[GIT PULL] Landlock fix for v6.12-rc7 #2

From: Mickaël Salaün
Date: Sun Nov 10 2024 - 13:58:20 EST

Next message: Mickaël Salaün: "Re: [GIT PULL] Landlock fix for v6.12-rc7"
Previous message: Aren: "Re: [PATCH v4 3/6] iio: light: stk3310: Implement vdd and leda supplies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Linus,

This PR fixes issues in the Landlock's sandboxer sample and documentation,
slightly refactors helpers (required for ongoing patch series), and improve/fix
a feature merged in v6.12 (signal and abstract UNIX socket scoping).

Please pull these changes for v6.12-rc7 (or rc8, if any). These commits merge
cleanly with your master branch. The kernel code has been tested in the latest
linux-next releases for a few weeks, but I updated the last three patches with
cosmetic changes according to reviews.

Test coverage for security/landlock is 92.5% of 1129 lines according to
gcc/gcov-14, and it was 92.8% of 1134 lines before this PR.

Regards,
Mickaël

--
The following changes since commit 8e929cb546ee42c9a61d24fae60605e9e3192354:

Linux 6.12-rc3 (2024-10-13 14:33:32 -0700)

are available in the Git repository at:

https://git.kernel.org/pub/scm/linux/kernel/git/mic/linux.git tags/landlock-6.12-rc7

for you to fetch changes up to 03197e40a22c2641a1f9d1744418cd29f4954b83:

landlock: Optimize scope enforcement (2024-11-09 19:52:13 +0100)

----------------------------------------------------------------
Landlock fix for v6.12-rc7

----------------------------------------------------------------
Daniel Burgener (1):
landlock: Fix grammar issues in documentation

Matthieu Buffet (3):
samples/landlock: Fix port parsing in sandboxer
samples/landlock: Refactor help message
samples/landlock: Clarify option parsing behaviour

Mickaël Salaün (4):
landlock: Improve documentation of previous limitations
landlock: Refactor filesystem access mask management
landlock: Refactor network access mask management
landlock: Optimize scope enforcement

Documentation/security/landlock.rst | 14 ++--
Documentation/userspace-api/landlock.rst | 90 ++++++++++++-------------
samples/landlock/sandboxer.c | 112 +++++++++++++++++++------------
security/landlock/fs.c | 31 +++------
security/landlock/net.c | 28 ++------
security/landlock/ruleset.h | 74 +++++++++++++++++---
security/landlock/syscalls.c | 2 +-
security/landlock/task.c | 18 ++++-
8 files changed, 217 insertions(+), 152 deletions(-)

Next message: Mickaël Salaün: "Re: [GIT PULL] Landlock fix for v6.12-rc7"
Previous message: Aren: "Re: [PATCH v4 3/6] iio: light: stk3310: Implement vdd and leda supplies"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]