Implement Linux LandLock into runc (POC/WIP)

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/cyphar/filepath-securejoin v0.4.1
 	github.com/docker/go-units v0.5.0
 	github.com/godbus/dbus/v5 v5.1.0
+	github.com/landlock-lsm/go-landlock v0.0.0-20250303204525-1544bccde3a3
 	github.com/moby/sys/capability v0.4.0
 	github.com/moby/sys/mountinfo v0.7.2
 	github.com/moby/sys/user v0.4.0
@@ -31,4 +32,5 @@ require (
 	github.com/cilium/ebpf v0.17.3 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	kernel.org/pub/linux/libs/security/libcap/psx v1.2.70 // indirect
 )

go.sum

@@ -30,6 +30,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/landlock-lsm/go-landlock v0.0.0-20250303204525-1544bccde3a3 h1:zcMi8R8vP0WrrXlFMNUBpDy/ydo3sTnCcUPowq1XmSc=
+github.com/landlock-lsm/go-landlock v0.0.0-20250303204525-1544bccde3a3/go.mod h1:RSub3ourNF8Hf+swvw49Catm3s7HVf4hzdFxDUnEzdA=
 github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g=
 github.com/mdlayher/netlink v1.7.2/go.mod h1:xraEF7uJbxLhc5fpHL4cPe221LI2bdttWlU+ZGLfQSw=
 github.com/mdlayher/socket v0.4.1 h1:eM9y2/jlbs1M615oshPQOHZzj6R6wMT7bX5NPiQvn2U=
@@ -93,3 +95,5 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+kernel.org/pub/linux/libs/security/libcap/psx v1.2.70 h1:HsB2G/rEQiYyo1bGoQqHZ/Bvd6x1rERQTNdPr1FyWjI=
+kernel.org/pub/linux/libs/security/libcap/psx v1.2.70/go.mod h1:+l6Ee2F59XiJ2I6WR5ObpC1utCQJZ/VLsEbQCD8RG24=

libcontainer/configs/config.go

@@ -238,6 +238,9 @@ type Config struct {
 
 	// ExecCPUAffinity is CPU affinity for a non-init process to be run in the container.
 	ExecCPUAffinity *CPUAffinity `json:"exec_cpu_affinity,omitempty"`
+
+	// Landlock contains configuration for Landlock LSM restrictions.
+	Landlock *LandlockConfig `json:"landlock,omitempty"`
 }
 
 // Scheduler is based on the Linux sched_setattr(2) syscall.

libcontainer/configs/landlock.go

@@ -0,0 +1,11 @@
+package configs
+
+type LandlockConfig struct {
+	Mode       string   `json:"mode"` // "enforce"|"best-effort"
+	RoDirs     []string `json:"roDirs"`
+	RwDirs     []string `json:"rwDirs"`
+	WithRefer  []string `json:"withRefer"` // dirs that need cross-dir rename/link
+	IoctlDev   []string `json:"ioctlDev"`  // device paths requiring ioctl
+	BindTCP    []uint16 `json:"bindTCP"`
+	ConnectTCP []uint16 `json:"connectTCP"`
+}

libcontainer/landlock/apply_linux.go

@@ -0,0 +1,56 @@
+package landlock
+
+import (
+	"fmt"
+
+	ll "github.com/landlock-lsm/go-landlock/landlock"
+	"github.com/opencontainers/runc/libcontainer/configs"
+)
+
+func Apply(cfg *configs.LandlockConfig) error {
+	if cfg == nil {
+		return nil
+	}
+
+	// Choose ABI + fallback policy
+	var c ll.Config
+	switch cfg.Mode {
+	case "best-effort":
+		c = ll.V5.BestEffort() // V5 covers FS+NET+ioctl-dev; will step down automatically
+	case "enforce":
+		c = ll.V5 // or ll.V6 once you use scopes
+	default:
+		c = ll.V5.BestEffort()
+	}
+
+	var rules []ll.Rule
+
+	if len(cfg.RoDirs) > 0 {
+		rules = append(rules, ll.RODirs(cfg.RoDirs...))
+	}
+	if len(cfg.RwDirs) > 0 {
+		rules = append(rules, ll.RWDirs(cfg.RwDirs...))
+	}
+	for _, d := range cfg.WithRefer {
+		rules = append(rules, ll.RWDirs(d).WithRefer())
+	}
+	for _, d := range cfg.IoctlDev {
+		rules = append(rules, ll.RODirs(d).WithIoctlDev())
+	}
+
+	for _, p := range cfg.BindTCP {
+		rules = append(rules, ll.BindTCP(p))
+	}
+	for _, p := range cfg.ConnectTCP {
+		rules = append(rules, ll.ConnectTCP(p))
+	}
+
+	// This sets PR_SET_NO_NEW_PRIVS as needed and then restricts self.
+	// The library internally queries ABI and degrades if BestEffort().
+	if err := c.Restrict(rules...); err != nil {
+		if cfg.Mode == "enforce" {
+			return fmt.Errorf("landlock enforce failed: %w", err)
+		}
+	}
+	return nil
+}

libcontainer/standard_init_linux.go

@@ -15,6 +15,7 @@ import (
 	"github.com/opencontainers/runc/libcontainer/apparmor"
 	"github.com/opencontainers/runc/libcontainer/configs"
 	"github.com/opencontainers/runc/libcontainer/keys"
+	"github.com/opencontainers/runc/libcontainer/landlock"
 	"github.com/opencontainers/runc/libcontainer/seccomp"
 	"github.com/opencontainers/runc/libcontainer/system"
 	"github.com/opencontainers/runc/libcontainer/utils"
@@ -238,6 +239,12 @@ func (l *linuxStandardInit) Init() error {
 		}
 	}
 
+	if l.config.Config.Landlock != nil {
+		if err := landlock.Apply(l.config.Config.Landlock); err != nil {
+			return fmt.Errorf("failed to apply landlock restrictions: %w", err)
+		}
+	}
+
 	// Set personality if specified.
 	if l.config.Config.Personality != nil {
 		if err := setupPersonality(l.config.Config); err != nil {