[PATCH v5 3/4] samples/landlock: Extend sample tool to support... | linux-security-module

[PATCH v5 0/4] landlock: truncate support · Günther Noack <hidden> · 2022-08-17
[PATCH v5 1/4] landlock: Support file truncation · Günther Noack <hidden> · 2022-08-17
[PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Günther Noack <hidden> · 2022-08-17
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Mickaël Salaün <mic@digikod.net> · 2022-08-18
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Günther Noack <hidden> · 2022-08-19
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Mickaël Salaün <mic@digikod.net> · 2022-08-19
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Mickaël Salaün <mic@digikod.net> · 2022-08-19
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Konstantin Meskhidze (A) <hidden> · 2022-08-19
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Mickaël Salaün <mic@digikod.net> · 2022-08-19
Re: [PATCH v5 2/4] selftests/landlock: Selftests for file truncation support · Günther Noack <hidden> · 2022-08-20
[PATCH v5 3/4] samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE · Günther Noack <hidden> · 2022-08-17
[PATCH v5 4/4] landlock: Document Landlock's file truncation support · Günther Noack <hidden> · 2022-08-17
Re: [PATCH v5 0/4] landlock: truncate support · Mickaël Salaün <mic@digikod.net> · 2022-09-01
Re: [PATCH v5 0/4] landlock: truncate support · Günther Noack <hidden> · 2022-09-02
Re: [PATCH v5 0/4] landlock: truncate support · Günther Noack <hidden> · 2022-09-02
Re: [PATCH v5 0/4] landlock: truncate support · Mickaël Salaün <mic@digikod.net> · 2022-09-02
Re: [PATCH v5 0/4] landlock: truncate support · Günther Noack <hidden> · 2022-09-02
Re: [PATCH v5 0/4] landlock: truncate support · Mickaël Salaün <mic@digikod.net> · 2022-09-03
Re: [PATCH v5 0/4] landlock: truncate support · xiujianfeng <xiujianfeng@huawei.com> · 2022-09-02
Re: [PATCH v5 0/4] landlock: truncate support · Mickaël Salaün <mic@digikod.net> · 2022-09-02

STALE1370d

Revisions (9)

2022-07-12 v2 [diff vs current]
2022-08-04 v3 [diff vs current]
2022-08-14 v4 [diff vs current]
2022-08-17 v5 current
2022-09-08 v6 [diff vs current]
2022-09-30 v7 [diff vs current]
2022-10-01 v8 [diff vs current]
2022-10-08 v9 [diff vs current]
2022-10-18 v10 [diff vs current]

[PATCH v5 3/4] samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE

From: Günther Noack <hidden>
Date: 2022-08-17 20:30:41
Also in: linux-fsdevel
Subsystem: landlock security module, the rest · Maintainers: Mickaël Salaün, Linus Torvalds

Update the sandboxer sample to restrict truncate actions. This is
automatically enabled by default if the running kernel supports
LANDLOCK_ACCESS_FS_TRUNCATE, expect for the paths listed in the
LL_FS_RW environment variable.

Signed-off-by: Günther Noack <redacted>
---
 samples/landlock/sandboxer.c | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/samples/landlock/sandboxer.c b/samples/landlock/sandboxer.c
index 3e404e51ec64..771b6b10d519 100644
--- a/samples/landlock/sandboxer.c
+++ b/samples/landlock/sandboxer.c

@@ -76,7 +76,8 @@ static int parse_path(char *env_path, const char ***const path_list)
 #define ACCESS_FILE ( \
 	LANDLOCK_ACCESS_FS_EXECUTE | \
 	LANDLOCK_ACCESS_FS_WRITE_FILE | \
-	LANDLOCK_ACCESS_FS_READ_FILE)
+	LANDLOCK_ACCESS_FS_READ_FILE | \
+	LANDLOCK_ACCESS_FS_TRUNCATE)
 
 /* clang-format on */

@@ -160,10 +161,8 @@ static int populate_ruleset(const char *const env_var, const int ruleset_fd,
 	LANDLOCK_ACCESS_FS_MAKE_FIFO | \
 	LANDLOCK_ACCESS_FS_MAKE_BLOCK | \
 	LANDLOCK_ACCESS_FS_MAKE_SYM | \
-	LANDLOCK_ACCESS_FS_REFER)
-
-#define ACCESS_ABI_2 ( \
-	LANDLOCK_ACCESS_FS_REFER)
+	LANDLOCK_ACCESS_FS_REFER | \
+	LANDLOCK_ACCESS_FS_TRUNCATE)
 
 /* clang-format on */

@@ -226,11 +225,17 @@ int main(const int argc, char *const argv[], char *const *const envp)
 		return 1;
 	}
 	/* Best-effort security. */
-	if (abi < 2) {
-		ruleset_attr.handled_access_fs &= ~ACCESS_ABI_2;
-		access_fs_ro &= ~ACCESS_ABI_2;
-		access_fs_rw &= ~ACCESS_ABI_2;
+	switch (abi) {
+	case 1:
+		/* Removes LANDLOCK_ACCESS_FS_REFER for ABI < 2 */
+		ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_REFER;
+		__attribute__((fallthrough));
+	case 2:
+		/* Removes LANDLOCK_ACCESS_FS_TRUNCATE for ABI < 3 */
+		ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_TRUNCATE;
 	}
+	access_fs_ro &= ruleset_attr.handled_access_fs;
+	access_fs_rw &= ruleset_attr.handled_access_fs;
 
 	ruleset_fd =
 		landlock_create_ruleset(&ruleset_attr, sizeof(ruleset_attr), 0);

-- 
2.37.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help