https://bugs.kde.org/show_bug.cgi?id=489913
Mark Wielaard <m...@klomp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|CONFIRMED |RESOLVED
Resolution|--- |FIXED
--- Comment #2 from Mark Wielaard <m...@klomp.org> ---
Thanks. I made a couple of tweaks so that the landlock_ruleset_attr given to
landlock_create_ruleset is initialized. Added a POST for
landlock_create_ruleset to track the returned file descriptor. And check the
file descriptor given to landlock_add_rule and landlock_restrict_self is valid.
And since it is a generic syscall I also hooked up the other
syswrap-<arch>-linux.c files.
It already found a ruleset fd "leak" in xz with --track-fds=yes.
Depending on the rules installed valgrind might file opening files though, like
debug files. So maybe we may also want a mode where landlock_create_ruleset
just fails with EOPNOTSUPP.
commit b1453546fe7396e7d4b4b2fc8ec7e64b71d18611
Author: Peter Seiderer <ps.rep...@gmx.net>
Date: Mon Jul 8 11:05:47 2024 +0200
Add support for landlock_create_ruleset (444), landlock_add_rule (445) and
landlock_restrict_self (446) syscalls
- add support for landlock_create_ruleset (444) syscall
- add support for landlock_add_rule (445) syscall
- add support for landlock_restrict_self (446) syscall
https://bugs.kde.org/show_bug.cgi?id=489913
Signed-off-by: Peter Seiderer <ps.rep...@gmx.net>
--
You are receiving this mail because:
You are watching all bug changes.
