[RFC PATCH 2/2] landlock: transpose the layer masks data structure

[Günther Noack]

On Tue, Dec 30, 2025 at 11:39:21AM +0100, Günther Noack wrote:
> diff --git a/security/landlock/access.h b/security/landlock/access.h
> index 7961c6630a2d7..aa0efa36a37db 100644
> --- a/security/landlock/access.h
> +++ b/security/landlock/access.h
>  [...]
>  /*
>   * Tracks domains responsible of a denied access.  This is required to avoid
>   * storing in each object the full layer_masks[] required by update_request().
> + *
> + * Each nibble represents the layer index of the newest layer which denied a
> + * certain access right.  For file system access rights, the upper four bits are
> + * the index of the layer which denies LANDLOCK_ACCESS_FS_IOCTL_DEV and the
> + * lower nibble represents LANDLOCK_ACCESS_FS_TRUNCATE.
>   */
>  typedef u8 deny_masks_t;

FYI: I left this out for now because it felt a bit out of scope (and
transposing the layer masks was adventurous enough), but I was tempted
to go one step further here and turn this into a struct with
bitfields:

/* A collection of layer indices denying specific access rights. */
struct layers_denying_fs_access {
  unsigned int truncate  : 4;
  unsigned int ioctl_dev : 4;
}

(Type name TBD, I am open for suggestions.)

I think if we accept that this data structure is specific to FS access
rights, we win clarity in the code.  When I came across the code that
put this together dynamically and in a more generic way, it took me a
while to figure out what it did.

–Günther