| Message ID | 20250108154338.1129069-22-mic@digikod.net (mailing list archive) |
|---|---|
| State | Handled Elsewhere |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | Landlock audit support | expand |
On Wed, Jan 08, 2025 at 04:43:29PM +0100, Mickaël Salaün wrote: > Extract syscall wrappers to make them usable by standalone binaries (see > next commit). > > Cc: Günther Noack <gnoack@google.com> > Signed-off-by: Mickaël Salaün <mic@digikod.net> > Link: https://lore.kernel.org/r/20250108154338.1129069-22-mic@digikod.net Pushed in my next tree to simplify next patch series. > --- > > Changes since v3: > - New patch. > --- > tools/testing/selftests/landlock/common.h | 37 +--------------- > tools/testing/selftests/landlock/wrappers.h | 47 +++++++++++++++++++++ > 2 files changed, 48 insertions(+), 36 deletions(-) > create mode 100644 tools/testing/selftests/landlock/wrappers.h > > diff --git a/tools/testing/selftests/landlock/common.h b/tools/testing/selftests/landlock/common.h > index 61056fa074bb..8391ab574f64 100644 > --- a/tools/testing/selftests/landlock/common.h > +++ b/tools/testing/selftests/landlock/common.h > @@ -9,17 +9,15 @@ > > #include <arpa/inet.h> > #include <errno.h> > -#include <linux/landlock.h> > #include <linux/securebits.h> > #include <sys/capability.h> > #include <sys/socket.h> > -#include <sys/syscall.h> > -#include <sys/types.h> > #include <sys/un.h> > #include <sys/wait.h> > #include <unistd.h> > > #include "../kselftest_harness.h" > +#include "wrappers.h" > > #define TMP_DIR "tmp" > > @@ -30,34 +28,6 @@ > /* TEST_F_FORK() should not be used for new tests. */ > #define TEST_F_FORK(fixture_name, test_name) TEST_F(fixture_name, test_name) > > -#ifndef landlock_create_ruleset > -static inline int > -landlock_create_ruleset(const struct landlock_ruleset_attr *const attr, > - const size_t size, const __u32 flags) > -{ > - return syscall(__NR_landlock_create_ruleset, attr, size, flags); > -} > -#endif > - > -#ifndef landlock_add_rule > -static inline int landlock_add_rule(const int ruleset_fd, > - const enum landlock_rule_type rule_type, > - const void *const rule_attr, > - const __u32 flags) > -{ > - return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, > - flags); > -} > -#endif > - > -#ifndef landlock_restrict_self > -static inline int landlock_restrict_self(const int ruleset_fd, > - const __u32 flags) > -{ > - return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); > -} > -#endif > - > static void _init_caps(struct __test_metadata *const _metadata, bool drop_all) > { > cap_t cap_p; > @@ -250,11 +220,6 @@ struct service_fixture { > }; > }; > > -static pid_t __maybe_unused sys_gettid(void) > -{ > - return syscall(__NR_gettid); > -} > - > static void __maybe_unused set_unix_address(struct service_fixture *const srv, > const unsigned short index) > { > diff --git a/tools/testing/selftests/landlock/wrappers.h b/tools/testing/selftests/landlock/wrappers.h > new file mode 100644 > index 000000000000..32963a44876b > --- /dev/null > +++ b/tools/testing/selftests/landlock/wrappers.h > @@ -0,0 +1,47 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* > + * Landlock helpers > + * > + * Copyright © 2017-2020 Mickaël Salaün <mic@digikod.net> > + * Copyright © 2019-2020 ANSSI > + * Copyright © 2021-2024 Microsoft Corporation > + */ > + > +#define _GNU_SOURCE > +#include <linux/landlock.h> > +#include <sys/syscall.h> > +#include <sys/types.h> > +#include <unistd.h> > + > +#ifndef landlock_create_ruleset > +static inline int > +landlock_create_ruleset(const struct landlock_ruleset_attr *const attr, > + const size_t size, const __u32 flags) > +{ > + return syscall(__NR_landlock_create_ruleset, attr, size, flags); > +} > +#endif > + > +#ifndef landlock_add_rule > +static inline int landlock_add_rule(const int ruleset_fd, > + const enum landlock_rule_type rule_type, > + const void *const rule_attr, > + const __u32 flags) > +{ > + return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, > + flags); > +} > +#endif > + > +#ifndef landlock_restrict_self > +static inline int landlock_restrict_self(const int ruleset_fd, > + const __u32 flags) > +{ > + return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); > +} > +#endif > + > +static inline pid_t sys_gettid(void) > +{ > + return syscall(__NR_gettid); > +} > -- > 2.47.1 > >
diff --git a/tools/testing/selftests/landlock/common.h b/tools/testing/selftests/landlock/common.h index 61056fa074bb..8391ab574f64 100644 --- a/tools/testing/selftests/landlock/common.h +++ b/tools/testing/selftests/landlock/common.h @@ -9,17 +9,15 @@ #include <arpa/inet.h> #include <errno.h> -#include <linux/landlock.h> #include <linux/securebits.h> #include <sys/capability.h> #include <sys/socket.h> -#include <sys/syscall.h> -#include <sys/types.h> #include <sys/un.h> #include <sys/wait.h> #include <unistd.h> #include "../kselftest_harness.h" +#include "wrappers.h" #define TMP_DIR "tmp" @@ -30,34 +28,6 @@ /* TEST_F_FORK() should not be used for new tests. */ #define TEST_F_FORK(fixture_name, test_name) TEST_F(fixture_name, test_name) -#ifndef landlock_create_ruleset -static inline int -landlock_create_ruleset(const struct landlock_ruleset_attr *const attr, - const size_t size, const __u32 flags) -{ - return syscall(__NR_landlock_create_ruleset, attr, size, flags); -} -#endif - -#ifndef landlock_add_rule -static inline int landlock_add_rule(const int ruleset_fd, - const enum landlock_rule_type rule_type, - const void *const rule_attr, - const __u32 flags) -{ - return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, - flags); -} -#endif - -#ifndef landlock_restrict_self -static inline int landlock_restrict_self(const int ruleset_fd, - const __u32 flags) -{ - return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); -} -#endif - static void _init_caps(struct __test_metadata *const _metadata, bool drop_all) { cap_t cap_p; @@ -250,11 +220,6 @@ struct service_fixture { }; }; -static pid_t __maybe_unused sys_gettid(void) -{ - return syscall(__NR_gettid); -} - static void __maybe_unused set_unix_address(struct service_fixture *const srv, const unsigned short index) { diff --git a/tools/testing/selftests/landlock/wrappers.h b/tools/testing/selftests/landlock/wrappers.h new file mode 100644 index 000000000000..32963a44876b --- /dev/null +++ b/tools/testing/selftests/landlock/wrappers.h @@ -0,0 +1,47 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * Landlock helpers + * + * Copyright © 2017-2020 Mickaël Salaün <mic@digikod.net> + * Copyright © 2019-2020 ANSSI + * Copyright © 2021-2024 Microsoft Corporation + */ + +#define _GNU_SOURCE +#include <linux/landlock.h> +#include <sys/syscall.h> +#include <sys/types.h> +#include <unistd.h> + +#ifndef landlock_create_ruleset +static inline int +landlock_create_ruleset(const struct landlock_ruleset_attr *const attr, + const size_t size, const __u32 flags) +{ + return syscall(__NR_landlock_create_ruleset, attr, size, flags); +} +#endif + +#ifndef landlock_add_rule +static inline int landlock_add_rule(const int ruleset_fd, + const enum landlock_rule_type rule_type, + const void *const rule_attr, + const __u32 flags) +{ + return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, + flags); +} +#endif + +#ifndef landlock_restrict_self +static inline int landlock_restrict_self(const int ruleset_fd, + const __u32 flags) +{ + return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); +} +#endif + +static inline pid_t sys_gettid(void) +{ + return syscall(__NR_gettid); +}
Extract syscall wrappers to make them usable by standalone binaries (see next commit). Cc: Günther Noack <gnoack@google.com> Signed-off-by: Mickaël Salaün <mic@digikod.net> Link: https://lore.kernel.org/r/20250108154338.1129069-22-mic@digikod.net --- Changes since v3: - New patch. --- tools/testing/selftests/landlock/common.h | 37 +--------------- tools/testing/selftests/landlock/wrappers.h | 47 +++++++++++++++++++++ 2 files changed, 48 insertions(+), 36 deletions(-) create mode 100644 tools/testing/selftests/landlock/wrappers.h