Re: [RFC PATCH v14 05/10] fs,landlock: Support filesystem access-control

[Jann Horn]

On Mon, Feb 24, 2020 at 5:03 PM MickaÃl SalaÃn <mic@xxxxxxxxxxx> wrote:
> +static inline u32 get_mem_access(unsigned long prot, bool private)
> +{
> +       u32 access = LANDLOCK_ACCESS_FS_MAP;
> +
> +       /* Private mapping do not write to files. */
> +       if (!private && (prot & PROT_WRITE))
> +               access |= LANDLOCK_ACCESS_FS_WRITE;
> +       if (prot & PROT_READ)
> +               access |= LANDLOCK_ACCESS_FS_READ;
> +       if (prot & PROT_EXEC)
> +               access |= LANDLOCK_ACCESS_FS_EXECUTE;
> +       return access;
> +}

When I do the following, is landlock going to detect that the mmap()
is a read access, or is it incorrectly going to think that it's
neither read nor write?

$ cat write-only.c
#include <fcntl.h>
#include <sys/mman.h>
#include <stdio.h>
int main(void) {
  int fd = open("/etc/passwd", O_RDONLY);
  char *ptr = mmap(NULL, 0x1000, PROT_WRITE, MAP_PRIVATE, fd, 0);
  printf("'%.*s'\n", 4, ptr);
}
$ gcc -o write-only write-only.c -Wall
$ ./write-only
'root'
$