github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/test/landlock_fs_ioctl

github.com/google/syzkaller@v0.0.0-20240517125934-c0f1611a36d6/sys/linux/test/landlock_fs_ioctl (about)

     1  # Makes a regular file.
     2  
     3  mknodat(0xffffffffffffff9c, &AUTO='./file0\x00', 0x81c0, 0x0)
     4  
     5  # Creates a ruleset to restrict most filesystem IOCTLs: LANDLOCK_ACCESS_FS_IOCTL_DEV.
     6  
     7  r0 = landlock_create_ruleset(&AUTO={0x8000, 0x0}, AUTO, 0x0)
     8  
     9  # No need to close FDs for this test.
    10  
    11  # Enforces the first ruleset.
    12  
    13  prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
    14  landlock_restrict_self(r0, 0x0)
    15  
    16  # Opens file in read-write mode after sandboxing.
    17  
    18  r1 = openat$dir(0xffffffffffffff9c, &AUTO='./file0\x00', 0x2, 0x0)
    19  
    20  # Denied FIOQSIZE IOCTL.
    21  
    22  ioctl(r1, 0x5460, 0x0) # EACCES
    23  
    24  # Allowed FIOCLEX IOCTL.
    25  
    26  ioctl(r1, 0x5451, 0x0)