Skip to content
Unverified Commit d7220364 authored by Mickaël Salaün's avatar Mickaël Salaün
Browse files

landlock: Allow FS topology changes for domains without such rule type

Allow mount point and root directory changes when there is no filesystem
rule tied to the current Landlock domain. This doesn't change anything
for now because a domain must have at least a (filesystem) rule, but
this will change when other rule types will come. For instance, a domain
only restricting the network should have no impact on filesystem
restrictions.

Add a new get_current_fs_domain() helper to quickly check filesystem
rule existence for all filesystem LSM hooks.

Remove unnecessary inlining.

Link: https://lore.kernel.org/r/20231026014751.414649-3-konstantin.meskhidze@huawei.com


Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
parent 13fc6455
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment