[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/3] landlock.7: Document Landlock ABI v2 (file reparenting;
From: |
Alex Colomar |
Subject: |
Re: [PATCH 2/3] landlock.7: Document Landlock ABI v2 (file reparenting; kernel 5.19) |
Date: |
Sat, 25 Feb 2023 02:10:22 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 |
Hi Branden,
On 2/23/23 09:48, Günther Noack wrote:
On Wed, Feb 22, 2023 at 08:36:37AM +0100, Mickaël Salaün wrote:
On 2023-02-21T21:50:22.000+01:00, Günther Noack wrote:
+The availability of individual Landlock features is versioned through
+ABI levels:
+.TS
+box;
+ntb| ntb| lbx
+nt| nt| lbx.
+ABI Kernel Newly introduced access rights
+_ _ _
+1 5.13 LANDLOCK_ACCESS_FS_EXECUTE
+\^ \^ LANDLOCK_ACCESS_FS_WRITE_FILE
+\^ \^ LANDLOCK_ACCESS_FS_READ_FILE
+\^ \^ LANDLOCK_ACCESS_FS_READ_DIR
+\^ \^ LANDLOCK_ACCESS_FS_REMOVE_DIR
+\^ \^ LANDLOCK_ACCESS_FS_REMOVE_FILE
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_CHAR
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_DIR
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_REG
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_SOCK
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_FIFO
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_BLOCK
+\^ \^ LANDLOCK_ACCESS_FS_MAKE_SYM
+_ _ _
+2 5.19 LANDLOCK_ACCESS_FS_REFER
+.TE
+.PP
A line break would be nice here.
Added. (Used .sp 1 for that, as it is already used in the
mount_namespaces.7, ip.7 and other man pages.)
This sounds weird, but they are right that there seems to be a missing
blank line. Could you explain why it's happening? I'd expect the .PP
to separate paragraphs with a blank, right? I see:
The availability of individual Landlock features is versioned
through ABI levels:
┌────┬────────┬────────────────────────────────────────────────┐
│ABI │ Kernel │ Newly introduced access rights │
├────┼────────┼────────────────────────────────────────────────┤
│ 1 │ 5.13 │ LANDLOCK_ACCESS_FS_EXECUTE │
│ │ │ LANDLOCK_ACCESS_FS_WRITE_FILE │
│ │ │ LANDLOCK_ACCESS_FS_READ_FILE │
│ │ │ LANDLOCK_ACCESS_FS_READ_DIR │
│ │ │ LANDLOCK_ACCESS_FS_REMOVE_DIR │
│ │ │ LANDLOCK_ACCESS_FS_REMOVE_FILE │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_CHAR │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_DIR │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_REG │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_SOCK │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_FIFO │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_BLOCK │
│ │ │ LANDLOCK_ACCESS_FS_MAKE_SYM │
├────┼────────┼────────────────────────────────────────────────┤
│ 2 │ 5.19 │ LANDLOCK_ACCESS_FS_REFER │
└────┴────────┴────────────────────────────────────────────────┘
To query the running kernel's Landlock ABI level, programs may
pass the LANDLOCK_CREATE_RULESET_VERSION flag to landlock_cre‐
ate_ruleset(2).
Cheers,
Alex
+To query the running kernel's Landlock ABI level, programs may pass
s/level/version/
Thanks, I'm removing the word "level" here.
--
<http://www.alejandro-colomar.es/>
GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5
OpenPGP_signature
Description: OpenPGP digital signature
- Re: [PATCH 2/3] landlock.7: Document Landlock ABI v2 (file reparenting; kernel 5.19),
Alex Colomar <=