[RFC PATCH 5/6] landlock/access: Improve explanation on the deny_masks_t
Tingmao Wang
m at maowtm.org
Sun Sep 21 23:52:28 UTC 2025
On 9/19/25 17:04, Mickaël Salaün wrote:
> Looks good, I'll take it.
Thanks, will skip this in the next version.
>
> On Tue, Sep 09, 2025 at 01:06:39AM +0100, Tingmao Wang wrote:
>> Not really related to this series, but just something which took me a
>> while to realize, and would probably be helpful as a comment.
>
> Please just describe the change in the main commit message and move this
> kind of explanation bellow a "---", just after your SoB. This is useful
> for review and avoid unrelated information when picking a patch out of
> this context.
Got it :)
>
>>
>> Signed-off-by: Tingmao Wang <m at maowtm.org>
>> ---
>> security/landlock/access.h | 6 ++++--
>> 1 file changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/security/landlock/access.h b/security/landlock/access.h
>> index 7961c6630a2d..5e2285575479 100644
>> --- a/security/landlock/access.h
>> +++ b/security/landlock/access.h
>> @@ -67,8 +67,10 @@ typedef u16 layer_mask_t;
>> static_assert(BITS_PER_TYPE(layer_mask_t) >= LANDLOCK_MAX_NUM_LAYERS);
>>
>> /*
>> - * Tracks domains responsible of a denied access. This is required to avoid
>> - * storing in each object the full layer_masks[] required by update_request().
>> + * Tracks domains responsible of a denied access, stored in the form of
>> + * two 4-bit layer numbers packed into a byte (one for each optional
>> + * access). This is required to avoid storing in each object the full
>> + * layer_masks[] required by update_request().
>> */
>> typedef u8 deny_masks_t;
>>
>> --
>> 2.51.0
>>
>>
More information about the Linux-security-module-archive
mailing list