Merge tag 'landlock-6.15-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

	KUNIT_EXPECT_EQ(test, 10, get_hierarchy(&dom2, 0)->id);

	KUNIT_EXPECT_EQ(test, 20, get_hierarchy(&dom2, 1)->id);

	KUNIT_EXPECT_EQ(test, 30, get_hierarchy(&dom2, 2)->id);

	KUNIT_EXPECT_EQ(test, 30, get_hierarchy(&dom2, -1)->id);

	/* KUNIT_EXPECT_EQ(test, 30, get_hierarchy(&dom2, -1)->id); */

}

#endif /* CONFIG_SECURITY_LANDLOCK_KUNIT_TEST */

		return;

	/* Checks if the current exec was restricting itself. */

	if (subject->domain_exec & (1 << youngest_layer)) {

	if (subject->domain_exec & BIT(youngest_layer)) {

		/* Ignores denials for the same execution. */

		if (!youngest_denied->log_same_exec)

			return;

#include <kunit/test.h>

#include <linux/atomic.h>

#include <linux/bitops.h>

#include <linux/random.h>

#include <linux/spinlock.h>

	 * Ensures sure 64-bit values are always used by user space (or may

	 * fail with -EOVERFLOW), and makes this testable.

	 */

	init = 1ULL << 32;

	init = BIT_ULL(32);

	/*

	 * Makes a large (2^32) boot-time value to limit ID collision in logs

	 * to get a new ID (e.g. a full landlock_restrict_self() call), and the

	 * cost of draining all available IDs during the system's uptime.

	 */

	random_4bits = random_4bits % (1 << 4);

	random_4bits &= 0b1111;

	step = number_of_ids + random_4bits;

	/* It is safe to cast a signed atomic to an unsigned value. */

		init + 2);

}

static void test_range1_rand15(struct kunit *const test)

{

	atomic64_t counter;

	u64 init;

	init = get_random_u32();

	atomic64_set(&counter, init);

	KUNIT_EXPECT_EQ(test, get_id_range(1, &counter, 15), init);

	KUNIT_EXPECT_EQ(

		test, get_id_range(get_random_u8(), &counter, get_random_u8()),

		init + 16);

}

static void test_range1_rand16(struct kunit *const test)

{

	atomic64_t counter;

		init + 4);

}

static void test_range2_rand15(struct kunit *const test)

{

	atomic64_t counter;

	u64 init;

	init = get_random_u32();

	atomic64_set(&counter, init);

	KUNIT_EXPECT_EQ(test, get_id_range(2, &counter, 15), init);

	KUNIT_EXPECT_EQ(

		test, get_id_range(get_random_u8(), &counter, get_random_u8()),

		init + 17);

}

static void test_range2_rand16(struct kunit *const test)

{

	atomic64_t counter;

	KUNIT_CASE(test_init_once),

	KUNIT_CASE(test_range1_rand0),

	KUNIT_CASE(test_range1_rand1),

	KUNIT_CASE(test_range1_rand15),

	KUNIT_CASE(test_range1_rand16),

	KUNIT_CASE(test_range2_rand0),

	KUNIT_CASE(test_range2_rand1),

	KUNIT_CASE(test_range2_rand2),

	KUNIT_CASE(test_range2_rand15),

	KUNIT_CASE(test_range2_rand16),

	{}

	/* clang-format on */

#include <asm/current.h>

#include <linux/anon_inodes.h>

#include <linux/bitops.h>

#include <linux/build_bug.h>

#include <linux/capability.h>

#include <linux/cleanup.h>

	new_llcred->domain = new_dom;

#ifdef CONFIG_AUDIT

	new_llcred->domain_exec |= 1 << (new_dom->num_layers - 1);

	new_llcred->domain_exec |= BIT(new_dom->num_layers - 1);

#endif /* CONFIG_AUDIT */

	return commit_creds(new_cred);