlock-6.14-rc1
has been merged into torvalds/linux.git:
https://git.kernel.org/torvalds/c/de5817bbfb569f22406970f81360ac3f694ba6e8
Thank you!
Hi Linus, This PR mostly factors out some Landlock code and prepares for upcoming audit support. Because weird files might be visible after filesystem corruption, Landlock now properly handles weird files too. A few sample and test issues are also fixed. Please pull these changes for v6.14-rc1 . These commits merge cleanly with your master branch. The kernel code has been tested in the latest linux-next releases for a few weeks and rebased to update commit messages. Test coverage for security/landlock is 93.4% of 1124 lines according to gcc/gcov-14, and it was 92.7% of 1118 lines before this PR. Regards, Mickaël -- The following changes since commit 9d89551994a430b50c4fffcb1e617a057fa76e20: Linux 6.13-rc6 (2025-01-05 14:13:40 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/mic/linux.git tags/landlock-6.14-rc1 for you to fetch changes up to 2a794ee613617b5d8fd978b7ef08d64aa07ff2e6: selftests/landlock: Add layout1.umount_sandboxer tests (2025-01-17 19:05:38 +0100) ---------------------------------------------------------------- Landlock updates for v6.14-rc1 ---------------------------------------------------------------- Ba Jing (1): selftests/landlock: Remove unused macros in ptrace_test.c Mickaël Salaün (14): landlock: Handle weird files landlock: Constify get_mode_access() landlock: Use scoped guards for ruleset landlock: Use scoped guards for ruleset in landlock_add_rule() selftests/landlock: Fix build with non-default pthread linking landlock: Factor out check_access_path() landlock: Move access types landlock: Simplify initially denied access rights landlock: Align partial refer access checks with final ones selftests/landlock: Add test to check partial access in a mount tree landlock: Optimize file path walks and prepare for audit support selftests/landlock: Fix error message selftests/landlock: Add wrappers.h selftests/landlock: Add layout1.umount_sandboxer tests Zichen Xie (1): samples/landlock: Fix possible NULL dereference in parse_path() samples/landlock/sandboxer.c | 7 + security/landlock/access.h | 77 +++++++++++ security/landlock/fs.c | 114 ++++++++-------- security/landlock/fs.h | 1 + security/landlock/ruleset.c | 26 ++-- security/landlock/ruleset.h | 52 +------ security/landlock/syscalls.c | 39 ++---- tools/testing/selftests/landlock/Makefile | 6 +- tools/testing/selftests/landlock/common.h | 38 +----- tools/testing/selftests/landlock/fs_test.c | 151 +++++++++++++++++++-- tools/testing/selftests/landlock/ptrace_test.c | 2 - .../selftests/landlock/sandbox-and-launch.c | 82 +++++++++++ tools/testing/selftests/landlock/wait-pipe.c | 42 ++++++ tools/testing/selftests/landlock/wrappers.h | 47 +++++++ 14 files changed, 489 insertions(+), 195 deletions(-) create mode 100644 security/landlock/access.h create mode 100644 tools/testing/selftests/landlock/sandbox-and-launch.c create mode 100644 tools/testing/selftests/landlock/wait-pipe.c create mode 100644 tools/testing/selftests/landlock/wrappers.h