summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSzabolcs Nagy <nsz@port70.net>2021-07-04 16:34:15 +0000
committerRich Felker <dalias@aerifal.cx>2022-03-08 17:21:14 -0500
commitee05b11b67d59a6c5bb4b9d661bcc20bbd0bbe7a (patch)
treea3d584b3ac147cdb3013a7c7c905484781e3ad16
parent1ee8109ea01c4ac79e7932a533fead96309f80f3 (diff)
downloadmusl-ee05b11b67d59a6c5bb4b9d661bcc20bbd0bbe7a.tar.gz
bits/syscall.h: add landlock syscalls from linux v5.13
see linux commit a49f4f81cb48925e8d7cbd9e59068f516e984144 arch: Wire up Landlock syscalls linuxcommit 17ae69aba89dbfa2139b7f8024b757ab3cc42f59 Merge tag 'landlock_v34' of ... jmorris/linux-security Landlock provides for unprivileged application sandboxing. The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Landlock is inspired by seccomp-bpf but instead of filtering syscalls and their raw arguments, a Landlock rule can restrict the use of kernel objects like file hierarchies, according to the kernel semantic.
-rw-r--r--arch/aarch64/bits/syscall.h.in3
-rw-r--r--arch/arm/bits/syscall.h.in3
-rw-r--r--arch/i386/bits/syscall.h.in3
-rw-r--r--arch/m68k/bits/syscall.h.in3
-rw-r--r--arch/microblaze/bits/syscall.h.in3
-rw-r--r--arch/mips/bits/syscall.h.in3
-rw-r--r--arch/mips64/bits/syscall.h.in3
-rw-r--r--arch/mipsn32/bits/syscall.h.in3
-rw-r--r--arch/or1k/bits/syscall.h.in3
-rw-r--r--arch/powerpc/bits/syscall.h.in3
-rw-r--r--arch/powerpc64/bits/syscall.h.in3
-rw-r--r--arch/riscv64/bits/syscall.h.in3
-rw-r--r--arch/s390x/bits/syscall.h.in3
-rw-r--r--arch/sh/bits/syscall.h.in3
-rw-r--r--arch/x32/bits/syscall.h.in3
-rw-r--r--arch/x86_64/bits/syscall.h.in3
16 files changed, 48 insertions, 0 deletions
diff --git a/arch/aarch64/bits/syscall.h.in b/arch/aarch64/bits/syscall.h.in
index 037da214..5f420e61 100644
--- a/arch/aarch64/bits/syscall.h.in
+++ b/arch/aarch64/bits/syscall.h.in
@@ -296,4 +296,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/arm/bits/syscall.h.in b/arch/arm/bits/syscall.h.in
index 8919137f..048fdea7 100644
--- a/arch/arm/bits/syscall.h.in
+++ b/arch/arm/bits/syscall.h.in
@@ -396,6 +396,9 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
#define __ARM_NR_breakpoint 0x0f0001
#define __ARM_NR_cacheflush 0x0f0002
diff --git a/arch/i386/bits/syscall.h.in b/arch/i386/bits/syscall.h.in
index 4c04ea89..46ffe1d9 100644
--- a/arch/i386/bits/syscall.h.in
+++ b/arch/i386/bits/syscall.h.in
@@ -433,4 +433,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/m68k/bits/syscall.h.in b/arch/m68k/bits/syscall.h.in
index 136775b4..a0c63323 100644
--- a/arch/m68k/bits/syscall.h.in
+++ b/arch/m68k/bits/syscall.h.in
@@ -413,3 +413,6 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/microblaze/bits/syscall.h.in b/arch/microblaze/bits/syscall.h.in
index 10f27aba..931d7919 100644
--- a/arch/microblaze/bits/syscall.h.in
+++ b/arch/microblaze/bits/syscall.h.in
@@ -434,4 +434,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/mips/bits/syscall.h.in b/arch/mips/bits/syscall.h.in
index 1d0deed3..63e3503a 100644
--- a/arch/mips/bits/syscall.h.in
+++ b/arch/mips/bits/syscall.h.in
@@ -415,4 +415,7 @@
#define __NR_process_madvise 4440
#define __NR_epoll_pwait2 4441
#define __NR_mount_setattr 4442
+#define __NR_landlock_create_ruleset 4444
+#define __NR_landlock_add_rule 4445
+#define __NR_landlock_restrict_self 4446
diff --git a/arch/mips64/bits/syscall.h.in b/arch/mips64/bits/syscall.h.in
index b1b83f5f..b89965d1 100644
--- a/arch/mips64/bits/syscall.h.in
+++ b/arch/mips64/bits/syscall.h.in
@@ -345,4 +345,7 @@
#define __NR_process_madvise 5440
#define __NR_epoll_pwait2 5441
#define __NR_mount_setattr 5442
+#define __NR_landlock_create_ruleset 5444
+#define __NR_landlock_add_rule 5445
+#define __NR_landlock_restrict_self 5446
diff --git a/arch/mipsn32/bits/syscall.h.in b/arch/mipsn32/bits/syscall.h.in
index bfaa080e..bb2d04a8 100644
--- a/arch/mipsn32/bits/syscall.h.in
+++ b/arch/mipsn32/bits/syscall.h.in
@@ -369,4 +369,7 @@
#define __NR_process_madvise 6440
#define __NR_epoll_pwait2 6441
#define __NR_mount_setattr 6442
+#define __NR_landlock_create_ruleset 6444
+#define __NR_landlock_add_rule 6445
+#define __NR_landlock_restrict_self 6446
diff --git a/arch/or1k/bits/syscall.h.in b/arch/or1k/bits/syscall.h.in
index 3c60eda9..2b5f2052 100644
--- a/arch/or1k/bits/syscall.h.in
+++ b/arch/or1k/bits/syscall.h.in
@@ -318,4 +318,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/powerpc/bits/syscall.h.in b/arch/powerpc/bits/syscall.h.in
index 33e26e4b..b1605a58 100644
--- a/arch/powerpc/bits/syscall.h.in
+++ b/arch/powerpc/bits/syscall.h.in
@@ -422,4 +422,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/powerpc64/bits/syscall.h.in b/arch/powerpc64/bits/syscall.h.in
index 38bb23cb..b3a8fba0 100644
--- a/arch/powerpc64/bits/syscall.h.in
+++ b/arch/powerpc64/bits/syscall.h.in
@@ -394,4 +394,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/riscv64/bits/syscall.h.in b/arch/riscv64/bits/syscall.h.in
index a9cbfb50..b534afe8 100644
--- a/arch/riscv64/bits/syscall.h.in
+++ b/arch/riscv64/bits/syscall.h.in
@@ -296,6 +296,9 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
#define __NR_sysriscv __NR_arch_specific_syscall
#define __NR_riscv_flush_icache (__NR_sysriscv + 15)
diff --git a/arch/s390x/bits/syscall.h.in b/arch/s390x/bits/syscall.h.in
index 88de5148..dfc38479 100644
--- a/arch/s390x/bits/syscall.h.in
+++ b/arch/s390x/bits/syscall.h.in
@@ -359,4 +359,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/sh/bits/syscall.h.in b/arch/sh/bits/syscall.h.in
index 1a900264..ff14f54d 100644
--- a/arch/sh/bits/syscall.h.in
+++ b/arch/sh/bits/syscall.h.in
@@ -406,4 +406,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446
diff --git a/arch/x32/bits/syscall.h.in b/arch/x32/bits/syscall.h.in
index d90cb157..5d22fa17 100644
--- a/arch/x32/bits/syscall.h.in
+++ b/arch/x32/bits/syscall.h.in
@@ -305,6 +305,9 @@
#define __NR_process_madvise (0x40000000 + 440)
#define __NR_epoll_pwait2 (0x40000000 + 441)
#define __NR_mount_setattr (0x40000000 + 442)
+#define __NR_landlock_create_ruleset (0x40000000 + 444)
+#define __NR_landlock_add_rule (0x40000000 + 445)
+#define __NR_landlock_restrict_self (0x40000000 + 446)
#define __NR_rt_sigaction (0x40000000 + 512)
diff --git a/arch/x86_64/bits/syscall.h.in b/arch/x86_64/bits/syscall.h.in
index 634e29fd..c3882de7 100644
--- a/arch/x86_64/bits/syscall.h.in
+++ b/arch/x86_64/bits/syscall.h.in
@@ -352,4 +352,7 @@
#define __NR_process_madvise 440
#define __NR_epoll_pwait2 441
#define __NR_mount_setattr 442
+#define __NR_landlock_create_ruleset 444
+#define __NR_landlock_add_rule 445
+#define __NR_landlock_restrict_self 446