[PATCH v1 1/5] landlock: Remove useless include

[PATCH v1 1/5] landlock: Remove useless include

[Mickaël Salaün]

Remove useless audit.h include.

Cc: Günther Noack <gnoack@google.com>
Fixes: 33e65b0d3add ("landlock: Add AUDIT_LANDLOCK_ACCESS and log ptrace denials")
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
 security/landlock/ruleset.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c
index dfcdc19ea268..0a5b0c76b3f7 100644
--- a/security/landlock/ruleset.c
+++ b/security/landlock/ruleset.c
@@ -23,7 +23,6 @@
 #include <linux/workqueue.h>
 
 #include "access.h"
-#include "audit.h"
 #include "domain.h"
 #include "limits.h"
 #include "object.h"
-- 
2.52.0

[PATCH v1 2/5] landlock: Improve erratum documentation

[Mickaël Salaün]

Improve description about scoped signal handling.

Reported-by: Günther Noack <gnoack3000@gmail.com>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
 security/landlock/errata/abi-6.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/landlock/errata/abi-6.h b/security/landlock/errata/abi-6.h
index df7bc0e1fdf4..5113a829f87e 100644
--- a/security/landlock/errata/abi-6.h
+++ b/security/landlock/errata/abi-6.h
@@ -9,7 +9,7 @@
  * This fix addresses an issue where signal scoping was overly restrictive,
  * preventing sandboxed threads from signaling other threads within the same
  * process if they belonged to different domains.  Because threads are not
- * security boundaries, user space might assume that any thread within the same
+ * security boundaries, user space might assume that all threads within the same
  * process can send signals between themselves (see :manpage:`nptl(7)` and
  * :manpage:`libpsx(3)`).  Consistent with :manpage:`ptrace(2)` behavior, direct
  * interaction between threads of the same process should always be allowed.
-- 
2.52.0

[PATCH v1 3/5] landlock: Clean up hook_ptrace_access_check()

[Mickaël Salaün]

Make variable's scope minimal in hook_ptrace_access_check().

Cc: Günther Noack <gnoack3000@gmail.com>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
 security/landlock/task.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security/landlock/task.c b/security/landlock/task.c
index 2385017418ca..bf4ed15a7f01 100644
--- a/security/landlock/task.c
+++ b/security/landlock/task.c
@@ -86,7 +86,6 @@ static int hook_ptrace_access_check(struct task_struct *const child,
 				    const unsigned int mode)
 {
 	const struct landlock_cred_security *parent_subject;
-	const struct landlock_ruleset *child_dom;
 	int err;
 
 	/* Quick return for non-landlocked tasks. */
@@ -96,7 +95,8 @@ static int hook_ptrace_access_check(struct task_struct *const child,
 
 	scoped_guard(rcu)
 	{
-		child_dom = landlock_get_task_domain(child);
+		const struct landlock_ruleset *const child_dom =
+			landlock_get_task_domain(child);
 		err = domain_ptrace(parent_subject->domain, child_dom);
 	}
 
-- 
2.52.0

[PATCH v1 4/5] landlock: Fix spelling

[Mickaël Salaün]

Cc: Günther Noack <gnoack3000@gmail.com>
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
 security/landlock/domain.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/landlock/domain.h b/security/landlock/domain.h
index 7fb70b25f85a..621f054c9a2b 100644
--- a/security/landlock/domain.h
+++ b/security/landlock/domain.h
@@ -97,7 +97,7 @@ struct landlock_hierarchy {
 	 */
 	atomic64_t num_denials;
 	/**
-	 * @id: Landlock domain ID, sets once at domain creation time.
+	 * @id: Landlock domain ID, set once at domain creation time.
 	 */
 	u64 id;
 	/**
-- 
2.52.0

[PATCH v1 5/5] landlock: Fix formatting

[Mickaël Salaün]

Format with clang-format -i security/landlock/*.[ch]

Cc: Christian Brauner <brauner@kernel.org>
Cc: Günther Noack <gnoack3000@gmail.com>
Cc: Mateusz Guzik <mjguzik@gmail.com>
Fixes: b4dbfd8653b3 ("Coccinelle-based conversion to use ->i_state accessors")
Signed-off-by: Mickaël Salaün <mic@digikod.net>
---
 security/landlock/fs.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/landlock/fs.c b/security/landlock/fs.c
index fe794875ad46..e3c3a8a9ac27 100644
--- a/security/landlock/fs.c
+++ b/security/landlock/fs.c
@@ -1314,7 +1314,8 @@ static void hook_sb_delete(struct super_block *const sb)
 		 * second call to iput() for the same Landlock object.  Also
 		 * checks I_NEW because such inode cannot be tied to an object.
 		 */
-		if (inode_state_read(inode) & (I_FREEING | I_WILL_FREE | I_NEW)) {
+		if (inode_state_read(inode) &
+		    (I_FREEING | I_WILL_FREE | I_NEW)) {
 			spin_unlock(&inode->i_lock);
 			continue;
 		}
-- 
2.52.0

Re: [PATCH v1 1/5] landlock: Remove useless include

[Günther Noack]

On Fri, Dec 19, 2025 at 08:38:47PM +0100, Mickaël Salaün wrote:
> Remove useless audit.h include.
> 
> Cc: Günther Noack <gnoack@google.com>
> Fixes: 33e65b0d3add ("landlock: Add AUDIT_LANDLOCK_ACCESS and log ptrace denials")
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> ---
>  security/landlock/ruleset.c | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c
> index dfcdc19ea268..0a5b0c76b3f7 100644
> --- a/security/landlock/ruleset.c
> +++ b/security/landlock/ruleset.c
> @@ -23,7 +23,6 @@
>  #include <linux/workqueue.h>
>  
>  #include "access.h"
> -#include "audit.h"
>  #include "domain.h"
>  #include "limits.h"
>  #include "object.h"
> -- 
> 2.52.0
> 

Reviewed-by: Günther Noack <gnoack3000@gmail.com>

Re: [PATCH v1 2/5] landlock: Improve erratum documentation

[Günther Noack]

On Fri, Dec 19, 2025 at 08:38:48PM +0100, Mickaël Salaün wrote:
> Improve description about scoped signal handling.
> 
> Reported-by: Günther Noack <gnoack3000@gmail.com>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>

Reviewed-by: Günther Noack <gnoack3000@gmail.com>

Re: [PATCH v1 3/5] landlock: Clean up hook_ptrace_access_check()

[Günther Noack]

On Fri, Dec 19, 2025 at 08:38:49PM +0100, Mickaël Salaün wrote:
> Make variable's scope minimal in hook_ptrace_access_check().
> 
> Cc: Günther Noack <gnoack3000@gmail.com>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>

Reviewed-by: Günther Noack <gnoack3000@gmail.com>

Re: [PATCH v1 4/5] landlock: Fix spelling

[Günther Noack]

On Fri, Dec 19, 2025 at 08:38:50PM +0100, Mickaël Salaün wrote:
> Cc: Günther Noack <gnoack3000@gmail.com>
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> ---
>  security/landlock/domain.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/security/landlock/domain.h b/security/landlock/domain.h
> index 7fb70b25f85a..621f054c9a2b 100644
> --- a/security/landlock/domain.h
> +++ b/security/landlock/domain.h
> @@ -97,7 +97,7 @@ struct landlock_hierarchy {
>  	 */
>  	atomic64_t num_denials;
>  	/**
> -	 * @id: Landlock domain ID, sets once at domain creation time.
> +	 * @id: Landlock domain ID, set once at domain creation time.
>  	 */
>  	u64 id;
>  	/**
> -- 
> 2.52.0
> 

Reviewed-by: Günther Noack <gnoack3000@gmail.com>

Re: [PATCH v1 5/5] landlock: Fix formatting

[Günther Noack]

On Fri, Dec 19, 2025 at 08:38:51PM +0100, Mickaël Salaün wrote:
> Format with clang-format -i security/landlock/*.[ch]
> 
> Cc: Christian Brauner <brauner@kernel.org>
> Cc: Günther Noack <gnoack3000@gmail.com>
> Cc: Mateusz Guzik <mjguzik@gmail.com>
> Fixes: b4dbfd8653b3 ("Coccinelle-based conversion to use ->i_state accessors")
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> ---
>  security/landlock/fs.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/security/landlock/fs.c b/security/landlock/fs.c
> index fe794875ad46..e3c3a8a9ac27 100644
> --- a/security/landlock/fs.c
> +++ b/security/landlock/fs.c
> @@ -1314,7 +1314,8 @@ static void hook_sb_delete(struct super_block *const sb)
>  		 * second call to iput() for the same Landlock object.  Also
>  		 * checks I_NEW because such inode cannot be tied to an object.
>  		 */
> -		if (inode_state_read(inode) & (I_FREEING | I_WILL_FREE | I_NEW)) {
> +		if (inode_state_read(inode) &
> +		    (I_FREEING | I_WILL_FREE | I_NEW)) {
>  			spin_unlock(&inode->i_lock);
>  			continue;
>  		}
> -- 
> 2.52.0
> 

Reviewed-by: Günther Noack <gnoack3000@gmail.com>