[LTP] [PATCH v2 1/4] Fallback landlock network support
Andrea Cervesato
andrea.cervesato@suse.com
Tue Nov 5 13:59:35 CET 2024
Hi Li,
On 11/5/24 13:42, Li Wang wrote:
> Or, another way is just to define the latest ABI version in
> lapi/landlock.h,
> but only define the tested ABI version in a single test, e.g.
> landlock01.c used landlock_ruleset_attr_abi1, so this won't make people
> confused when reading the test code, they knows the landlock01 is only
> test abi1 and don't need to care about things in 'lapi/landlock.h', WDYT?
>
Do you mean like having a complete struct which is passed to a helper,
taking `landlock_create_ruleset` + ABI version and generating out
ruleset ID ?
Something like:
struct tst_landlock_ruleset_attr {
uint64_t handled_access_fs;
uint64_t handled_access_net;
uint64_t scoped;
};
int tst_landlock_create_ruleset(int version, struct
tst_landlock_ruleset_attr *attr) {
struct landlock_ruleset_attr inner_attr;
copy_ruleset(attr, &inner_attr);
return landlock_create_ruleset(&inner_attr, sizeof(struct
landlock_ruleset_attr), 0);
}
In this way it could work, but we loose guarded buffers which are passed
to the syscall and might be useful during debugging. In this case we
should use tst_buffers_alloc(). @Cyril what do you think?
Andrea
More information about the ltp
mailing list