stuartl/linux-stable
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-10-23 14:18:22 +10:00
Code Issues Releases Wiki Activity
1,090,105 Commits 99 Branches 5,439 Tags 9.2 GiB
75c542d6c6
Go to file
Mickaël Salaün 75c542d6c6
landlock: Reduce the maximum number of layers to 16 
The maximum number of nested Landlock domains is currently 64.  Because
of the following fix and to help reduce the stack size, let's reduce it
to 16.  This seems large enough for a lot of use cases (e.g. sandboxed
init service, spawning a sandboxed SSH service, in nested sandboxed
containers).  Reducing the number of nested domains may also help to
discover misuse of Landlock (e.g. creating a domain per rule).

Add and use a dedicated layer_mask_t typedef to fit with the number of
layers.  This might be useful when changing it and to keep it consistent
with the maximum number of layers.

Reviewed-by: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20220506161102.525323-3-mic@digikod.net
Cc: stable@vger.kernel.org
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2022-05-23 13:27:56 +02:00
arch ARM: 2022-05-01 11:49:32 -07:00
block
certs
crypto
Documentation landlock: Reduce the maximum number of layers to 16 2022-05-23 13:27:56 +02:00
drivers - Fix locking when accessing device MSI descriptors 2022-05-01 09:30:47 -07:00
fs
include landlock: Fix landlock_add_rule(2) documentation 2022-05-23 13:27:47 +02:00
init
ipc
kernel
lib - A fix to disable PCI/MSI[-X] masking for XEN_HVM guests as that is 2022-05-01 10:03:36 -07:00
LICENSES
mm
net
samples samples/landlock: Format with clang-format 2022-05-23 13:27:46 +02:00
scripts
security landlock: Reduce the maximum number of layers to 16 2022-05-23 13:27:56 +02:00
sound
tools landlock: Reduce the maximum number of layers to 16 2022-05-23 13:27:56 +02:00
usr
virt
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS - A fix to disable PCI/MSI[-X] masking for XEN_HVM guests as that is 2022-05-01 10:03:36 -07:00
Makefile Linux 5.18-rc5 2022-05-01 13:57:58 -07:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.