Thread (32 messages) 32 messages, 2 authors, 2023-10-11

Re: [PATCH v12 02/12] landlock: Allow filesystem layout changes for domains without such rule type

From: Konstantin Meskhidze (A) <hidden>
Date: 2023-10-10 02:17:17
Also in: netdev, netfilter-devel 


10/2/2023 11:26 PM, Mickaël Salaün пишет:
Please change the subject to "landlock: Allow FS topology changes for
domains without such rule type" to be consistent with the documentation.
   Got it. Thanks.
On Wed, Sep 20, 2023 at 05:26:30PM +0800, Konstantin Meskhidze wrote:
quoted
From: Mickaël Salaün <mic@digikod.net>

Allow mount point and root directory changes when there is no filesystem
rule tied to the current Landlock domain.  This doesn't change anything
for now because a domain must have at least a (filesystem) rule, but
this will change when other rule types will come.  For instance, a
domain only restricting the network should have no impact on filesystem
restrictions.

Add a new get_current_fs_domain() helper to quickly check filesystem
rule existence for all filesystem LSM hooks.

Remove unnecessary inlining.

Signed-off-by: Mickaël Salaün <mic@digikod.net>
.
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help