linux/samples
Linus Torvalds 299e2b1967 Landlock updates for v6.2-rc1
-----BEGIN PGP SIGNATURE-----
 
 iIYEABYIAC4WIQSVyBthFV4iTW/VU1/l49DojIL20gUCY5b27RAcbWljQGRpZ2lr
 b2QubmV0AAoJEOXj0OiMgvbSg9YA/0K10H+VsGt1+qqR4+w9SM7SFzbgszrV3Yw9
 rwiPgaPVAP9rxXPr2bD2hAk7/Lv9LeJ2kfM9RzMErP1A6UsC5YVbDA==
 =mAG7
 -----END PGP SIGNATURE-----

Merge tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux

Pull landlock updates from Mickaël Salaün:
 "This adds file truncation support to Landlock, contributed by Günther
  Noack. As described by Günther [1], the goal of these patches is to
  work towards a more complete coverage of file system operations that
  are restrictable with Landlock.

  The known set of currently unsupported file system operations in
  Landlock is described at [2]. Out of the operations listed there,
  truncate is the only one that modifies file contents, so these patches
  should make it possible to prevent the direct modification of file
  contents with Landlock.

  The new LANDLOCK_ACCESS_FS_TRUNCATE access right covers both the
  truncate(2) and ftruncate(2) families of syscalls, as well as open(2)
  with the O_TRUNC flag. This includes usages of creat() in the case
  where existing regular files are overwritten.

  Additionally, this introduces a new Landlock security blob associated
  with opened files, to track the available Landlock access rights at
  the time of opening the file. This is in line with Unix's general
  approach of checking the read and write permissions during open(), and
  associating this previously checked authorization with the opened
  file. An ongoing patch documents this use case [3].

  In order to treat truncate(2) and ftruncate(2) calls differently in an
  LSM hook, we split apart the existing security_path_truncate hook into
  security_path_truncate (for truncation by path) and
  security_file_truncate (for truncation of previously opened files)"

Link: https://lore.kernel.org/r/20221018182216.301684-1-gnoack3000@gmail.com [1]
Link: https://www.kernel.org/doc/html/v6.1/userspace-api/landlock.html#filesystem-flags [2]
Link: https://lore.kernel.org/r/20221209193813.972012-1-mic@digikod.net [3]

* tag 'landlock-6.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/mic/linux:
  samples/landlock: Document best-effort approach for LANDLOCK_ACCESS_FS_REFER
  landlock: Document Landlock's file truncation support
  samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE
  selftests/landlock: Test ftruncate on FDs created by memfd_create(2)
  selftests/landlock: Test FD passing from restricted to unrestricted processes
  selftests/landlock: Locally define __maybe_unused
  selftests/landlock: Test open() and ftruncate() in multiple scenarios
  selftests/landlock: Test file truncation support
  landlock: Support file truncation
  landlock: Document init_layer_masks() helper
  landlock: Refactor check_access_path_dual() into is_access_to_paths_allowed()
  security: Create file_truncate hook from path_truncate hook
2022-12-13 09:14:50 -08:00
..
acrn sample/acrn: Introduce a sample of HSM ioctl interface usage 2021-02-09 10:58:19 +01:00
auxdisplay .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
binderfs .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
bpf samples/bpf: Fix typo in xdp_router_ipv4 sample 2022-09-30 15:04:23 -07:00
configfs treewide: remove editor modelines and cruft 2021-05-07 00:26:34 -07:00
connector .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
coresight coresight: syscfg: Example CoreSight configuration loadable module 2021-11-26 11:34:07 -07:00
fanotify Add gitignore file for samples/fanotify/ subdirectory 2021-11-07 11:19:24 -08:00
fprobe Fixes and minor clean ups for tracing: 2022-07-12 16:17:40 -07:00
ftrace x86/ibt,ftrace: Add ENDBR to samples/ftrace 2022-03-15 10:32:38 +01:00
hidraw .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
hw_breakpoint samples/hw_breakpoint: drop use of kallsyms_lookup_name() 2020-04-07 10:43:44 -07:00
kdb kdb: Rename members of struct kdbtab_t 2021-07-27 17:05:06 +01:00
kfifo samples/kfifo: Rename read_lock/write_lock 2021-10-13 14:36:48 +02:00
kmemleak mm,kmemleak-test.c: move kmemleak-test.c to samples dir 2020-10-13 18:38:27 -07:00
kobject samples/kobject: Use sysfs_emit instead of sprintf 2022-03-18 14:28:29 +01:00
kprobes samples: Use KSYM_NAME_LEN for kprobes 2022-07-12 16:36:45 -04:00
landlock samples/landlock: Document best-effort approach for LANDLOCK_ACCESS_FS_REFER 2022-11-07 20:49:50 +01:00
livepatch livepatch: Reorder to use before freeing a pointer 2022-03-23 13:51:11 +01:00
mei samples: mei: don't wait on read completion upon write. 2021-08-01 09:54:22 +02:00
nitro_enclaves nitro_enclaves: Add fixes for checkpatch blank line reports 2021-09-14 11:11:20 +02:00
pidfd .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
pktgen samples: pktgen: add trap SIGINT for printing execution result 2021-08-25 13:44:30 +01:00
qmi soc: qcom: qmi: use const for struct qmi_elem_info 2022-08-29 17:33:01 -05:00
rpmsg
rust rust: macros: take string literals in module! 2022-12-04 01:59:15 +01:00
seccomp samples/seccomp: Adjust sample to also provide kill option 2022-02-10 19:09:12 -08:00
timers .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
trace_events tracing: Add example and documentation for new __vstring() macro 2022-07-24 19:11:17 -04:00
trace_printk samples/trace_printk: Wait for IRQ work to finish 2019-12-21 16:08:22 -05:00
uhid kbuild: introduce hostprogs-always-y and userprogs-always-y 2020-08-10 01:32:59 +09:00
user_events tracing/user_events: Use bits vs bytes for enabled status page data 2022-09-29 10:17:37 -04:00
v4l treewide: Replace GPLv2 boilerplate/reference with SPDX - gpl-2.0_168.RULE (part 2) 2022-06-10 14:51:36 +02:00
vfio-mdev vfio/mdev: add mdev available instance checking to the core 2022-10-04 12:06:58 -06:00
vfs .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
watch_queue .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
watchdog .gitignore: prefix local generated files with a slash 2021-05-02 00:43:35 +09:00
Kconfig samples: add first Rust examples 2022-09-28 09:03:08 +02:00
Makefile samples: add first Rust examples 2022-09-28 09:03:08 +02:00