Kernel+LibC: Implement a few mount flags

We now support these mount flags: * MS_NODEV: disallow opening any devices from this file system * MS_NOEXEC: disallow executing any executables from this file system * MS_NOSUID: ignore set-user-id bits on executables from this file system The fourth flag, MS_BIND, is defined, but currently ignored.
2025-10-31 06:02:44 +00:00 · 2020-01-11 18:45:38 +03:00 · 2020-01-11 18:45:38 +03:00 · 61c1106d9f
commit 61c1106d9f
parent 2fcbb846fb
4 changed files with 19 additions and 5 deletions
--- a/Kernel/FileSystem/VirtualFileSystem.cpp
+++ b/Kernel/FileSystem/VirtualFileSystem.cpp
@ -216,11 +216,13 @@ KResultOr<NonnullRefPtr<FileDescription>> VFS::open(StringView path, int options
        should_truncate_file = options & O_TRUNC;
    }
    if (options & O_EXEC) {
-        if (!metadata.may_execute(current->process()))
+        if (!metadata.may_execute(current->process()) || (custody.mount_flags() & MS_NOEXEC))
            return KResult(-EACCES);
    }

    if (metadata.is_device()) {
+        if (custody.mount_flags() & MS_NODEV)
+            return KResult(-EACCES);
        auto device = Device::get_device(metadata.major_device, metadata.minor_device);
        if (device == nullptr) {
            return KResult(-ENODEV);
--- a/Kernel/FileSystem/VirtualFileSystem.h
+++ b/Kernel/FileSystem/VirtualFileSystem.h
@ -28,6 +28,11 @@
 #define O_DIRECT 04000000
 #define O_NOFOLLOW_NOERROR 0x4000000

+#define MS_NODEV 1
+#define MS_NOEXEC 2
+#define MS_NOSUID 4
+#define MS_BIND 8
+
 class Custody;
 class Device;
 class FileDescription;
--- a/Kernel/Process.cpp
+++ b/Kernel/Process.cpp
@ -750,10 +750,12 @@ int Process::do_exec(String path, Vector<String> arguments, Vector<String> envir
    // Copy of the master TLS region that we will clone for new threads
    m_master_tls_region = master_tls_region;

-    if (metadata.is_setuid())
-        m_euid = metadata.uid;
-    if (metadata.is_setgid())
-        m_egid = metadata.gid;
+    if (!(description->custody()->mount_flags() & MS_NOSUID)) {
+        if (metadata.is_setuid())
+            m_euid = metadata.uid;
+        if (metadata.is_setgid())
+            m_egid = metadata.gid;
+    }

    current->set_default_signal_dispositions();
    current->m_signal_mask = 0;
--- a/Libraries/LibC/unistd.h
+++ b/Libraries/LibC/unistd.h
@ -128,6 +128,11 @@ enum {
 #define X_OK 1
 #define F_OK 0

+#define MS_NODEV 1
+#define MS_NOEXEC 2
+#define MS_NOSUID 4
+#define MS_BIND 8
+
 /*
 * We aren't fully compliant (don't support policies, and don't have a wide
 * range of values), but we do have process priorities.