1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
6 typedef enum FilesystemParseFlags
{
7 FILESYSTEM_PARSE_INVERT
= 1 << 0,
8 FILESYSTEM_PARSE_ALLOW_LIST
= 1 << 1,
9 FILESYSTEM_PARSE_LOG
= 1 << 2,
10 } FilesystemParseFlags
;
12 typedef struct Unit Unit
;
13 typedef struct Manager Manager
;
15 typedef struct restrict_fs_bpf restrict_fs_bpf
;
17 bool lsm_bpf_supported(bool initialize
);
18 int lsm_bpf_setup(Manager
*m
);
19 int lsm_bpf_restrict_filesystems(const Set
*filesystems
, uint64_t cgroup_id
, int outer_map_fd
, bool allow_list
);
20 int lsm_bpf_cleanup(const Unit
*u
);
21 int lsm_bpf_map_restrict_fs_fd(Unit
*u
);
22 void lsm_bpf_destroy(struct restrict_fs_bpf
*prog
);
23 int lsm_bpf_parse_filesystem(const char *name
,
25 FilesystemParseFlags flags
,