summaryrefslogtreecommitdiff
path: root/arch/x32
diff options
context:
space:
mode:
authorSzabolcs Nagy <nsz@port70.net>2021-07-04 16:34:15 +0000
committerRich Felker <dalias@aerifal.cx>2022-03-08 17:21:14 -0500
commitee05b11b67d59a6c5bb4b9d661bcc20bbd0bbe7a (patch)
treea3d584b3ac147cdb3013a7c7c905484781e3ad16 /arch/x32
parent1ee8109ea01c4ac79e7932a533fead96309f80f3 (diff)
downloadmusl-ee05b11b67d59a6c5bb4b9d661bcc20bbd0bbe7a.tar.gz
bits/syscall.h: add landlock syscalls from linux v5.13
see linux commit a49f4f81cb48925e8d7cbd9e59068f516e984144 arch: Wire up Landlock syscalls linuxcommit 17ae69aba89dbfa2139b7f8024b757ab3cc42f59 Merge tag 'landlock_v34' of ... jmorris/linux-security Landlock provides for unprivileged application sandboxing. The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Landlock is inspired by seccomp-bpf but instead of filtering syscalls and their raw arguments, a Landlock rule can restrict the use of kernel objects like file hierarchies, according to the kernel semantic.
Diffstat (limited to 'arch/x32')
-rw-r--r--arch/x32/bits/syscall.h.in3
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/x32/bits/syscall.h.in b/arch/x32/bits/syscall.h.in
index d90cb157..5d22fa17 100644
--- a/arch/x32/bits/syscall.h.in
+++ b/arch/x32/bits/syscall.h.in
@@ -305,6 +305,9 @@
#define __NR_process_madvise (0x40000000 + 440)
#define __NR_epoll_pwait2 (0x40000000 + 441)
#define __NR_mount_setattr (0x40000000 + 442)
+#define __NR_landlock_create_ruleset (0x40000000 + 444)
+#define __NR_landlock_add_rule (0x40000000 + 445)
+#define __NR_landlock_restrict_self (0x40000000 + 446)
#define __NR_rt_sigaction (0x40000000 + 512)