mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-08 01:29:02 +00:00
Code Issues Releases Wiki Activity
linux-stable/tools
History
Mickaël Salaün 04388e990a landlock: Reduce the maximum number of layers to 16 
commit 75c542d6c6 upstream.

The maximum number of nested Landlock domains is currently 64.  Because
of the following fix and to help reduce the stack size, let's reduce it
to 16.  This seems large enough for a lot of use cases (e.g. sandboxed
init service, spawning a sandboxed SSH service, in nested sandboxed
containers).  Reducing the number of nested domains may also help to
discover misuse of Landlock (e.g. creating a domain per rule).

Add and use a dedicated layer_mask_t typedef to fit with the number of
layers.  This might be useful when changing it and to keep it consistent
with the maximum number of layers.

Reviewed-by: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20220506161102.525323-3-mic@digikod.net
Cc: stable@vger.kernel.org
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-06-09 10:30:47 +02:00
..
accounting delayacct: track delays from memory compact 2022-01-20 08:52:55 +02:00
arch x86/tsx: Disable TSX development mode at boot 2022-04-11 09:58:40 +02:00
bootconfig
bpf Networking fixes for 5.18-rc2, including fixes from bpf and netfilter 2022-04-07 19:01:47 -10:00
build perf build: Fix btf__load_from_kernel_by_id() feature check 2022-06-09 10:30:38 +02:00
cgroup tools/cgroup/slabinfo: update to work with struct slab 2022-02-21 11:34:49 +01:00
counter kbuild: replace $(if A,A,B) with $(or A,B) 2022-02-15 12:25:56 +09:00
debugging
edid
firewire
firmware
gpio kbuild: replace $(if A,A,B) with $(or A,B) 2022-02-15 12:25:56 +09:00
hv kbuild: replace $(if A,A,B) with $(or A,B) 2022-02-15 12:25:56 +09:00
iio Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
include tools headers UAPI: Sync linux/kvm.h with the kernel sources 2022-05-08 21:48:49 -03:00
io_uring
kvm/kvm_stat
laptop
leds
lib libbpf: Fix logic for finding matching program for CO-RE relocation 2022-06-09 10:30:03 +02:00
memory-model tools/memory-model/README: Update klitmus7 compat table 2022-06-06 08:48:56 +02:00
objtool objtool: Fix symbol creation 2022-06-09 10:30:40 +02:00
pci kbuild: replace $(if A,A,B) with $(or A,B) 2022-02-15 12:25:56 +09:00
pcmcia
perf perf jevents: Fix event syntax error caused by ExtSel 2022-06-09 10:30:39 +02:00
power tools/power turbostat: fix ICX DRAM power numbers 2022-06-09 10:29:35 +02:00
rcu
scripts Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
spi kbuild: replace $(if A,A,B) with $(or A,B) 2022-02-15 12:25:56 +09:00
testing landlock: Reduce the maximum number of layers to 16 2022-06-09 10:30:47 +02:00
thermal/tmon
time
tracing rtla: Remove procps-ng dependency 2022-06-09 10:30:38 +02:00
usb kbuild: replace $(if A,A,B) with $(or A,B) 2022-02-15 12:25:56 +09:00
virtio tools/virtio: compile with -pthread 2022-03-28 16:52:59 -04:00
vm tools/vm/page_owner_sort.c: remove -c option 2022-04-01 11:46:09 -07:00
wmi
Makefile