diff options
| author | Mickaël Salaün <mic@linux.microsoft.com> | 2023-10-10 18:28:59 +0200 |
|---|---|---|
| committer | Aleksandr Nogikh <nogikh@google.com> | 2023-10-13 13:15:32 +0000 |
| commit | 2f3c16ff202947ee7671f5b36c2cd294449ff26f (patch) | |
| tree | 34284618dc5d7d58c946c2eae031cb80f3766651 /sys/linux/landlock.txt.const | |
| parent | 6388bc36373b7e4e4dbac9101b34007e839a74bd (diff) | |
sys/linux: add the Landlock network rule type and access rights
Add the new lanlock_net_port_attr struct and related
LANDLOCK_ACCESS_NET_{BIND,CONNECT}_TCP flags for TCP access control.
Add landlock_ruleset_attr's handled_access_net field and fix
handled_access_fs name.
Update tests with the new landlock_ruleset_attr's handled_access_net
field.
Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
Diffstat (limited to 'sys/linux/landlock.txt.const')
| -rw-r--r-- | sys/linux/landlock.txt.const | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/linux/landlock.txt.const b/sys/linux/landlock.txt.const index b5fac871b..3c09a0589 100644 --- a/sys/linux/landlock.txt.const +++ b/sys/linux/landlock.txt.const @@ -15,6 +15,9 @@ LANDLOCK_ACCESS_FS_REMOVE_DIR = 16 LANDLOCK_ACCESS_FS_REMOVE_FILE = 32 LANDLOCK_ACCESS_FS_TRUNCATE = 16384 LANDLOCK_ACCESS_FS_WRITE_FILE = 2 +LANDLOCK_ACCESS_NET_BIND_TCP = 1 +LANDLOCK_ACCESS_NET_CONNECT_TCP = 2 +LANDLOCK_RULE_NET_PORT = 2 LANDLOCK_RULE_PATH_BENEATH = 1 __NR_landlock_add_rule = 445, mips64le:5445 __NR_landlock_create_ruleset = 444, mips64le:5444 |