sys/linux: add Landlock syscall flags

Add the new LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF, LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON, and LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_ON flags for landlock_restrict_self(2) from Linux 6.15 (audit support for Landlock). Also add the LANDLOCK_CREATE_RULESET_VERSION and LANDLOCK_CREATE_RULESET_ERRATA flags for landlock_create_ruleset(2). Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
author: Mickaël Salaün <mic@linux.microsoft.com> 2025-02-14 09:56:20 +0100
committer: Aleksandr Nogikh <nogikh@google.com> 2025-03-21 17:21:41 +0000
commit: c6512ef73a66c56765fe73422ce54003ede8c0cd (patch)
tree: 02bc314304f05749df7629fb93983aabb771f89e /sys/linux/landlock.txt.const
parent: 623305521a130ee29d32df86af67c671c60f61af (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/sys/linux/landlock.txt.const b/sys/linux/landlock.txt.const
index 142c76bf1..23b776c46 100644
--- a/sys/linux/landlock.txt.const
+++ b/sys/linux/landlock.txt.const
@@ -18,6 +18,11 @@ LANDLOCK_ACCESS_FS_TRUNCATE = 16384
 LANDLOCK_ACCESS_FS_WRITE_FILE = 2
 LANDLOCK_ACCESS_NET_BIND_TCP = 1
 LANDLOCK_ACCESS_NET_CONNECT_TCP = 2
+LANDLOCK_CREATE_RULESET_ERRATA = 2
+LANDLOCK_CREATE_RULESET_VERSION = 1
+LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON = 2
+LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF = 1
+LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF = 4
 LANDLOCK_RULE_NET_PORT = 2
 LANDLOCK_RULE_PATH_BENEATH = 1
 LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET = 1
author	Mickaël Salaün <mic@linux.microsoft.com>	2025-02-14 09:56:20 +0100
committer	Aleksandr Nogikh <nogikh@google.com>	2025-03-21 17:21:41 +0000
commit	c6512ef73a66c56765fe73422ce54003ede8c0cd (patch)
tree	02bc314304f05749df7629fb93983aabb771f89e /sys/linux/landlock.txt.const
parent	623305521a130ee29d32df86af67c671c60f61af (diff)