Could you please send a v2 for this patch? I'd like this issue to be fixed, especially before any other Landlock feature get merged. On Mon, Apr 08, 2024 at 05:47:45PM +0800, Ivanov Mikhail wrote: > listen(2) can be called without explicit bind(2) call. For a TCP socket > it would result in assigning random port(in some range) to this socket > by the kernel. If Landlock sandbox supports LANDLOCK_ACCESS_NET_BIND_TCP, > this may lead to implicit access to a prohibited (by Landlock sandbox) > port. Malicious sandboxed process can accidentally impersonate a > legitimate server process (if listen(2) assigns it a server port number). > > Patch adds hook on socket_listen() that prevents such scenario by checking > LANDLOCK_ACCESS_NET_BIND_TCP access for port 0. > > Few tests were added to cover this case. > > Code coverage(gcov): > * security/landlock: > lines......: 94.5% (745 of 788 lines) > functions..: 97.1% (100 of 103 functions) > > Ivanov Mikhail (2): > landlock: Add hook on socket_listen() > selftests/landlock: Create 'listen_zero', 'deny_listen_zero' tests > > security/landlock/net.c | 104 +++++++++++++++++--- > tools/testing/selftests/landlock/net_test.c | 89 +++++++++++++++++ > 2 files changed, 177 insertions(+), 16 deletions(-) > > -- > 2.34.1 > >
