4/16/2023 7:11 PM, Mickaël Salaün пишет:
On 23/03/2023 09:52, Konstantin Meskhidze wrote:
Add new key_type argument to the landlock_init_layer_masks() helper.
Add a masks_array_size argument to the landlock_unmask_layers() helper.
These modifications support implementing new rule types in the next
Landlock versions.
Signed-off-by: Mickaël Salaün <mic@xxxxxxxxxxx>
Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze@xxxxxxxxxx>
---
Changes since v9:
* Refactors commit message.
Changes since v8:
* None.
Changes since v7:
* Refactors commit message, adds a co-developer.
* Minor fixes.
Changes since v6:
* Removes masks_size attribute from init_layer_masks().
* Refactors init_layer_masks() with new landlock_key_type.
Changes since v5:
* Splits commit.
* Formats code with clang-format-14.
Changes since v4:
* Refactors init_layer_masks(), get_handled_accesses()
and unmask_layers() functions to support multiple rule types.
* Refactors landlock_get_fs_access_mask() function with
LANDLOCK_MASK_ACCESS_FS mask.
Changes since v3:
* Splits commit.
* Refactors landlock_unmask_layers functions.
---
security/landlock/fs.c | 43 +++++++++++++++++--------------
security/landlock/ruleset.c | 50 +++++++++++++++++++++++++------------
security/landlock/ruleset.h | 17 +++++++------
3 files changed, 67 insertions(+), 43 deletions(-)
[...]
@@ -629,7 +629,11 @@ bool landlock_unmask_layers(
return false;
}
-/**
+typedef access_mask_t
+get_access_mask_t(const struct landlock_ruleset *const ruleset,
+ const u16 layer_level);
+
+/*
Please keep the "/**"
Got it. Thanks.
* landlock_init_layer_masks - Initialize layer masks from an access request
*
* Populates @layer_masks such that for each access right in @access_request,
.
