1/* SPDX-License-Identifier: GPL-2.0-only */ 2/* 3 * Landlock LSM - Limits for different components 4 * 5 * Copyright �� 2016-2020 Micka��l Sala��n <mic@digikod.net> 6 * Copyright �� 2018-2020 ANSSI 7 */ 8 9#ifndef _SECURITY_LANDLOCK_LIMITS_H 10#define _SECURITY_LANDLOCK_LIMITS_H 11 12#include <linux/bitops.h> 13#include <linux/limits.h> 14#include <uapi/linux/landlock.h> 15 16/* clang-format off */ 17 18#define LANDLOCK_MAX_NUM_LAYERS 16 19#define LANDLOCK_MAX_NUM_RULES U32_MAX 20 21#define LANDLOCK_LAST_ACCESS_FS LANDLOCK_ACCESS_FS_TRUNCATE 22#define LANDLOCK_MASK_ACCESS_FS ((LANDLOCK_LAST_ACCESS_FS << 1) - 1) 23#define LANDLOCK_NUM_ACCESS_FS __const_hweight64(LANDLOCK_MASK_ACCESS_FS) 24#define LANDLOCK_SHIFT_ACCESS_FS 0 25 26#define LANDLOCK_LAST_ACCESS_NET LANDLOCK_ACCESS_NET_CONNECT_TCP 27#define LANDLOCK_MASK_ACCESS_NET ((LANDLOCK_LAST_ACCESS_NET << 1) - 1) 28#define LANDLOCK_NUM_ACCESS_NET __const_hweight64(LANDLOCK_MASK_ACCESS_NET) 29#define LANDLOCK_SHIFT_ACCESS_NET LANDLOCK_NUM_ACCESS_FS 30 31/* clang-format on */ 32 33#endif /* _SECURITY_LANDLOCK_LIMITS_H */ 34