git.maquefel.me Git - linux.git/commit

landlock: Refactor landlock_find_rule/insert_rule helpers

Add a new landlock_key union and landlock_id structure to support a
socket port rule type. A struct landlock_id identifies a unique entry
in a ruleset: either a kernel object (e.g. inode) or typed data (e.g.
TCP port). There is one red-black tree per key type.

Add is_object_pointer() and get_root() helpers. is_object_pointer()
returns true if key type is LANDLOCK_KEY_INODE. get_root() helper
returns a red-black tree root pointer according to a key type.

Refactor landlock_insert_rule() and landlock_find_rule() to support
coming network modifications. Adding or searching a rule in ruleset can
now be done thanks to a Landlock ID argument passed to these helpers.

Signed-off-by: Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
Link: https://lore.kernel.org/r/20231026014751.414649-4-konstantin.meskhidze@huawei.com
[mic: Fix commit message typo]
Co-developed-by: Mickaël Salaün <mic@digikod.net>
Signed-off-by: Mickaël Salaün <mic@digikod.net>

author	Konstantin Meskhidze <konstantin.meskhidze@huawei.com>
	Thu, 26 Oct 2023 01:47:42 +0000 (09:47 +0800)
committer	Mickaël Salaün <mic@digikod.net>
	Thu, 26 Oct 2023 19:07:11 +0000 (21:07 +0200)
commit	a4ac404b3032562ed6a34232b5266d0f446dd799
tree	3112ff6bd2df079f7c60097e0e4f0440b5e2fb0d	tree \| snapshot
parent	d7220364039f6beb76f311c05f74cad89da5fad5	commit \| diff

security/landlock/fs.c		diff \| blob \| history
security/landlock/ruleset.c		diff \| blob \| history
security/landlock/ruleset.h		diff \| blob \| history