1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #include <linux/compiler.h> 3 #include <linux/types.h> 4 #include <unistd.h> 5 #include "../tests.h" 6 7 /* This workload was initially added to test enum augmentation with BTF in perf 8 * trace because its the only syscall that has an enum argument. Since it is 9 * a recent addition to the Linux kernel (at the time of the introduction of this 10 * 'perf test' workload) we just add the required types and defines here instead 11 * of including linux/landlock, that isn't available in older systems. 12 * 13 * We are not interested in the the result of the syscall, just in intercepting 14 * its arguments. 15 */ 16 17 #ifndef __NR_landlock_add_rule 18 #define __NR_landlock_add_rule 445 19 #endif 20 21 #ifndef LANDLOCK_ACCESS_FS_READ_FILE 22 #define LANDLOCK_ACCESS_FS_READ_FILE (1ULL << 2) 23 24 #define LANDLOCK_RULE_PATH_BENEATH 1 25 26 struct landlock_path_beneath_attr { 27 __u64 allowed_access; 28 __s32 parent_fd; 29 }; 30 #endif 31 32 #ifndef LANDLOCK_ACCESS_NET_CONNECT_TCP 33 #define LANDLOCK_ACCESS_NET_CONNECT_TCP (1ULL << 1) 34 35 #define LANDLOCK_RULE_NET_PORT 2 36 37 struct landlock_net_port_attr { 38 __u64 allowed_access; 39 __u64 port; 40 }; 41 #endif 42 43 static int landlock(int argc __maybe_unused, const char **argv __maybe_unused) 44 { 45 int fd = 11, flags = 45; 46 47 struct landlock_path_beneath_attr path_beneath_attr = { 48 .allowed_access = LANDLOCK_ACCESS_FS_READ_FILE, 49 .parent_fd = 14, 50 }; 51 52 struct landlock_net_port_attr net_port_attr = { 53 .port = 19, 54 .allowed_access = LANDLOCK_ACCESS_NET_CONNECT_TCP, 55 }; 56 57 syscall(__NR_landlock_add_rule, fd, LANDLOCK_RULE_PATH_BENEATH, 58 &path_beneath_attr, flags); 59 60 syscall(__NR_landlock_add_rule, fd, LANDLOCK_RULE_NET_PORT, 61 &net_port_attr, flags); 62 63 return 0; 64 } 65 66 DEFINE_WORKLOAD(landlock); 67