From ee05b11b67d59a6c5bb4b9d661bcc20bbd0bbe7a Mon Sep 17 00:00:00 2001 From: Szabolcs Nagy Date: Sun, 4 Jul 2021 16:34:15 +0000 Subject: bits/syscall.h: add landlock syscalls from linux v5.13 see linux commit a49f4f81cb48925e8d7cbd9e59068f516e984144 arch: Wire up Landlock syscalls linuxcommit 17ae69aba89dbfa2139b7f8024b757ab3cc42f59 Merge tag 'landlock_v34' of ... jmorris/linux-security Landlock provides for unprivileged application sandboxing. The goal of Landlock is to enable to restrict ambient rights (e.g. global filesystem access) for a set of processes. Landlock is inspired by seccomp-bpf but instead of filtering syscalls and their raw arguments, a Landlock rule can restrict the use of kernel objects like file hierarchies, according to the kernel semantic. --- arch/mips/bits/syscall.h.in | 3 +++ 1 file changed, 3 insertions(+) (limited to 'arch/mips/bits') diff --git a/arch/mips/bits/syscall.h.in b/arch/mips/bits/syscall.h.in index 1d0deed3..63e3503a 100644 --- a/arch/mips/bits/syscall.h.in +++ b/arch/mips/bits/syscall.h.in @@ -415,4 +415,7 @@ #define __NR_process_madvise 4440 #define __NR_epoll_pwait2 4441 #define __NR_mount_setattr 4442 +#define __NR_landlock_create_ruleset 4444 +#define __NR_landlock_add_rule 4445 +#define __NR_landlock_restrict_self 4446 -- cgit v1.2.3-70-g09d2