The Landlock Linux security module that was added to the mainline Linux kernel four years ago for unprivileged application sandboxing and similar access controls has a rather weird update for the in-development Linux 6.14 kernel: Land lock can now deal with “weird files”.
The Landlock pull request for the Linux 6.14 merge window notes:
“This PR mostly factors out some Landlock code and prepares for upcoming audit support. Because weird files might be visible after filesystem corruption, Landlock now properly handles weird files too. A few sample and test issues are also fixed.”
Being curious over this reference to “weird files”, I wondered what exactly that entailed.
From one of the patches working on this weird file support for Landlock, it noted:
“A corrupted filesystem (e.g. bcachefs) might return weird files. Instead of throwing a warning and allowing access to such file, treat them as regular files.”
With at least Bcachefs when becoming corrupted, paired with the Landlock Linux Security Module (LSM), it could yield this situation of seeing “weird files”. This weird file issue was also caught by Syzbot kernel testing and separately discovered nearly one year ago by Ubisectech Sirius Team as the vulnerability lab of China’s ValiantSec.
With Linux 6.14, Landlock will now treat these weird files as regular files.
