Re: [PATCH v19 07/12] landlock: Support filesystem access-control
From: Randy Dunlap
Date: Tue Jul 07 2020 - 16:12:19 EST
Hi--
On 7/7/20 11:09 AM, MickaÃl SalaÃn wrote:
> ---
> arch/Kconfig | 7 +
> arch/um/Kconfig | 1 +
> include/uapi/linux/landlock.h | 78 +++++
> security/landlock/Kconfig | 2 +-
> security/landlock/Makefile | 2 +-
> security/landlock/fs.c | 609 ++++++++++++++++++++++++++++++++++
> security/landlock/fs.h | 60 ++++
> security/landlock/setup.c | 7 +
> security/landlock/setup.h | 2 +
> 9 files changed, 766 insertions(+), 2 deletions(-)
> create mode 100644 include/uapi/linux/landlock.h
> create mode 100644 security/landlock/fs.c
> create mode 100644 security/landlock/fs.h
>
> diff --git a/arch/Kconfig b/arch/Kconfig
> index 8cc35dc556c7..483b7476ac69 100644
> --- a/arch/Kconfig
> +++ b/arch/Kconfig
> @@ -845,6 +845,13 @@ config COMPAT_32BIT_TIME
> config ARCH_NO_PREEMPT
> bool
>
> +config ARCH_EPHEMERAL_STATES
> + def_bool n
> + help
> + An arch should select this symbol if it do not keep an internal kernel
it does not
> + state for kernel objects such as inodes, but instead rely on something
instead relies on
> + else (e.g. the host kernel for an UML kernel).
> +
> config ARCH_SUPPORTS_RT
> bool
>
thanks.
--
~Randy