sandlock_core/
lib.rs

1pub mod error;
2pub mod http;
3pub mod sandbox;     // formerly `policy`; contains Sandbox + SandboxBuilder + Confinement
4pub mod profile;
5pub mod result;
6pub(crate) mod arch;
7pub(crate) mod sys;
8pub mod landlock;
9pub mod seccomp;
10pub(crate) mod resource;
11pub(crate) mod network;
12pub mod context;
13pub(crate) mod vdso;
14pub(crate) mod random;
15pub(crate) mod time;
16pub(crate) mod cow;
17pub(crate) mod checkpoint;
18pub(crate) mod freeze;
19pub mod netlink;
20pub(crate) mod procfs;
21pub(crate) mod port_remap;
22pub mod pipeline;
23pub mod policy_fn;
24pub mod image;
25pub mod fork;
26pub(crate) mod chroot;
27pub mod dry_run;
28pub(crate) mod http_acl;
29
30pub use error::SandlockError;
31pub use sys::structs::{SeccompData, SeccompNotif};
32pub use checkpoint::Checkpoint;
33pub use sandbox::{Confinement, ConfinementBuilder, Sandbox, SandboxBuilder};
34pub use result::{RunResult, ExitStatus};
35pub use pipeline::{Stage, Pipeline, Gather};
36pub use dry_run::{Change, ChangeKind, DryRunResult};
37// Sectioned-profile parsing types: ProfileInput is the top-level deserialization
38// target; ProgramSpec carries [program].exec/args (not a Sandbox field).
39pub use crate::profile::{ProfileInput, ProgramSpec};
40
41// Public extension API — see docs/extension-handlers.md.
42pub use seccomp::dispatch::{Handler, HandlerCtx, HandlerError};
43pub use seccomp::syscall::{Syscall, SyscallError};
44
45/// Query the Landlock ABI version supported by the running kernel.
46pub fn landlock_abi_version() -> Result<u32, error::ConfinementError> {
47    landlock::abi_version()
48}
49
50/// Minimum Landlock ABI version required by sandlock.
51pub const MIN_LANDLOCK_ABI: u32 = landlock::MIN_ABI;
52
53/// Confine the calling process with Landlock restrictions.
54///
55/// This applies `PR_SET_NO_NEW_PRIVS` and Landlock rules from the sandbox's
56/// filesystem fields. IPC and signal isolation are always enabled. The
57/// confinement is **irreversible**.
58///
59/// This does NOT fork or exec — it confines the current process in-place.
60pub fn confine(confinement: &Confinement) -> Result<(), SandlockError> {
61    // Set NO_NEW_PRIVS (required for Landlock)
62    if unsafe { libc::prctl(libc::PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) } != 0 {
63        return Err(SandlockError::Runtime(
64            error::SandboxRuntimeError::Confinement(
65                error::ConfinementError::Landlock(format!(
66                    "prctl(PR_SET_NO_NEW_PRIVS): {}",
67                    std::io::Error::last_os_error()
68                ))
69            )
70        ));
71    }
72
73    let mut builder = Sandbox::builder();
74    for path in &confinement.fs_readable {
75        builder = builder.fs_read(path.clone());
76    }
77    for path in &confinement.fs_writable {
78        builder = builder.fs_write(path.clone());
79    }
80    let stripped = builder.build()?;
81
82    // Apply Landlock filesystem rules.
83    landlock::confine_filesystem(&stripped)
84}
sandlock_core/lib.rs

sandlock_core/
lib.rs
