[PATCH v33 07/12] landlock: Support filesystem access-control
James Morris
jmorris at namei.org
Thu Apr 8 20:28:44 UTC 2021
On Wed, 7 Apr 2021, Mickaël Salaün wrote:
> Changes since v31:
> * Gracefully forbid reparenting by returning EXDEV in hook_path_link()
> and hook_path_rename() (hinted by Al Viro).
> * Replace excessive WARN_ON_ONCE() with unlikely() in
> hook_path_rename() and use ENOENT instead of EACCES.
> * Improve comment in unmask_layers() (pointed out by Al Viro). Also use
> filesystem "topology" instead of "layout", which seems more
> appropriate.
> * Add access(2) to the documented list of unsupported syscall families.
> * Replace "option" with "flag" in hook_sb_mount() comment.
Good to see these changes.
Al: any further comments now on this patch?
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list