[RFC PATCH v14 05/10] fs, landlock: Support filesystem access-control

Jann Horn jannh at google.com
Wed Feb 26 20:29:18 UTC 2020


On Mon, Feb 24, 2020 at 5:03 PM Mickaël Salaün <mic at digikod.net> wrote:
> +static inline u32 get_mem_access(unsigned long prot, bool private)
> +{
> +       u32 access = LANDLOCK_ACCESS_FS_MAP;
> +
> +       /* Private mapping do not write to files. */
> +       if (!private && (prot & PROT_WRITE))
> +               access |= LANDLOCK_ACCESS_FS_WRITE;
> +       if (prot & PROT_READ)
> +               access |= LANDLOCK_ACCESS_FS_READ;
> +       if (prot & PROT_EXEC)
> +               access |= LANDLOCK_ACCESS_FS_EXECUTE;
> +       return access;
> +}

When I do the following, is landlock going to detect that the mmap()
is a read access, or is it incorrectly going to think that it's
neither read nor write?

$ cat write-only.c
#include <fcntl.h>
#include <sys/mman.h>
#include <stdio.h>
int main(void) {
  int fd = open("/etc/passwd", O_RDONLY);
  char *ptr = mmap(NULL, 0x1000, PROT_WRITE, MAP_PRIVATE, fd, 0);
  printf("'%.*s'\n", 4, ptr);
}
$ gcc -o write-only write-only.c -Wall
$ ./write-only
'root'
$



More information about the Linux-security-module-archive mailing list