landlock: Clarify documentation for the IOCTL access right

Move the description of the LANDLOCK_ACCESS_FS_IOCTL_DEV access right
together with the file access rights.

This group of access rights applies to files (in this case device
files), and they can be added to file or directory inodes using
landlock_add_rule(2). The check for that works the same for all file
access rights, including LANDLOCK_ACCESS_FS_IOCTL_DEV.

Invoking ioctl(2) on directory FDs can not currently be restricted
with Landlock. Having it grouped separately in the documentation is a
remnant from earlier revisions of the LANDLOCK_ACCESS_FS_IOCTL_DEV
patch set.

Link: https://lore.kernel.org/all/20260108.Thaex5ruach2@digikod.net/
Signed-off-by: Günther Noack <gnoack3000@gmail.com>
Link: https://lore.kernel.org/r/20260111175203.6545-2-gnoack3000@gmail.com
Signed-off-by: Mickaël Salaün <mic@digikod.net>

authored by

Günther Noack and committed by

Mickaël Salaün 3 months ago 6abbb870 15e8d739

+17 -20

1 changed file

expand all

include

uapi

linux

landlock.h

+17 -20

include/uapi/linux/landlock.h

··· 216 216 * :manpage:`ftruncate(2)`, :manpage:`creat(2)`, or :manpage:`open(2)` with 217 217 * ``O_TRUNC``. This access right is available since the third version of the 218 218 * Landlock ABI. 219 + * - %LANDLOCK_ACCESS_FS_IOCTL_DEV: Invoke :manpage:`ioctl(2)` commands on an opened 220 + * character or block device. 221 + * 222 + * This access right applies to all `ioctl(2)` commands implemented by device 223 + * drivers. However, the following common IOCTL commands continue to be 224 + * invokable independent of the %LANDLOCK_ACCESS_FS_IOCTL_DEV right: 225 + * 226 + * * IOCTL commands targeting file descriptors (``FIOCLEX``, ``FIONCLEX``), 227 + * * IOCTL commands targeting file descriptions (``FIONBIO``, ``FIOASYNC``), 228 + * * IOCTL commands targeting file systems (``FIFREEZE``, ``FITHAW``, 229 + * ``FIGETBSZ``, ``FS_IOC_GETFSUUID``, ``FS_IOC_GETFSSYSFSPATH``) 230 + * * Some IOCTL commands which do not make sense when used with devices, but 231 + * whose implementations are safe and return the right error codes 232 + * (``FS_IOC_FIEMAP``, ``FICLONE``, ``FICLONERANGE``, ``FIDEDUPERANGE``) 233 + * 234 + * This access right is available since the fifth version of the Landlock 235 + * ABI. 219 236 * 220 237 * Whether an opened file can be truncated with :manpage:`ftruncate(2)` or used 221 238 * with `ioctl(2)` is determined during :manpage:`open(2)`, in the same way as ··· 291 274 * 292 275 * If multiple requirements are not met, the ``EACCES`` error code takes 293 276 * precedence over ``EXDEV``. 294 - * 295 - * The following access right applies both to files and directories: 296 - * 297 - * - %LANDLOCK_ACCESS_FS_IOCTL_DEV: Invoke :manpage:`ioctl(2)` commands on an opened 298 - * character or block device. 299 - * 300 - * This access right applies to all `ioctl(2)` commands implemented by device 301 - * drivers. However, the following common IOCTL commands continue to be 302 - * invokable independent of the %LANDLOCK_ACCESS_FS_IOCTL_DEV right: 303 - * 304 - * * IOCTL commands targeting file descriptors (``FIOCLEX``, ``FIONCLEX``), 305 - * * IOCTL commands targeting file descriptions (``FIONBIO``, ``FIOASYNC``), 306 - * * IOCTL commands targeting file systems (``FIFREEZE``, ``FITHAW``, 307 - * ``FIGETBSZ``, ``FS_IOC_GETFSUUID``, ``FS_IOC_GETFSSYSFSPATH``) 308 - * * Some IOCTL commands which do not make sense when used with devices, but 309 - * whose implementations are safe and return the right error codes 310 - * (``FS_IOC_FIEMAP``, ``FICLONE``, ``FICLONERANGE``, ``FIDEDUPERANGE``) 311 - * 312 - * This access right is available since the fifth version of the Landlock 313 - * ABI. 314 277 * 315 278 * .. warning:: 316 279 *

Configure Feed

Configure Feed