Syzbot CI

Patch Series

Subject	Landlock: Namespace and capability control
Author	mic@digikod.net
Date	2026-03-12 10:04:34 +0000 UTC
Version
Cc	brauner@kernel.org enlightened@google.com gnoack@google.com ivanov.mikhail1@huawei-partners.com kernel-team@cloudflare.com lennart@poettering.net linux-fsdevel@vger.kernel.org linux-kernel@vger.kernel.org linux-security-module@vger.kernel.org m@maowtm.org mic@digikod.net nicolas.bouchinet@oss.cyber.gouv.fr paul@paul-moore.com serge@hallyn.com utilityemal77@gmail.com

Name	Content [All]
[RFC PATCH v1 01/11] security: add LSM blob and hooks for namespaces	[Body]
[RFC PATCH v1 02/11] security: Add LSM_AUDIT_DATA_NS for namespace audit records	[Body]
[RFC PATCH v1 03/11] nsproxy: Add FOR_EACH_NS_TYPE() X-macro and CLONE_NS_ALL	[Body]
[RFC PATCH v1 04/11] landlock: Wrap per-layer access masks in struct layer_rights	[Body]
[RFC PATCH v1 05/11] landlock: Enforce namespace entry restrictions	[Body]
[RFC PATCH v1 06/11] landlock: Enforce capability restrictions	[Body]
[RFC PATCH v1 07/11] selftests/landlock: Drain stale audit records on init	[Body]
[RFC PATCH v1 08/11] selftests/landlock: Add namespace restriction tests	[Body]
[RFC PATCH v1 09/11] selftests/landlock: Add capability restriction tests	[Body]
[RFC PATCH v1 10/11] samples/landlock: Add capability and namespace restriction support	[Body]
[RFC PATCH v1 11/11] landlock: Add documentation for capability and namespace restrictions	[Body]

Test	Base	Patched	Verdict
[KASAN] Build Base	5dfb8077be2bbe2c3b9477da759e80fa9f98da42 [Config]		passed [Log]
[KASAN] Boot test: Base	5dfb8077be2bbe2c3b9477da759e80fa9f98da42 [Config]		passed [Log]
[KASAN] Build Patched		5dfb8077be2bbe2c3b9477da759e80fa9f98da42 [Config] [patched]	passed [Log]
[KASAN] Boot test: Patched		5dfb8077be2bbe2c3b9477da759e80fa9f98da42 [Config] [patched]	passed [Log]
[KASAN] Fuzz	5dfb8077be2bbe2c3b9477da759e80fa9f98da42 [Config]	5dfb8077be2bbe2c3b9477da759e80fa9f98da42 [Config] [patched]	passed [Log] [Artifacts]