1*8d67ca89SAndroid Build Coastguard Worker /* 2*8d67ca89SAndroid Build Coastguard Worker * This file is auto-generated. Modifications will be lost. 3*8d67ca89SAndroid Build Coastguard Worker * 4*8d67ca89SAndroid Build Coastguard Worker * See https://android.googlesource.com/platform/bionic/+/master/libc/kernel/ 5*8d67ca89SAndroid Build Coastguard Worker * for more information. 6*8d67ca89SAndroid Build Coastguard Worker */ 7*8d67ca89SAndroid Build Coastguard Worker #ifndef _UAPI_LINUX_LANDLOCK_H 8*8d67ca89SAndroid Build Coastguard Worker #define _UAPI_LINUX_LANDLOCK_H 9*8d67ca89SAndroid Build Coastguard Worker #include <linux/types.h> 10*8d67ca89SAndroid Build Coastguard Worker struct landlock_ruleset_attr { 11*8d67ca89SAndroid Build Coastguard Worker __u64 handled_access_fs; 12*8d67ca89SAndroid Build Coastguard Worker __u64 handled_access_net; 13*8d67ca89SAndroid Build Coastguard Worker }; 14*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_CREATE_RULESET_VERSION (1U << 0) 15*8d67ca89SAndroid Build Coastguard Worker enum landlock_rule_type { 16*8d67ca89SAndroid Build Coastguard Worker LANDLOCK_RULE_PATH_BENEATH = 1, 17*8d67ca89SAndroid Build Coastguard Worker LANDLOCK_RULE_NET_PORT, 18*8d67ca89SAndroid Build Coastguard Worker }; 19*8d67ca89SAndroid Build Coastguard Worker struct landlock_path_beneath_attr { 20*8d67ca89SAndroid Build Coastguard Worker __u64 allowed_access; 21*8d67ca89SAndroid Build Coastguard Worker __s32 parent_fd; 22*8d67ca89SAndroid Build Coastguard Worker } __attribute__((packed)); 23*8d67ca89SAndroid Build Coastguard Worker struct landlock_net_port_attr { 24*8d67ca89SAndroid Build Coastguard Worker __u64 allowed_access; 25*8d67ca89SAndroid Build Coastguard Worker __u64 port; 26*8d67ca89SAndroid Build Coastguard Worker }; 27*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_EXECUTE (1ULL << 0) 28*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_WRITE_FILE (1ULL << 1) 29*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_READ_FILE (1ULL << 2) 30*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_READ_DIR (1ULL << 3) 31*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_REMOVE_DIR (1ULL << 4) 32*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_REMOVE_FILE (1ULL << 5) 33*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_CHAR (1ULL << 6) 34*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_DIR (1ULL << 7) 35*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_REG (1ULL << 8) 36*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_SOCK (1ULL << 9) 37*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_FIFO (1ULL << 10) 38*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_BLOCK (1ULL << 11) 39*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_MAKE_SYM (1ULL << 12) 40*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_REFER (1ULL << 13) 41*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_TRUNCATE (1ULL << 14) 42*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_FS_IOCTL_DEV (1ULL << 15) 43*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_NET_BIND_TCP (1ULL << 0) 44*8d67ca89SAndroid Build Coastguard Worker #define LANDLOCK_ACCESS_NET_CONNECT_TCP (1ULL << 1) 45*8d67ca89SAndroid Build Coastguard Worker #endif 46