mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-12-27 10:01:39 -05:00
landlock: Minor comments improvements
This patch contains some small comment changes. The first three comments for ruleset.c, I sort of made along the way while working on / trying to understand Landlock, and the one from ruleset.h was from the hashtable patch but extracted here. In fs.c, one comment which I found would have been helpful to me when reading this. Signed-off-by: Tingmao Wang <m@maowtm.org> Link: https://lore.kernel.org/r/20250602134150.67189-1-m@maowtm.org Link: https://lore.kernel.org/r/20297185fd71ffbb5ce4fec14b38e5444c719c96.1748379182.git.m@maowtm.org [mic: Squash patches with updated description, cosmetic fixes] Signed-off-by: Mickaël Salaün <mic@digikod.net>
This commit is contained in:
Tingmao Wang
committed by
Mickaël Salaün
Mickaël Salaün
parent
ac3fd01e4c
commit
f4d3ef2dd0
@@ -714,7 +714,8 @@ static void test_is_eacces_with_write(struct kunit *const test)
|
||||
* is_access_to_paths_allowed - Check accesses for requests with a common path
|
||||
*
|
||||
* @domain: Domain to check against.
|
||||
* @path: File hierarchy to walk through.
|
||||
* @path: File hierarchy to walk through. For refer checks, this would be
|
||||
* the common mountpoint.
|
||||
* @access_request_parent1: Accesses to check, once @layer_masks_parent1 is
|
||||
* equal to @layer_masks_parent2 (if any). This is tied to the unique
|
||||
* requested path for most actions, or the source in case of a refer action
|
||||
|
||||
@@ -83,6 +83,10 @@ static void build_check_rule(void)
|
||||
.num_layers = ~0,
|
||||
};
|
||||
|
||||
/*
|
||||
* Checks that .num_layers is large enough for at least
|
||||
* LANDLOCK_MAX_NUM_LAYERS layers.
|
||||
*/
|
||||
BUILD_BUG_ON(rule.num_layers < LANDLOCK_MAX_NUM_LAYERS);
|
||||
}
|
||||
|
||||
@@ -290,6 +294,10 @@ static void build_check_layer(void)
|
||||
.access = ~0,
|
||||
};
|
||||
|
||||
/*
|
||||
* Checks that .level and .access are large enough to contain their expected
|
||||
* maximum values.
|
||||
*/
|
||||
BUILD_BUG_ON(layer.level < LANDLOCK_MAX_NUM_LAYERS);
|
||||
BUILD_BUG_ON(layer.access < LANDLOCK_MASK_ACCESS_FS);
|
||||
}
|
||||
@@ -644,8 +652,8 @@ bool landlock_unmask_layers(const struct landlock_rule *const rule,
|
||||
bool is_empty;
|
||||
|
||||
/*
|
||||
* Records in @layer_masks which layer grants access to each
|
||||
* requested access.
|
||||
* Records in @layer_masks which layer grants access to each requested
|
||||
* access: bit cleared if the related layer grants access.
|
||||
*/
|
||||
is_empty = true;
|
||||
for_each_set_bit(access_bit, &access_req, masks_array_size) {
|
||||
|
||||
@@ -27,7 +27,7 @@ struct landlock_hierarchy;
|
||||
*/
|
||||
struct landlock_layer {
|
||||
/**
|
||||
* @level: Position of this layer in the layer stack.
|
||||
* @level: Position of this layer in the layer stack. Starts from 1.
|
||||
*/
|
||||
u16 level;
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user