diff v2→v4 (patch 4) | series

Inter-revision diff: patch 4

Comparing v2 (message) to v4 (message)
--- v2
+++ v4
@@ -4,8 +4,13 @@
 https://www.kernel.org/doc/html/v5.13/userspace-api/landlock.html
 
 Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
-Link: https://lore.kernel.org/r/20210712155745.831580-5-mic@digikod.net
+Link: https://lore.kernel.org/r/20210818155931.484070-5-mic@digikod.net
 ---
+
+Changes since v2:
+* Add an EXAMPLES section referring to landlock(7).
+* Change list order in the SEE ALSO section.
+* Fix .IR and .BR use as explained by Alejandro Colomar.
 
 Changes since v1:
 * Replace all ".I" with ".IR", except when used for titles.
@@ -19,16 +24,16 @@
 * Add a "CONFORMING TO" section.
 * Replace "(2)" with "()" for the described syscall name.
 ---
- man2/landlock_restrict_self.2 | 130 ++++++++++++++++++++++++++++++++++
- 1 file changed, 130 insertions(+)
+ man2/landlock_restrict_self.2 | 133 ++++++++++++++++++++++++++++++++++
+ 1 file changed, 133 insertions(+)
  create mode 100644 man2/landlock_restrict_self.2
 
 diff --git a/man2/landlock_restrict_self.2 b/man2/landlock_restrict_self.2
 new file mode 100644
-index 000000000000..41b21278905a
+index 000000000000..4b10997e2fb6
 --- /dev/null
 +++ b/man2/landlock_restrict_self.2
-@@ -0,0 +1,130 @@
+@@ -0,0 +1,133 @@
 +.\" Copyright © 2017-2020 Mickaël Salaün <mic@digikod.net>
 +.\" Copyright © 2019-2020 ANSSI
 +.\" Copyright © 2021 Microsoft Corporation
@@ -93,9 +98,9 @@
 +.BR landlock_add_rule (2).
 +.PP
 +In order to enforce a ruleset, either the caller must have the
-+.BR CAP_SYS_ADMIN
++.B CAP_SYS_ADMIN
 +capability in its user namespace, or the thread must already have the
-+.IR no_new_privs
++.I no_new_privs
 +bit set.
 +As for
 +.BR seccomp (2),
@@ -108,13 +113,13 @@
 +prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0);
 +.EE
 +.PP
-+.IR ruleset_fd
++.I ruleset_fd
 +is a Landlock ruleset file descriptor obtained with
 +.BR landlock_create_ruleset (2)
 +and fully populated with a set of calls to
 +.BR landlock_add_rule (2).
 +.PP
-+.IR flags
++.I flags
 +must be 0.
 +.SH RETURN VALUE
 +On success,
@@ -128,24 +133,24 @@
 +Landlock is supported by the kernel but disabled at boot time.
 +.TP
 +.B EINVAL
-+.IR flags
++.I flags
 +is not 0.
 +.TP
 +.B EBADF
-+.IR ruleset_fd
++.I ruleset_fd
 +is not a file descriptor for the current thread.
 +.TP
 +.B EBADFD
-+.IR ruleset_fd
++.I ruleset_fd
 +is not a ruleset file descriptor.
 +.TP
 +.B EPERM
-+.IR ruleset_fd
++.I ruleset_fd
 +has no read access to the underlying ruleset,
 +or the calling thread is not running with
 +.IR no_new_privs ,
 +or it doesn't have the
-+.BR CAP_SYS_ADMIN
++.B CAP_SYS_ADMIN
 +in its user namespace.
 +.TP
 +.B E2BIG
@@ -155,10 +160,13 @@
 +Landlock was added in Linux 5.13.
 +.SH CONFORMING TO
 +This system call is Linux-specific.
++.SH EXAMPLES
++See
++.BR landlock (7).
 +.SH SEE ALSO
-+.BR landlock (7),
 +.BR landlock_create_ruleset (2),
-+.BR landlock_add_rule (2)
++.BR landlock_add_rule (2),
++.BR landlock (7)
 -- 
 2.32.0
`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help