From: xiujianfeng <xiujianfeng@huawei.com>
To: <mic@digikod.net>, <paul@paul-moore.com>, <jmorris@namei.org>,
<serge@hallyn.com>, <shuah@kernel.org>, <corbet@lwn.net>
Cc: <linux-security-module@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <linux-kselftest@vger.kernel.org>,
<linux-doc@vger.kernel.org>, <roberto.sassu@huawei.com>,
Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
Subject: Re: [PATCH -next v2 0/6] landlock: add chmod and chown support
Date: Tue, 18 Apr 2023 18:53:28 +0800 [thread overview]
Message-ID: <d55baf4d-01d3-e4d7-e07f-9658d1606a8c@huawei.com> (raw)
In-Reply-To: <20220827111215.131442-1-xiujianfeng@huawei.com>
Hi Mickael,
Sorry about the long silence on this work, As we known this work depends
on another work about changing argument from struct dentry to struct
path for some attr/xattr related lsm hooks, I'm stuck with this thing,
because IMA/EVM is a special security module which is not LSM-based
currently, and severely coupled with the file system. so I am waiting
for Roberto Sassu' work (Move IMA and EVM to the LSM infrastructure) to
be ready, I think it can make my work more easy. you can find
Roberto'work here,
https://lwn.net/ml/linux-kernel/20230303181842.1087717-1-roberto.sassu@huaweicloud.com/
Any good idea are welcome, thanks.
On 2022/8/27 19:12, Xiu Jianfeng wrote:
> v2:
> * abstract walk_to_visible_parent() helper
> * chmod and chown rights only take affect on directory's context
> * add testcase for fchmodat/lchown/fchownat
> * fix other review issues
>
> Xiu Jianfeng (6):
> landlock: expand access_mask_t to u32 type
> landlock: abstract walk_to_visible_parent() helper
> landlock: add chmod and chown support
> landlock/selftests: add selftests for chmod and chown
> landlock/samples: add chmod and chown support
> landlock: update chmod and chown support in document
>
> Documentation/userspace-api/landlock.rst | 9 +-
> include/uapi/linux/landlock.h | 10 +-
> samples/landlock/sandboxer.c | 13 +-
> security/landlock/fs.c | 110 ++++++--
> security/landlock/limits.h | 2 +-
> security/landlock/ruleset.h | 2 +-
> security/landlock/syscalls.c | 2 +-
> tools/testing/selftests/landlock/base_test.c | 2 +-
> tools/testing/selftests/landlock/fs_test.c | 267 ++++++++++++++++++-
> 9 files changed, 386 insertions(+), 31 deletions(-)
>
next prev parent reply other threads:[~2023-04-18 10:53 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-27 11:12 [PATCH -next v2 0/6] landlock: add chmod and chown support Xiu Jianfeng
2022-08-27 11:12 ` [PATCH -next v2 1/6] landlock: expand access_mask_t to u32 type Xiu Jianfeng
2022-08-27 11:12 ` [PATCH -next v2 2/6] landlock: abstract walk_to_visible_parent() helper Xiu Jianfeng
2022-08-30 11:22 ` Mickaël Salaün
2022-08-31 11:56 ` xiujianfeng
2022-08-27 11:12 ` [PATCH -next v2 3/6] landlock: add chmod and chown support Xiu Jianfeng
2022-08-27 19:30 ` Günther Noack
2022-08-29 1:17 ` xiujianfeng
2022-08-29 16:01 ` Mickaël Salaün
2022-09-01 13:06 ` xiujianfeng
2022-09-01 17:34 ` Mickaël Salaün
2022-10-29 8:33 ` xiujianfeng
2022-11-14 14:12 ` Mickaël Salaün
2022-11-18 9:03 ` xiujianfeng
2022-11-18 12:32 ` Mickaël Salaün
2022-11-21 13:48 ` xiujianfeng
2022-08-29 6:30 ` xiujianfeng
2022-08-29 6:35 ` xiujianfeng
2022-08-27 11:12 ` [PATCH -next v2 4/6] landlock/selftests: add selftests for chmod and chown Xiu Jianfeng
2022-08-27 17:48 ` Günther Noack
2022-08-29 1:49 ` xiujianfeng
2022-08-27 11:12 ` [PATCH -next v2 5/6] landlock/samples: add chmod and chown support Xiu Jianfeng
2022-08-27 11:12 ` [PATCH -next v2 6/6] landlock: update chmod and chown support in document Xiu Jianfeng
2022-08-27 17:28 ` Günther Noack
2022-08-29 1:52 ` xiujianfeng
2022-08-30 11:22 ` [PATCH -next v2 0/6] landlock: add chmod and chown support Mickaël Salaün
2023-04-18 10:53 ` xiujianfeng [this message]
2023-04-20 17:40 ` Mickaël Salaün
2023-04-24 8:52 ` xiujianfeng
2023-04-26 13:58 ` Mickaël Salaün
2023-05-05 3:50 ` xiujianfeng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d55baf4d-01d3-e4d7-e07f-9658d1606a8c@huawei.com \
--to=xiujianfeng@huawei.com \
--cc=corbet@lwn.net \
--cc=jmorris@namei.org \
--cc=konstantin.meskhidze@huawei.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=paul@paul-moore.com \
--cc=roberto.sassu@huawei.com \
--cc=serge@hallyn.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.