[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ⚠️ Found matching upstream commit but patch is missing proper reference to it
Found matching upstream commit: 15383a0d63dbcd63dc7e8d9ec1bf3a0f7ebf64ac
Status in newer kernel trees: 6.14.y | Present (different SHA1: 728f62bff8a0) 6.13.y | Present (different SHA1: be73220526b7) 6.12.y | Present (different SHA1: ed390ad1458c) 6.6.y | Not found 6.1.y | Not found
Note: The patch differs from the upstream commit: --- 1: 15383a0d63dbc ! 1: 13e28a2a55f3a landlock: Add the errata interface @@ Commit message Cc: Günther Noack gnoack@google.com Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20250318161443.279194-3-mic@digikod.net + (cherry picked from commit 15383a0d63dbcd63dc7e8d9ec1bf3a0f7ebf64ac) Signed-off-by: Mickaël Salaün mic@digikod.net
## include/uapi/linux/landlock.h ## @@ security/landlock/setup.c +#include <linux/bits.h> #include <linux/init.h> #include <linux/lsm_hooks.h> - #include <uapi/linux/lsm.h>
#include "common.h" #include "cred.h" +#include "errata.h" #include "fs.h" - #include "net.h" + #include "ptrace.h" #include "setup.h" -@@ security/landlock/setup.c: struct lsm_blob_sizes landlock_blob_sizes __ro_after_init = { +@@ security/landlock/setup.c: struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = { .lbs_superblock = sizeof(struct landlock_superblock_security), };
@@ security/landlock/setup.c: struct lsm_blob_sizes landlock_blob_sizes __ro_after_ { + compute_errata(); landlock_add_cred_hooks(); - landlock_add_task_hooks(); + landlock_add_ptrace_hooks(); landlock_add_fs_hooks();
## security/landlock/setup.h ## @@ security/landlock/setup.h +extern int landlock_errata;
extern struct lsm_blob_sizes landlock_blob_sizes; - extern const struct lsm_id landlock_lsmid; +
## security/landlock/syscalls.c ## @@ security/landlock/syscalls.c: static const struct file_operations ruleset_fops = { @@ security/landlock/syscalls.c: static const struct file_operations ruleset_fops = + * * Possible returned errors are: * - * - %EOPNOTSUPP: Landlock is supported by the kernel but disabled at boot time; + * - EOPNOTSUPP: Landlock is supported by the kernel but disabled at boot time; @@ security/landlock/syscalls.c: SYSCALL_DEFINE3(landlock_create_ruleset, return -EOPNOTSUPP;
---
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-5.15.y | Success | Success |