[RFC PATCH v14 05/10] fs, landlock: Support filesystem access-control
Jann Horn
jannh at google.com
Wed Feb 26 20:29:18 UTC 2020
On Mon, Feb 24, 2020 at 5:03 PM Mickaël Salaün <mic at digikod.net> wrote:
> +static inline u32 get_mem_access(unsigned long prot, bool private)
> +{
> + u32 access = LANDLOCK_ACCESS_FS_MAP;
> +
> + /* Private mapping do not write to files. */
> + if (!private && (prot & PROT_WRITE))
> + access |= LANDLOCK_ACCESS_FS_WRITE;
> + if (prot & PROT_READ)
> + access |= LANDLOCK_ACCESS_FS_READ;
> + if (prot & PROT_EXEC)
> + access |= LANDLOCK_ACCESS_FS_EXECUTE;
> + return access;
> +}
When I do the following, is landlock going to detect that the mmap()
is a read access, or is it incorrectly going to think that it's
neither read nor write?
$ cat write-only.c
#include <fcntl.h>
#include <sys/mman.h>
#include <stdio.h>
int main(void) {
int fd = open("/etc/passwd", O_RDONLY);
char *ptr = mmap(NULL, 0x1000, PROT_WRITE, MAP_PRIVATE, fd, 0);
printf("'%.*s'\n", 4, ptr);
}
$ gcc -o write-only write-only.c -Wall
$ ./write-only
'root'
$
More information about the Linux-security-module-archive
mailing list