From 25de38e24f8ba0e572fe3e7d918e5a2a081c5b74 Mon Sep 17 00:00:00 2001 From: Christian Brauner <christian.brauner@ubuntu.com> Date: Mon, 11 Feb 2019 14:44:57 +0100 Subject: [PATCH] utils: add missing sealing flags Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com> --- src/lxc/utils.h | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/lxc/utils.h b/src/lxc/utils.h index 84e2f3a84..d86584e83 100644 --- a/src/lxc/utils.h +++ b/src/lxc/utils.h @@ -199,6 +199,29 @@ static inline int signalfd(int fd, const sigset_t *mask, int flags) #define LOOP_CTL_GET_FREE 0x4C82 #endif +/* memfd_create() */ +#ifndef MFD_CLOEXEC +#define MFD_CLOEXEC 0x0001U +#endif + +#ifndef MFD_ALLOW_SEALING +#define MFD_ALLOW_SEALING 0x0002U +#endif + +#ifndef F_LINUX_SPECIFIC_BASE +#define F_LINUX_SPECIFIC_BASE 1024 +#endif +#ifndef F_ADD_SEALS +#define F_ADD_SEALS (F_LINUX_SPECIFIC_BASE + 9) +#define F_GET_SEALS (F_LINUX_SPECIFIC_BASE + 10) +#endif +#ifndef F_SEAL_SEAL +#define F_SEAL_SEAL 0x0001 +#define F_SEAL_SHRINK 0x0002 +#define F_SEAL_GROW 0x0004 +#define F_SEAL_WRITE 0x0008 +#endif + /* Struct to carry child pid from lxc_popen() to lxc_pclose(). * Not an opaque struct to allow direct access to the underlying FILE * * (i.e., struct lxc_popen_FILE *file; fgets(buf, sizeof(buf), file->f))