diff options
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/linux/landlock.txt | 2 | ||||
| -rw-r--r-- | sys/linux/landlock.txt.const | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/sys/linux/landlock.txt b/sys/linux/landlock.txt index baeb308fc..abde9c3d3 100644 --- a/sys/linux/landlock.txt +++ b/sys/linux/landlock.txt @@ -38,6 +38,6 @@ landlock_restrict_self_flags = LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF, LANDLOC landlock_access_fs_flags = LANDLOCK_ACCESS_FS_EXECUTE, LANDLOCK_ACCESS_FS_WRITE_FILE, LANDLOCK_ACCESS_FS_READ_FILE, LANDLOCK_ACCESS_FS_READ_DIR, LANDLOCK_ACCESS_FS_REMOVE_DIR, LANDLOCK_ACCESS_FS_REMOVE_FILE, LANDLOCK_ACCESS_FS_MAKE_CHAR, LANDLOCK_ACCESS_FS_MAKE_DIR, LANDLOCK_ACCESS_FS_MAKE_REG, LANDLOCK_ACCESS_FS_MAKE_SOCK, LANDLOCK_ACCESS_FS_MAKE_FIFO, LANDLOCK_ACCESS_FS_MAKE_BLOCK, LANDLOCK_ACCESS_FS_MAKE_SYM, LANDLOCK_ACCESS_FS_REFER, LANDLOCK_ACCESS_FS_TRUNCATE, LANDLOCK_ACCESS_FS_IOCTL_DEV -landlock_access_net_flags = LANDLOCK_ACCESS_NET_BIND_TCP, LANDLOCK_ACCESS_NET_CONNECT_TCP +landlock_access_net_flags = LANDLOCK_ACCESS_NET_BIND_TCP, LANDLOCK_ACCESS_NET_CONNECT_TCP, LANDLOCK_ACCESS_NET_BIND_UDP, LANDLOCK_ACCESS_NET_CONNECT_UDP, LANDLOCK_ACCESS_NET_SENDTO_UDP landlock_scope_flags = LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET, LANDLOCK_SCOPE_SIGNAL, LANDLOCK_SCOPE_PATHNAME_UNIX_SOCKET diff --git a/sys/linux/landlock.txt.const b/sys/linux/landlock.txt.const index 6f0a8d6d1..9334e5987 100644 --- a/sys/linux/landlock.txt.const +++ b/sys/linux/landlock.txt.const @@ -17,7 +17,10 @@ LANDLOCK_ACCESS_FS_REMOVE_FILE = 32 LANDLOCK_ACCESS_FS_TRUNCATE = 16384 LANDLOCK_ACCESS_FS_WRITE_FILE = 2 LANDLOCK_ACCESS_NET_BIND_TCP = 1 +LANDLOCK_ACCESS_NET_BIND_UDP = 4 LANDLOCK_ACCESS_NET_CONNECT_TCP = 2 +LANDLOCK_ACCESS_NET_CONNECT_UDP = 8 +LANDLOCK_ACCESS_NET_SENDTO_UDP = 16 LANDLOCK_CREATE_RULESET_ERRATA = 2 LANDLOCK_CREATE_RULESET_VERSION = 1 LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON = 2 |