Skip to main content

sandlock_core/
lib.rs

1pub mod error;
2pub mod http;
3pub mod sandbox;     // formerly `policy`; contains Sandbox + SandboxBuilder + Confinement
4pub mod profile;
5pub mod result;
6pub mod process;     // runtime helpers (is_nested, CONFINED); SandboxProcess removed
7pub(crate) mod arch;
8pub(crate) mod sys;
9pub mod landlock;
10pub mod seccomp;
11pub(crate) mod resource;
12pub(crate) mod network;
13pub mod context;
14pub(crate) mod vdso;
15pub(crate) mod random;
16pub(crate) mod time;
17pub(crate) mod cow;
18pub(crate) mod checkpoint;
19pub(crate) mod freeze;
20pub mod netlink;
21pub(crate) mod procfs;
22pub(crate) mod port_remap;
23pub mod pipeline;
24pub mod policy_fn;
25pub mod image;
26pub mod fork;
27pub(crate) mod chroot;
28pub mod dry_run;
29pub(crate) mod http_acl;
30
31pub use error::SandlockError;
32pub use sys::structs::{SeccompData, SeccompNotif};
33pub use checkpoint::Checkpoint;
34pub use sandbox::{Confinement, ConfinementBuilder, Sandbox, SandboxBuilder};
35pub use result::{RunResult, ExitStatus};
36pub use pipeline::{Stage, Pipeline, Gather};
37pub use dry_run::{Change, ChangeKind, DryRunResult};
38// Sectioned-profile parsing types: ProfileInput is the top-level deserialization
39// target; ProgramSpec carries [program].exec/args (not a Sandbox field).
40pub use crate::profile::{ProfileInput, ProgramSpec};
41
42// Public extension API — see docs/extension-handlers.md.
43pub use seccomp::dispatch::{Handler, HandlerCtx, HandlerError};
44pub use seccomp::syscall::{Syscall, SyscallError};
45
46/// Query the Landlock ABI version supported by the running kernel.
47pub fn landlock_abi_version() -> Result<u32, error::ConfinementError> {
48    landlock::abi_version()
49}
50
51/// Minimum Landlock ABI version required by sandlock.
52pub const MIN_LANDLOCK_ABI: u32 = landlock::MIN_ABI;
53
54/// Confine the calling process with Landlock restrictions.
55///
56/// This applies `PR_SET_NO_NEW_PRIVS` and Landlock rules from the sandbox's
57/// filesystem fields. IPC and signal isolation are always enabled. The
58/// confinement is **irreversible**.
59///
60/// This does NOT fork or exec — it confines the current process in-place.
61pub fn confine(confinement: &Confinement) -> Result<(), SandlockError> {
62    // Set NO_NEW_PRIVS (required for Landlock)
63    if unsafe { libc::prctl(libc::PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) } != 0 {
64        return Err(SandlockError::Runtime(
65            error::SandboxRuntimeError::Confinement(
66                error::ConfinementError::Landlock(format!(
67                    "prctl(PR_SET_NO_NEW_PRIVS): {}",
68                    std::io::Error::last_os_error()
69                ))
70            )
71        ));
72    }
73
74    let mut builder = Sandbox::builder();
75    for path in &confinement.fs_readable {
76        builder = builder.fs_read(path.clone());
77    }
78    for path in &confinement.fs_writable {
79        builder = builder.fs_write(path.clone());
80    }
81    let stripped = builder.build()?;
82
83    // Apply Landlock filesystem rules.
84    landlock::confine_filesystem(&stripped)
85}