Skip to content

Commit 10db0ea

Browse files
puppymatipuppymati
authored
Add landlock api (#135)
* Add landlock api * Move landlock api to it's own module
1 parent 4f90f6a commit 10db0ea

21 files changed

Lines changed: 1883 additions & 1 deletion

File tree

Cargo.toml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ static_assertions = "1.1.0"
2121
libc = "0.2.100"
2222

2323
[package.metadata.docs.rs]
24-
features = ["default", "bootparam", "btrfs", "ioctl", "netlink", "io_uring", "if_arp", "if_ether", "if_packet", "net", "prctl", "elf", "xdp", "mempolicy", "system", "loop_device"]
24+
features = ["default", "bootparam", "btrfs", "ioctl", "landlock", "netlink", "io_uring", "if_arp", "if_ether", "if_packet", "net", "prctl", "elf", "xdp", "mempolicy", "system", "loop_device"]
2525
targets = ["x86_64-unknown-linux-gnu", "i686-unknown-linux-gnu"]
2626

2727
[lints.rust.unexpected_cfgs]
@@ -41,6 +41,7 @@ if_ether = []
4141
if_packet = []
4242
io_uring = []
4343
ioctl = []
44+
landlock = []
4445
loop_device = []
4546
mempolicy = []
4647
net = []

gen/modules/landlock.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
#include <linux/landlock.h>

src/aarch64/landlock.rs

Lines changed: 97 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,97 @@
1+
/* automatically generated by rust-bindgen 0.70.1 */
2+
3+
pub type __s8 = crate::ctypes::c_schar;
4+
pub type __u8 = crate::ctypes::c_uchar;
5+
pub type __s16 = crate::ctypes::c_short;
6+
pub type __u16 = crate::ctypes::c_ushort;
7+
pub type __s32 = crate::ctypes::c_int;
8+
pub type __u32 = crate::ctypes::c_uint;
9+
pub type __s64 = crate::ctypes::c_longlong;
10+
pub type __u64 = crate::ctypes::c_ulonglong;
11+
pub type __kernel_key_t = crate::ctypes::c_int;
12+
pub type __kernel_mqd_t = crate::ctypes::c_int;
13+
pub type __kernel_old_uid_t = crate::ctypes::c_ushort;
14+
pub type __kernel_old_gid_t = crate::ctypes::c_ushort;
15+
pub type __kernel_long_t = crate::ctypes::c_long;
16+
pub type __kernel_ulong_t = crate::ctypes::c_ulong;
17+
pub type __kernel_ino_t = __kernel_ulong_t;
18+
pub type __kernel_mode_t = crate::ctypes::c_uint;
19+
pub type __kernel_pid_t = crate::ctypes::c_int;
20+
pub type __kernel_ipc_pid_t = crate::ctypes::c_int;
21+
pub type __kernel_uid_t = crate::ctypes::c_uint;
22+
pub type __kernel_gid_t = crate::ctypes::c_uint;
23+
pub type __kernel_suseconds_t = __kernel_long_t;
24+
pub type __kernel_daddr_t = crate::ctypes::c_int;
25+
pub type __kernel_uid32_t = crate::ctypes::c_uint;
26+
pub type __kernel_gid32_t = crate::ctypes::c_uint;
27+
pub type __kernel_old_dev_t = crate::ctypes::c_uint;
28+
pub type __kernel_size_t = __kernel_ulong_t;
29+
pub type __kernel_ssize_t = __kernel_long_t;
30+
pub type __kernel_ptrdiff_t = __kernel_long_t;
31+
pub type __kernel_off_t = __kernel_long_t;
32+
pub type __kernel_loff_t = crate::ctypes::c_longlong;
33+
pub type __kernel_old_time_t = __kernel_long_t;
34+
pub type __kernel_time_t = __kernel_long_t;
35+
pub type __kernel_time64_t = crate::ctypes::c_longlong;
36+
pub type __kernel_clock_t = __kernel_long_t;
37+
pub type __kernel_timer_t = crate::ctypes::c_int;
38+
pub type __kernel_clockid_t = crate::ctypes::c_int;
39+
pub type __kernel_caddr_t = *mut crate::ctypes::c_char;
40+
pub type __kernel_uid16_t = crate::ctypes::c_ushort;
41+
pub type __kernel_gid16_t = crate::ctypes::c_ushort;
42+
pub type __s128 = i128;
43+
pub type __u128 = u128;
44+
pub type __le16 = __u16;
45+
pub type __be16 = __u16;
46+
pub type __le32 = __u32;
47+
pub type __be32 = __u32;
48+
pub type __le64 = __u64;
49+
pub type __be64 = __u64;
50+
pub type __sum16 = __u16;
51+
pub type __wsum = __u32;
52+
pub type __poll_t = crate::ctypes::c_uint;
53+
#[repr(C)]
54+
#[derive(Debug, Copy, Clone)]
55+
pub struct landlock_ruleset_attr {
56+
pub handled_access_fs: __u64,
57+
pub handled_access_net: __u64,
58+
}
59+
#[repr(C, packed)]
60+
#[derive(Debug, Copy, Clone)]
61+
pub struct landlock_path_beneath_attr {
62+
pub allowed_access: __u64,
63+
pub parent_fd: __s32,
64+
}
65+
#[repr(C)]
66+
#[derive(Debug, Copy, Clone)]
67+
pub struct landlock_net_port_attr {
68+
pub allowed_access: __u64,
69+
pub port: __u64,
70+
}
71+
pub const __BITS_PER_LONG_LONG: u32 = 64;
72+
pub const LANDLOCK_CREATE_RULESET_VERSION: u32 = 1;
73+
pub const LANDLOCK_ACCESS_FS_EXECUTE: u32 = 1;
74+
pub const LANDLOCK_ACCESS_FS_WRITE_FILE: u32 = 2;
75+
pub const LANDLOCK_ACCESS_FS_READ_FILE: u32 = 4;
76+
pub const LANDLOCK_ACCESS_FS_READ_DIR: u32 = 8;
77+
pub const LANDLOCK_ACCESS_FS_REMOVE_DIR: u32 = 16;
78+
pub const LANDLOCK_ACCESS_FS_REMOVE_FILE: u32 = 32;
79+
pub const LANDLOCK_ACCESS_FS_MAKE_CHAR: u32 = 64;
80+
pub const LANDLOCK_ACCESS_FS_MAKE_DIR: u32 = 128;
81+
pub const LANDLOCK_ACCESS_FS_MAKE_REG: u32 = 256;
82+
pub const LANDLOCK_ACCESS_FS_MAKE_SOCK: u32 = 512;
83+
pub const LANDLOCK_ACCESS_FS_MAKE_FIFO: u32 = 1024;
84+
pub const LANDLOCK_ACCESS_FS_MAKE_BLOCK: u32 = 2048;
85+
pub const LANDLOCK_ACCESS_FS_MAKE_SYM: u32 = 4096;
86+
pub const LANDLOCK_ACCESS_FS_REFER: u32 = 8192;
87+
pub const LANDLOCK_ACCESS_FS_TRUNCATE: u32 = 16384;
88+
pub const LANDLOCK_ACCESS_FS_IOCTL_DEV: u32 = 32768;
89+
pub const LANDLOCK_ACCESS_NET_BIND_TCP: u32 = 1;
90+
pub const LANDLOCK_ACCESS_NET_CONNECT_TCP: u32 = 2;
91+
#[repr(u32)]
92+
#[non_exhaustive]
93+
#[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
94+
pub enum landlock_rule_type {
95+
LANDLOCK_RULE_PATH_BENEATH = 1,
96+
LANDLOCK_RULE_NET_PORT = 2,
97+
}

src/arm/landlock.rs

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
/* automatically generated by rust-bindgen 0.70.1 */
2+
3+
pub type __s8 = crate::ctypes::c_schar;
4+
pub type __u8 = crate::ctypes::c_uchar;
5+
pub type __s16 = crate::ctypes::c_short;
6+
pub type __u16 = crate::ctypes::c_ushort;
7+
pub type __s32 = crate::ctypes::c_int;
8+
pub type __u32 = crate::ctypes::c_uint;
9+
pub type __s64 = crate::ctypes::c_longlong;
10+
pub type __u64 = crate::ctypes::c_ulonglong;
11+
pub type __kernel_key_t = crate::ctypes::c_int;
12+
pub type __kernel_mqd_t = crate::ctypes::c_int;
13+
pub type __kernel_mode_t = crate::ctypes::c_ushort;
14+
pub type __kernel_ipc_pid_t = crate::ctypes::c_ushort;
15+
pub type __kernel_uid_t = crate::ctypes::c_ushort;
16+
pub type __kernel_gid_t = crate::ctypes::c_ushort;
17+
pub type __kernel_old_dev_t = crate::ctypes::c_ushort;
18+
pub type __kernel_long_t = crate::ctypes::c_long;
19+
pub type __kernel_ulong_t = crate::ctypes::c_ulong;
20+
pub type __kernel_ino_t = __kernel_ulong_t;
21+
pub type __kernel_pid_t = crate::ctypes::c_int;
22+
pub type __kernel_suseconds_t = __kernel_long_t;
23+
pub type __kernel_daddr_t = crate::ctypes::c_int;
24+
pub type __kernel_uid32_t = crate::ctypes::c_uint;
25+
pub type __kernel_gid32_t = crate::ctypes::c_uint;
26+
pub type __kernel_old_uid_t = __kernel_uid_t;
27+
pub type __kernel_old_gid_t = __kernel_gid_t;
28+
pub type __kernel_size_t = crate::ctypes::c_uint;
29+
pub type __kernel_ssize_t = crate::ctypes::c_int;
30+
pub type __kernel_ptrdiff_t = crate::ctypes::c_int;
31+
pub type __kernel_off_t = __kernel_long_t;
32+
pub type __kernel_loff_t = crate::ctypes::c_longlong;
33+
pub type __kernel_old_time_t = __kernel_long_t;
34+
pub type __kernel_time_t = __kernel_long_t;
35+
pub type __kernel_time64_t = crate::ctypes::c_longlong;
36+
pub type __kernel_clock_t = __kernel_long_t;
37+
pub type __kernel_timer_t = crate::ctypes::c_int;
38+
pub type __kernel_clockid_t = crate::ctypes::c_int;
39+
pub type __kernel_caddr_t = *mut crate::ctypes::c_char;
40+
pub type __kernel_uid16_t = crate::ctypes::c_ushort;
41+
pub type __kernel_gid16_t = crate::ctypes::c_ushort;
42+
pub type __le16 = __u16;
43+
pub type __be16 = __u16;
44+
pub type __le32 = __u32;
45+
pub type __be32 = __u32;
46+
pub type __le64 = __u64;
47+
pub type __be64 = __u64;
48+
pub type __sum16 = __u16;
49+
pub type __wsum = __u32;
50+
pub type __poll_t = crate::ctypes::c_uint;
51+
#[repr(C)]
52+
#[derive(Debug, Copy, Clone)]
53+
pub struct landlock_ruleset_attr {
54+
pub handled_access_fs: __u64,
55+
pub handled_access_net: __u64,
56+
}
57+
#[repr(C, packed)]
58+
#[derive(Debug, Copy, Clone)]
59+
pub struct landlock_path_beneath_attr {
60+
pub allowed_access: __u64,
61+
pub parent_fd: __s32,
62+
}
63+
#[repr(C)]
64+
#[derive(Debug, Copy, Clone)]
65+
pub struct landlock_net_port_attr {
66+
pub allowed_access: __u64,
67+
pub port: __u64,
68+
}
69+
pub const __BITS_PER_LONG_LONG: u32 = 64;
70+
pub const LANDLOCK_CREATE_RULESET_VERSION: u32 = 1;
71+
pub const LANDLOCK_ACCESS_FS_EXECUTE: u32 = 1;
72+
pub const LANDLOCK_ACCESS_FS_WRITE_FILE: u32 = 2;
73+
pub const LANDLOCK_ACCESS_FS_READ_FILE: u32 = 4;
74+
pub const LANDLOCK_ACCESS_FS_READ_DIR: u32 = 8;
75+
pub const LANDLOCK_ACCESS_FS_REMOVE_DIR: u32 = 16;
76+
pub const LANDLOCK_ACCESS_FS_REMOVE_FILE: u32 = 32;
77+
pub const LANDLOCK_ACCESS_FS_MAKE_CHAR: u32 = 64;
78+
pub const LANDLOCK_ACCESS_FS_MAKE_DIR: u32 = 128;
79+
pub const LANDLOCK_ACCESS_FS_MAKE_REG: u32 = 256;
80+
pub const LANDLOCK_ACCESS_FS_MAKE_SOCK: u32 = 512;
81+
pub const LANDLOCK_ACCESS_FS_MAKE_FIFO: u32 = 1024;
82+
pub const LANDLOCK_ACCESS_FS_MAKE_BLOCK: u32 = 2048;
83+
pub const LANDLOCK_ACCESS_FS_MAKE_SYM: u32 = 4096;
84+
pub const LANDLOCK_ACCESS_FS_REFER: u32 = 8192;
85+
pub const LANDLOCK_ACCESS_FS_TRUNCATE: u32 = 16384;
86+
pub const LANDLOCK_ACCESS_FS_IOCTL_DEV: u32 = 32768;
87+
pub const LANDLOCK_ACCESS_NET_BIND_TCP: u32 = 1;
88+
pub const LANDLOCK_ACCESS_NET_CONNECT_TCP: u32 = 2;
89+
#[repr(u32)]
90+
#[non_exhaustive]
91+
#[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
92+
pub enum landlock_rule_type {
93+
LANDLOCK_RULE_PATH_BENEATH = 1,
94+
LANDLOCK_RULE_NET_PORT = 2,
95+
}

src/csky/landlock.rs

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
/* automatically generated by rust-bindgen 0.70.1 */
2+
3+
pub type __s8 = crate::ctypes::c_schar;
4+
pub type __u8 = crate::ctypes::c_uchar;
5+
pub type __s16 = crate::ctypes::c_short;
6+
pub type __u16 = crate::ctypes::c_ushort;
7+
pub type __s32 = crate::ctypes::c_int;
8+
pub type __u32 = crate::ctypes::c_uint;
9+
pub type __s64 = crate::ctypes::c_longlong;
10+
pub type __u64 = crate::ctypes::c_ulonglong;
11+
pub type __kernel_key_t = crate::ctypes::c_int;
12+
pub type __kernel_mqd_t = crate::ctypes::c_int;
13+
pub type __kernel_long_t = crate::ctypes::c_long;
14+
pub type __kernel_ulong_t = crate::ctypes::c_ulong;
15+
pub type __kernel_ino_t = __kernel_ulong_t;
16+
pub type __kernel_mode_t = crate::ctypes::c_uint;
17+
pub type __kernel_pid_t = crate::ctypes::c_int;
18+
pub type __kernel_ipc_pid_t = crate::ctypes::c_int;
19+
pub type __kernel_uid_t = crate::ctypes::c_uint;
20+
pub type __kernel_gid_t = crate::ctypes::c_uint;
21+
pub type __kernel_suseconds_t = __kernel_long_t;
22+
pub type __kernel_daddr_t = crate::ctypes::c_int;
23+
pub type __kernel_uid32_t = crate::ctypes::c_uint;
24+
pub type __kernel_gid32_t = crate::ctypes::c_uint;
25+
pub type __kernel_old_uid_t = __kernel_uid_t;
26+
pub type __kernel_old_gid_t = __kernel_gid_t;
27+
pub type __kernel_old_dev_t = crate::ctypes::c_uint;
28+
pub type __kernel_size_t = crate::ctypes::c_uint;
29+
pub type __kernel_ssize_t = crate::ctypes::c_int;
30+
pub type __kernel_ptrdiff_t = crate::ctypes::c_int;
31+
pub type __kernel_off_t = __kernel_long_t;
32+
pub type __kernel_loff_t = crate::ctypes::c_longlong;
33+
pub type __kernel_old_time_t = __kernel_long_t;
34+
pub type __kernel_time_t = __kernel_long_t;
35+
pub type __kernel_time64_t = crate::ctypes::c_longlong;
36+
pub type __kernel_clock_t = __kernel_long_t;
37+
pub type __kernel_timer_t = crate::ctypes::c_int;
38+
pub type __kernel_clockid_t = crate::ctypes::c_int;
39+
pub type __kernel_caddr_t = *mut crate::ctypes::c_char;
40+
pub type __kernel_uid16_t = crate::ctypes::c_ushort;
41+
pub type __kernel_gid16_t = crate::ctypes::c_ushort;
42+
pub type __le16 = __u16;
43+
pub type __be16 = __u16;
44+
pub type __le32 = __u32;
45+
pub type __be32 = __u32;
46+
pub type __le64 = __u64;
47+
pub type __be64 = __u64;
48+
pub type __sum16 = __u16;
49+
pub type __wsum = __u32;
50+
pub type __poll_t = crate::ctypes::c_uint;
51+
#[repr(C)]
52+
#[derive(Debug, Copy, Clone)]
53+
pub struct landlock_ruleset_attr {
54+
pub handled_access_fs: __u64,
55+
pub handled_access_net: __u64,
56+
}
57+
#[repr(C, packed)]
58+
#[derive(Debug, Copy, Clone)]
59+
pub struct landlock_path_beneath_attr {
60+
pub allowed_access: __u64,
61+
pub parent_fd: __s32,
62+
}
63+
#[repr(C)]
64+
#[derive(Debug, Copy, Clone)]
65+
pub struct landlock_net_port_attr {
66+
pub allowed_access: __u64,
67+
pub port: __u64,
68+
}
69+
pub const __BITS_PER_LONG_LONG: u32 = 64;
70+
pub const LANDLOCK_CREATE_RULESET_VERSION: u32 = 1;
71+
pub const LANDLOCK_ACCESS_FS_EXECUTE: u32 = 1;
72+
pub const LANDLOCK_ACCESS_FS_WRITE_FILE: u32 = 2;
73+
pub const LANDLOCK_ACCESS_FS_READ_FILE: u32 = 4;
74+
pub const LANDLOCK_ACCESS_FS_READ_DIR: u32 = 8;
75+
pub const LANDLOCK_ACCESS_FS_REMOVE_DIR: u32 = 16;
76+
pub const LANDLOCK_ACCESS_FS_REMOVE_FILE: u32 = 32;
77+
pub const LANDLOCK_ACCESS_FS_MAKE_CHAR: u32 = 64;
78+
pub const LANDLOCK_ACCESS_FS_MAKE_DIR: u32 = 128;
79+
pub const LANDLOCK_ACCESS_FS_MAKE_REG: u32 = 256;
80+
pub const LANDLOCK_ACCESS_FS_MAKE_SOCK: u32 = 512;
81+
pub const LANDLOCK_ACCESS_FS_MAKE_FIFO: u32 = 1024;
82+
pub const LANDLOCK_ACCESS_FS_MAKE_BLOCK: u32 = 2048;
83+
pub const LANDLOCK_ACCESS_FS_MAKE_SYM: u32 = 4096;
84+
pub const LANDLOCK_ACCESS_FS_REFER: u32 = 8192;
85+
pub const LANDLOCK_ACCESS_FS_TRUNCATE: u32 = 16384;
86+
pub const LANDLOCK_ACCESS_FS_IOCTL_DEV: u32 = 32768;
87+
pub const LANDLOCK_ACCESS_NET_BIND_TCP: u32 = 1;
88+
pub const LANDLOCK_ACCESS_NET_CONNECT_TCP: u32 = 2;
89+
#[repr(u32)]
90+
#[non_exhaustive]
91+
#[derive(Debug, Copy, Clone, Hash, PartialEq, Eq)]
92+
pub enum landlock_rule_type {
93+
LANDLOCK_RULE_PATH_BENEATH = 1,
94+
LANDLOCK_RULE_NET_PORT = 2,
95+
}

0 commit comments

Comments
 (0)