aboutsummaryrefslogtreecommitdiffstats
path: root/sys/linux/landlock.txt
Commit message (Collapse)AuthorAgeFilesLines
* sys/linux: add Landlock syscall flagsMickaël Salaün2025-03-211-2/+6
| | | | | | | | | | | | Add the new LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF, LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON, and LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_ON flags for landlock_restrict_self(2) from Linux 6.15 (audit support for Landlock). Also add the LANDLOCK_CREATE_RULESET_VERSION and LANDLOCK_CREATE_RULESET_ERRATA flags for landlock_create_ruleset(2). Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: add Landlock scopes for Linux 6.12Mickaël Salaün2024-09-301-0/+3
| | | | | | | | | | Add new the landlock_ruleset_attr's "scoped" field and related flags for Linux 6.12: LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET and LANDLOCK_SCOPE_SIGNAL. Update tests with the new landlock_ruleset_attr's field. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: run make extractAlexander Potapenko2024-05-151-0/+3
| | | | | | | | | Make the following changes for extraction to succeed: - drop the KVM API constants for features removed in 6.9; - hardcode the three TUNNEL_*_OPT constants that cannot be extracted due to a header change; - hardcode the HCI_OP_* constants removed in 99fca36c8b412 ("Bluetooth: HCI: Remove HCI_AMP support"); - hardcode the L2CAP_* constants removed in e7b02296fb40 ("Bluetooth: Remove BT_HS"); - hardcode LANDLOCK_ACCESS_FS_IOCTL_DEV until it hits upstream.
* sys/linux: update the Landlock IOCTL access rightMickaël Salaün2024-04-291-1/+1
| | | | | | | We renamed LANDLOCK_ACCESS_FS_IOCTL to LANDLOCK_ACCESS_FS_IOCTL_DEV, but the value is still the same. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: add the Landlock IOCTL access rightMickaël Salaün2023-12-181-1/+1
| | | | | | | | | Add the new LANDLOCK_ACCESS_FS_IOCTL right. Sort access rights according to their value to ease tracking of new access rights. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: add the Landlock network rule type and access rightsMickaël Salaün2023-10-131-3/+15
| | | | | | | | | | | | | Add the new lanlock_net_port_attr struct and related LANDLOCK_ACCESS_NET_{BIND,CONNECT}_TCP flags for TCP access control. Add landlock_ruleset_attr's handled_access_net field and fix handled_access_fs name. Update tests with the new landlock_ruleset_attr's handled_access_net field. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: add the Landlock truncate access flagMickaël Salaün2022-10-061-1/+1
| | | | | | | Add the new LANDLOCK_ACCESS_FS_TRUNCATE flag for the file truncation handling. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: add the Landlock refer access flagMickaël Salaün2022-05-101-1/+1
| | | | | | | Add the new LANDLOCK_ACCESS_FS_REFER flag for the full link and rename handling. Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
* sys/linux: add Landlock syscallsMickaël Salaün2021-03-191-0/+21
Based on Linux next-20210319: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f00397ee41c79b6155b9b44abd0055b2c0621349 Co-developed-by: Vincent Dagonneau <vincent.dagonneau@ssi.gouv.fr> Signed-off-by: Vincent Dagonneau <vincent.dagonneau@ssi.gouv.fr> Signed-off-by: Mickaël Salaün <mic@linux.microsoft.com>
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 21:25:26 +0000