landlock/uapi/
mod.rs

1// SPDX-License-Identifier: Apache-2.0 OR MIT
2
3// Use architecture-specific bindings for native x86_64 and x86 architectures.
4// They contain minimal Landlock-only bindings with layout tests.
5#[allow(dead_code)]
6#[allow(non_camel_case_types)]
7#[allow(non_snake_case)]
8#[allow(non_upper_case_globals)]
9#[cfg(target_arch = "x86_64")]
10#[path = "landlock_x86_64.rs"]
11mod landlock;
12
13#[allow(dead_code)]
14#[allow(non_camel_case_types)]
15#[allow(non_snake_case)]
16#[allow(non_upper_case_globals)]
17#[cfg(target_arch = "x86")]
18#[path = "landlock_i686.rs"]
19mod landlock;
20
21// For all other architectures, use the architecture-agnostic landlock_all.rs
22// bindings without layout tests.
23#[allow(dead_code)]
24#[allow(non_camel_case_types)]
25#[allow(non_snake_case)]
26#[allow(non_upper_case_globals)]
27#[cfg(not(any(target_arch = "x86_64", target_arch = "x86")))]
28#[path = "landlock_all.rs"]
29mod landlock;
30
31#[rustfmt::skip]
32pub use self::landlock::{
33    landlock_net_port_attr,
34    landlock_path_beneath_attr,
35    landlock_rule_type,
36    landlock_rule_type_LANDLOCK_RULE_NET_PORT,
37    landlock_rule_type_LANDLOCK_RULE_PATH_BENEATH,
38    landlock_ruleset_attr,
39    LANDLOCK_ACCESS_FS_EXECUTE,
40    LANDLOCK_ACCESS_FS_WRITE_FILE,
41    LANDLOCK_ACCESS_FS_READ_FILE,
42    LANDLOCK_ACCESS_FS_READ_DIR,
43    LANDLOCK_ACCESS_FS_REMOVE_DIR,
44    LANDLOCK_ACCESS_FS_REMOVE_FILE,
45    LANDLOCK_ACCESS_FS_MAKE_CHAR,
46    LANDLOCK_ACCESS_FS_MAKE_DIR,
47    LANDLOCK_ACCESS_FS_MAKE_REG,
48    LANDLOCK_ACCESS_FS_MAKE_SOCK,
49    LANDLOCK_ACCESS_FS_MAKE_FIFO,
50    LANDLOCK_ACCESS_FS_MAKE_BLOCK,
51    LANDLOCK_ACCESS_FS_MAKE_SYM,
52    LANDLOCK_ACCESS_FS_REFER,
53    LANDLOCK_ACCESS_FS_TRUNCATE,
54    LANDLOCK_ACCESS_FS_IOCTL_DEV,
55    LANDLOCK_ACCESS_NET_BIND_TCP,
56    LANDLOCK_ACCESS_NET_CONNECT_TCP,
57    LANDLOCK_CREATE_RULESET_VERSION,
58    LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET,
59    LANDLOCK_SCOPE_SIGNAL,
60};
61
62use libc::{
63    __u32, c_int, c_void, size_t, syscall, SYS_landlock_add_rule, SYS_landlock_create_ruleset,
64    SYS_landlock_restrict_self,
65};
66
67#[rustfmt::skip]
68pub unsafe fn landlock_create_ruleset(attr: *const landlock_ruleset_attr, size: size_t,
69                                      flags: __u32) -> c_int {
70    syscall(SYS_landlock_create_ruleset, attr, size, flags) as c_int
71}
72
73#[rustfmt::skip]
74pub unsafe fn landlock_add_rule(ruleset_fd: c_int, rule_type: landlock_rule_type,
75                                rule_attr: *const c_void, flags: __u32) -> c_int {
76    syscall(SYS_landlock_add_rule, ruleset_fd, rule_type, rule_attr, flags) as c_int
77}
78
79pub unsafe fn landlock_restrict_self(ruleset_fd: c_int, flags: __u32) -> c_int {
80    syscall(SYS_landlock_restrict_self, ruleset_fd, flags) as c_int
81}
landlock/uapi/mod.rs

landlock/uapi/
mod.rs
