git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Günther Noack <gnoack3000@gmail.com>
	Fri, 27 Mar 2026 16:48:33 +0000 (17:48 +0100)
committer	Mickaël Salaün <mic@digikod.net>
	Tue, 7 Apr 2026 16:51:09 +0000 (18:51 +0200)
commit	9da41c65c907329a1848418cdc11fb10cc341217
tree	7d7d664796502953a6861901b146119aeea3354b	tree \| snapshot
parent	db8201a3fae2ca7a2865dbb9e8955289776783c7	commit \| diff

selftests/landlock: Test LANDLOCK_ACCESS_FS_RESOLVE_UNIX

* Extract common helpers from an existing IOCTL test that
  also uses pathname unix(7) sockets.
* These tests use the common scoped domains fixture which is also used
  in other Landlock scoping tests and which was used in Tingmao Wang's
  earlier patch set in [1].

These tests exercise the cross product of the following scenarios:

* Stream connect(), Datagram connect(), Datagram sendmsg() and
  Seqpacket connect().
* Child-to-parent and parent-to-child communication
* The Landlock policy configuration as listed in the scoped_domains
  fixture.
  * In the default variant, Landlock domains are only placed where
    prescribed in the fixture.
  * In the "ALL_DOMAINS" variant, Landlock domains are also placed in
    the places where the fixture says to omit them, but with a
    LANDLOCK_RULE_PATH_BENEATH that allows connection.

Cc: Justin Suess <utilityemal77@gmail.com>
Cc: Tingmao Wang <m@maowtm.org>
Cc: Mickaël Salaün <mic@digikod.net>
Link[1]: https://lore.kernel.org/all/53b9883648225d5a08e82d2636ab0b4fda003bc9.1767115163.git.m@maowtm.org/
Signed-off-by: Günther Noack <gnoack3000@gmail.com>
Link: https://lore.kernel.org/r/20260327164838.38231-9-gnoack3000@gmail.com
Signed-off-by: Mickaël Salaün <mic@digikod.net>