mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-24 11:25:43 +00:00
Code Issues Releases Wiki Activity
No description
1077901 commits 105 branches 5097 tags 5.5 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Mickaël Salaün 2311084206 landlock: Reduce the maximum number of layers to 16 
commit 75c542d6c6 upstream.

The maximum number of nested Landlock domains is currently 64.  Because
of the following fix and to help reduce the stack size, let's reduce it
to 16.  This seems large enough for a lot of use cases (e.g. sandboxed
init service, spawning a sandboxed SSH service, in nested sandboxed
containers).  Reducing the number of nested domains may also help to
discover misuse of Landlock (e.g. creating a domain per rule).

Add and use a dedicated layer_mask_t typedef to fit with the number of
layers.  This might be useful when changing it and to keep it consistent
with the maximum number of layers.

Reviewed-by: Paul Moore <paul@paul-moore.com>
Link: https://lore.kernel.org/r/20220506161102.525323-3-mic@digikod.net
Cc: stable@vger.kernel.org
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-06-09 10:26:23 +02:00
arch s390/stp: clock_delta should be signed 2022-06-09 10:26:21 +02:00
block block: Fix potential deadlock in blk_ia_range_sysfs_show() 2022-06-09 10:26:20 +02:00
certs certs: Fix build error when CONFIG_MODULE_SIG_KEY is empty 2022-01-23 00:08:44 +09:00
crypto crypto: cryptd - Protect per-CPU resource by disabling BH. 2022-06-09 10:26:07 +02:00
Documentation landlock: Reduce the maximum number of layers to 16 2022-06-09 10:26:23 +02:00
drivers scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled 2022-06-09 10:26:21 +02:00
fs ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock 2022-06-09 10:26:21 +02:00
include landlock: Fix landlock_add_rule(2) documentation 2022-06-09 10:26:22 +02:00
init kthread: Don't allocate kthread_struct for init and umh 2022-06-09 10:25:16 +02:00
ipc ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() 2022-06-09 10:26:06 +02:00
kernel tracing: Initialize integer variable to prevent garbage return value 2022-06-09 10:26:20 +02:00
lib kunit: fix debugfs code to use enum kunit_status, not bool 2022-06-09 10:25:46 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm mm, compaction: fast_find_migrateblock() should return pfn in the target zone 2022-06-09 10:26:20 +02:00
net wifi: mac80211: fix use-after-free in chanctx code 2022-06-09 10:26:17 +02:00
samples samples/landlock: Format with clang-format 2022-06-09 10:26:22 +02:00
scripts scripts/faddr2line: Fix overlapping text section failures 2022-06-09 10:25:50 +02:00
security landlock: Reduce the maximum number of layers to 16 2022-06-09 10:26:23 +02:00
sound ASoC: atmel-classd: Remove endianness flag on class d component 2022-06-09 10:26:06 +02:00
tools landlock: Reduce the maximum number of layers to 16 2022-06-09 10:26:23 +02:00
usr kbuild: remove include/linux/cyclades.h from header file check 2022-01-27 08:51:08 +01:00
virt KVM: Free new dirty bitmap if creating a new memslot fails 2022-05-25 09:59:03 +02:00
.clang-format genirq/msi: Make interrupt allocation less convoluted 2021-12-16 22:22:20 +01:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap MAINTAINERS: Update Jisheng's email address 2022-03-08 17:30:32 +01:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: replace a Microchip AT91 maintainer 2022-02-09 11:30:01 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS net: dsa: realtek-smi: move to subdirectory 2022-04-08 13:58:12 +02:00
Makefile Linux 5.17.13 2022-06-06 08:47:57 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.