summaryrefslogtreecommitdiffstats
path: root/security/landlock/ruleset.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/landlock/ruleset.c')
-rw-r--r--security/landlock/ruleset.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/security/landlock/ruleset.c b/security/landlock/ruleset.c
index 2e616f6d5274..ec72b9262bf3 100644
--- a/security/landlock/ruleset.c
+++ b/security/landlock/ruleset.c
@@ -116,9 +116,11 @@ static void build_check_ruleset(void)
.num_rules = ~0,
.num_layers = ~0,
};
+ typeof(ruleset.fs_access_masks[0]) fs_access_mask = ~0;
BUILD_BUG_ON(ruleset.num_rules < LANDLOCK_MAX_NUM_RULES);
BUILD_BUG_ON(ruleset.num_layers < LANDLOCK_MAX_NUM_LAYERS);
+ BUILD_BUG_ON(fs_access_mask < LANDLOCK_MASK_ACCESS_FS);
}
/**
@@ -217,9 +219,11 @@ static void build_check_layer(void)
{
const struct landlock_layer layer = {
.level = ~0,
+ .access = ~0,
};
BUILD_BUG_ON(layer.level < LANDLOCK_MAX_NUM_LAYERS);
+ BUILD_BUG_ON(layer.access < LANDLOCK_MASK_ACCESS_FS);
}
/* @ruleset must be locked by the caller. */
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 23:58:40 +0100