mbox series

[v2,00/10] Minor Landlock fixes and new tests

Message ID 20220506160820.524344-1-mic@digikod.net (mailing list archive)
Headers show
Series Minor Landlock fixes and new tests | expand


Mickaël Salaün May 6, 2022, 4:08 p.m. UTC

This series contains some minor code and documentation fixes.  There is
also some miscellaneous new tests to improve coverage and that may help
for future access types (e.g. networking).

The important new patches are the last three ones.  They change the
landlock_add_rule(2) and landlock_restrict_self(2) check orderings to
make them more consistent according to future Landlock rule types (e.g.

As suggested by Alejandro Colomar [1], I removed the
landlock_add_rule(2) signature fix.  I added a new patch to test O_PATH

Test coverage for security/landlock was 94.4% of 500 lines, and it is
now 94.4% of 504 lines according to gcc/gcov-11.

I also fixed some typos and formatted the code with clang-format.  This
series can be applied on top of

[1] https://lore.kernel.org/r/ae52c028-05c7-c22e-fc47-d97ee4a2f6c7@gmail.com

Previous version:


Mickaël Salaün (10):
  landlock: Fix landlock_add_rule(2) documentation
  selftests/landlock: Make tests build with old libc
  selftests/landlock: Extend tests for minimal valid attribute size
  selftests/landlock: Add tests for unknown access rights
  selftests/landlock: Extend access right tests to directories
  selftests/landlock: Fully test file rename with "remove" access
  selftests/landlock: Add tests for O_PATH
  landlock: Change landlock_add_rule(2) argument check ordering
  landlock: Change landlock_restrict_self(2) check ordering
  selftests/landlock: Test landlock_create_ruleset(2) argument check

 include/uapi/linux/landlock.h                |   5 +-
 security/landlock/syscalls.c                 |  37 +++---
 tools/testing/selftests/landlock/base_test.c | 107 +++++++++++++++--
 tools/testing/selftests/landlock/fs_test.c   | 120 ++++++++++++++++---
 4 files changed, 218 insertions(+), 51 deletions(-)

base-commit: 763c5dc0e990fbd803c3c2b1ae832366ab7d207f