diff options
| author | Omar Polo <op@omarpolo.com> | 2021-09-19 17:08:12 +0000 |
|---|---|---|
| committer | Omar Polo <op@omarpolo.com> | 2021-09-19 17:08:12 +0000 |
| commit | 4c31de2915cd2ef3e7d5463bde48cf9064c89d20 (patch) | |
| tree | 701943cf2c8e610445c2de8d760391ccb5159923 /landlock_shim.h | |
| parent | fba809b5c775fd4d3c28a012259ee3b1908d4e40 (diff) | |
add configure check and shim for landlock
First move towards landlock support (#3). The shim is needed until
libc provides the proper wrappers for the landlock APIs; I hope it
doesn't take too long, but landlock was merged back in May and are
still missing.
Diffstat (limited to 'landlock_shim.h')
| -rw-r--r-- | landlock_shim.h | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/landlock_shim.h b/landlock_shim.h new file mode 100644 index 0000000..1ffa6c2 --- /dev/null +++ b/landlock_shim.h @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2021 Omar Polo <op@omarpolo.com> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * What's the deal with landlock? While distro with linux >= 5.13 + * have the struct declarations, it seems that the glibc (or whatever) + * wrappers are missing. The sample landlock code provided by the + * authors includes these "shims" for the landlock API until libc + * provides them. + * + * Linux is such a mess sometimes. /rant + */ + +#ifndef LANDLOCK_SHIM_H +#define LANDLOCK_SHIM_H + +#include <linux/landlock.h> +#include <linux/prctl.h> + +#include <sys/prctl.h> +#include <sys/stat.h> +#include <sys/syscall.h> + +#include <unistd.h> + +#ifndef landlock_create_ruleset +static inline int +landlock_create_ruleset(const struct landlock_ruleset_attr *attr, size_t size, + __u32 flags) +{ + return syscall(__NR_landlock_create_ruleset, attr, size, flags); +} +#endif + +#ifndef landlock_add_rule +static inline int +landlock_add_rule(int ruleset_fd, enum landlock_rule_type type, + const void *attr, __u32 flags) +{ + return syscall(__NR_landlock_add_rule, ruleset_fd, type, attr, flags); +} +#endif + +#ifndef landlock_restrict_self +static inline int +landlock_restrict_self(int ruleset_fd, __u32 flags) +{ + return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); +} +#endif + +#endif /* LANDLOCK_SHIM_H */ |