Skip to content

linux: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits #4545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 24, 2025
Merged

linux: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits #4545

merged 1 commit into from
Jul 24, 2025
+38 −3

Conversation

Gelbpunkt
Copy link
Contributor

Description

These were added in 6.14.

Sources

torvalds/linux@a0623b2

Checklist

  • Relevant tests in libc-test/semver have been updated
  • No placeholder or unstable values like *LAST or *MAX are
    included (see #3131)
  • Tested locally (cd libc-test && cargo test --target mytarget);
    especially relevant for platforms that may not be checked in CI

@Gelbpunkt
Copy link
Contributor Author

The CI is using older kernel headers, which causes the semver tests to fail there. Not sure how to proceed here.

@a-gavin
Copy link

a-gavin commented Jul 11, 2025

Consider skipping the constants with a FIXME(linux) as others have done (like this).

I haven't looked closely for this in developer documentation, so I don't know if this is necessarily the correct or most desirable approach here.

@Gelbpunkt Gelbpunkt force-pushed the new-secbits branch 3 times, most recently from 9a27313 to 2792779 Compare July 15, 2025 23:32
tgross35
tgross35 reviewed Jul 16, 2025
View reviewed changes
@Gelbpunkt
linux: Add EXEC_RESTRICT_FILE and EXEC_DENY_INTERACTIVE securebits
1a1efaf 
These were added in 6.14 with the following commit:
torvalds/linux@a0623b2

Signed-off-by: Jens Reidel <[email protected]>
@Gelbpunkt Gelbpunkt requested a review from tgross35 July 19, 2025 00:15
tgross35
tgross35 approved these changes Jul 24, 2025
View reviewed changes
Copy link
Contributor

@tgross35 tgross35 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@tgross35 tgross35 added this pull request to the merge queue Jul 24, 2025
Merged via the queue into rust-lang:main with commit 309c084 Jul 24, 2025
48 of 52 checks passed
@Gelbpunkt
Copy link
Contributor Author

@rustbot label +stable-nominated

@rustbot rustbot added the stable-nominated This PR should be considered for cherry-pick to libc's stable release branch label Jul 24, 2025
@Gelbpunkt Gelbpunkt deleted the new-secbits branch July 24, 2025 23:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tgross35 tgross35 tgross35 approved these changes

Assignees
No one assigned
Labels
O-linux O-unix stable-nominated This PR should be considered for cherry-pick to libc's stable release branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Gelbpunkt @a-gavin @tgross35 @rustbot