Mickaël Salaün eba39ca4b1 landlock: Change landlock_restrict_self(2) check ordering ... According to the Landlock goal to be a security feature available to unprivileges processes, it makes more sense to first check for no_new_privs before checking anything else (i.e. syscall arguments). Merge inval_fd_enforce and unpriv_enforce_without_no_new_privs tests into the new restrict_self_checks_ordering. This is similar to the previous commit checking other syscalls. Link: https://lore.kernel.org/r/20220506160820.524344-10-mic@digikod.net Cc: stable@vger.kernel.org Signed-off-by: Mickaël Salaün <mic@digikod.net>		2022-05-23 13:27:51 +02:00
..
Kconfig	landlock: Support filesystem access-control	2021-04-22 12:22:11 -07:00
Makefile	landlock: Add syscall implementations	2021-04-22 12:22:11 -07:00
common.h	landlock: Set up the security framework and manage credentials	2021-04-22 12:22:10 -07:00
cred.c	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
cred.h	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
fs.c	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
fs.h	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
limits.h	landlock: Add clang-format exceptions	2022-05-09 12:31:05 +02:00
object.c	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
object.h	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
ptrace.c	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
ptrace.h	landlock: Add ptrace restrictions	2021-04-22 12:22:10 -07:00
ruleset.c	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
ruleset.h	landlock: Format with clang-format	2022-05-09 12:31:10 +02:00
setup.c	landlock: Support filesystem access-control	2021-04-22 12:22:11 -07:00
setup.h	landlock: Support filesystem access-control	2021-04-22 12:22:11 -07:00
syscalls.c	landlock: Change landlock_restrict_self(2) check ordering	2022-05-23 13:27:51 +02:00