[PATCH] landlock: Add counted_by and fix comment in landlock_ruleset
Günther Noack
gnoack at google.com
Mon Feb 9 09:47:52 UTC 2026
On Sun, Feb 08, 2026 at 11:54:48PM +0000, Tingmao Wang wrote:
> For a domain, this array stores the access masks for each layer (of
> which there are num_layers of them). For an unmerged ruleset, we have
> one "layer", and one element in this array. This annotation serves as
> useful documentation.
>
> This also removes a comment saying that num_layers = 0 for unmerged
> rulesets, which is incorrect (it is 1).
>
> Signed-off-by: Tingmao Wang <m at maowtm.org>
Reviewed-by: Günther Noack <gnoack at google.com>
Thank you for fixing this! We should use these bounds check macros
wherever we can, IMHO. Removing the remark about num_layers=0 is also
correct.
—Günther
More information about the Linux-security-module-archive
mailing list