root/xz
1
0
Fork 0
mirror of https://git.tukaani.org/xz.git synced 2025-11-24 15:54:46 +00:00
Code Issues Releases Wiki Activity

Landlock: Cache the ABI version

Browse Source 
In xz it can avoid up to two syscalls that query the ABI version.
This commit is contained in:
Lasse Collin 2025-11-23 20:13:37 +02:00
parent f57b1716cd
commit ee75c76958
No known key found for this signature in database
GPG Key ID: 38EE757D69184620
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/common/my_landlock.h
View File

@ -4,6 +4,10 @@
// //
/// \file my_landlock.h /// \file my_landlock.h
/// \brief Linux Landlock sandbox helper functions /// \brief Linux Landlock sandbox helper functions
///
/// \note This uses static variables to cache the Landlock ABI version.
/// Only one file in an application should include this header.
/// Only one thread should call these functions.
// //
// Author: Lasse Collin // Author: Lasse Collin
// //
@ -32,8 +36,16 @@ my_landlock_ruleset_attr_forbid_all(struct landlock_ruleset_attr *attr)
{ {
memzero(attr, sizeof(*attr)); memzero(attr, sizeof(*attr));
const int abi_version = syscall(SYS_landlock_create_ruleset, // Cache the Landlock ABI version:
// 0 = not checked yet
// -1 = Landlock not supported
// >0 = Landlock ABI version
static int abi_version = 0;
if (abi_version == 0)
abi_version = syscall(SYS_landlock_create_ruleset,
(void *)NULL, 0, LANDLOCK_CREATE_RULESET_VERSION); (void *)NULL, 0, LANDLOCK_CREATE_RULESET_VERSION);
if (abi_version <= 0) if (abi_version <= 0)
return -1; return -1;