[PATCH v3 1/4] man/man2/landlock_create_ruleset.2: Clarify attr and size constraints

[PATCH v3 0/4] Update Landlock docs to Landlock ABI v8 · Günther Noack <hidden> · 2026-04-21
[PATCH v3 1/4] man/man2/landlock_create_ruleset.2: Clarify attr and size constraints · Günther Noack <hidden> · 2026-04-21
[PATCH v3 2/4] man/man[27]/{landlock_create_ruleset.2,landlock.7}: Document LANDLOCK_CREATE_RULESET_ERRATA · Günther Noack <hidden> · 2026-04-21
[PATCH v3 3/4] man/man[27]/{landlock_restrict_self.2,landlock.7}: Document LANDLOCK_RESTRICT_SELF_TSYNC (ABI v8) · Günther Noack <hidden> · 2026-04-21
[PATCH v3 4/4] man/man2/landlock_restrict_self.2: Document ABI requirement for logging flags · Günther Noack <hidden> · 2026-04-21
Re: [PATCH v3 4/4] man/man2/landlock_restrict_self.2: Document ABI requirement for logging flags · Alejandro Colomar <alx@kernel.org> · 2026-04-21

From: Günther Noack <hidden>
Date: 2026-04-21 17:58:48
Subsystem: the rest · Maintainer: Linus Torvalds

When used with special flags like LANDLOCK_CREATE_RULESET_VERSION,
attr must be NULL and size must be 0.

Signed-off-by: Günther Noack <redacted>
---
 man/man2/landlock_create_ruleset.2 | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/man/man2/landlock_create_ruleset.2 b/man/man2/landlock_create_ruleset.2
index d4eb5d827656..dd14f0ceba7c 100644
--- a/man/man2/landlock_create_ruleset.2
+++ b/man/man2/landlock_create_ruleset.2

@@ -116,11 +116,7 @@ Otherwise,
 can be set to:
 .TP
 .B LANDLOCK_CREATE_RULESET_VERSION
-If
-.I attr
-is NULL and
-.I size
-is 0, then the returned value is the highest supported Landlock ABI version
+Return the highest supported Landlock ABI version
 (starting at 1).
 This version can be used for a best-effort security approach,
 which is encouraged when user space is not pinned to a specific kernel

@@ -129,6 +125,15 @@ version.
 Unless noted otherwise,
 all features documented in these manual pages are available with the
 version 1.
+.P
+If
+.B LANDLOCK_CREATE_RULESET_VERSION
+is set,
+then
+.I attr
+must be NULL and
+.I size
+must be 0.
 .SH RETURN VALUE
 On success,
 .BR landlock_create_ruleset ()

@@ -159,6 +164,14 @@ Unknown
 or unknown access, or unknown scope, or too small
 .IR size .
 .TP
+.B EINVAL
+Non-NULL
+.I attr
+or non-zero
+.I size
+in combination with
+.BR LANDLOCK_CREATE_RULESET_VERSION .
+.TP
 .B ENOMSG
 Empty accesses (i.e.,
 .I attr

-- 
2.53.0

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help