landlock: add _fs prefix to filesystem functions

Relates to #6078.

src/firejail/firejail.h

@@ -152,11 +152,11 @@ typedef struct profile_entry_t {
 
 typedef struct landlock_entry_t {
 	struct landlock_entry_t *next;
-#define LL_READ 0
-#define LL_WRITE 1
-#define LL_MAKEIPC 2
-#define LL_MAKEDEV 3
-#define LL_EXEC 4
+#define LL_FS_READ 0
+#define LL_FS_WRITE 1
+#define LL_FS_MAKEIPC 2
+#define LL_FS_MAKEDEV 3
+#define LL_FS_EXEC 4
 #define LL_MAX 5
 	int type;
 	char *data;

src/firejail/landlock.c

@@ -174,7 +174,7 @@ static void ll_fs(const char *allowed_path, const __u64 allowed_access,
 	free(expanded_path);
 }
 
-static void ll_read(const char *allowed_path) {
+static void ll_fs_read(const char *allowed_path) {
 	__u64 allowed_access =
 		LANDLOCK_ACCESS_FS_READ_DIR |
 		LANDLOCK_ACCESS_FS_READ_FILE;
@@ -182,7 +182,7 @@ static void ll_read(const char *allowed_path) {
 	ll_fs(allowed_path, allowed_access, __func__);
 }
 
-static void ll_write(const char *allowed_path) {
+static void ll_fs_write(const char *allowed_path) {
 	__u64 allowed_access =
 		LANDLOCK_ACCESS_FS_MAKE_DIR |
 		LANDLOCK_ACCESS_FS_MAKE_REG |
@@ -194,7 +194,7 @@ static void ll_write(const char *allowed_path) {
 	ll_fs(allowed_path, allowed_access, __func__);
 }
 
-static void ll_makeipc(const char *allowed_path) {
+static void ll_fs_makeipc(const char *allowed_path) {
 	__u64 allowed_access =
 		LANDLOCK_ACCESS_FS_MAKE_FIFO |
 		LANDLOCK_ACCESS_FS_MAKE_SOCK;
@@ -202,7 +202,7 @@ static void ll_makeipc(const char *allowed_path) {
 	ll_fs(allowed_path, allowed_access, __func__);
 }
 
-static void ll_makedev(const char *allowed_path) {
+static void ll_fs_makedev(const char *allowed_path) {
 	__u64 allowed_access =
 		LANDLOCK_ACCESS_FS_MAKE_BLOCK |
 		LANDLOCK_ACCESS_FS_MAKE_CHAR;
@@ -210,7 +210,7 @@ static void ll_makedev(const char *allowed_path) {
 	ll_fs(allowed_path, allowed_access, __func__);
 }
 
-static void ll_exec(const char *allowed_path) {
+static void ll_fs_exec(const char *allowed_path) {
 	__u64 allowed_access =
 		LANDLOCK_ACCESS_FS_EXECUTE;
 
@@ -227,11 +227,11 @@ int ll_restrict(uint32_t flags) {
 		fprintf(stderr, "%s: Starting Landlock restrict\n", __func__);
 
 	void (*fnc[])(const char *) = {
-		ll_read,
-		ll_write,
-		ll_makeipc,
-		ll_makedev,
-		ll_exec,
+		ll_fs_read,
+		ll_fs_write,
+		ll_fs_makeipc,
+		ll_fs_makedev,
+		ll_fs_exec,
 		NULL
 	};
 

src/firejail/main.c

@@ -1506,15 +1506,15 @@ int main(int argc, char **argv, char **envp) {
 		else if (strncmp(argv[i], "--landlock.enforce", 18) == 0)
 			arg_landlock_enforce = 1;
 		else if (strncmp(argv[i], "--landlock.read=", 16) == 0)
-			ll_add_profile(LL_READ, argv[i] + 16);
+			ll_add_profile(LL_FS_READ, argv[i] + 16);
 		else if (strncmp(argv[i], "--landlock.write=", 17) == 0)
-			ll_add_profile(LL_WRITE, argv[i] + 17);
+			ll_add_profile(LL_FS_WRITE, argv[i] + 17);
 		else if (strncmp(argv[i], "--landlock.makeipc=", 19) == 0)
-			ll_add_profile(LL_MAKEIPC, argv[i] + 19);
+			ll_add_profile(LL_FS_MAKEIPC, argv[i] + 19);
 		else if (strncmp(argv[i], "--landlock.makedev=", 19) == 0)
-			ll_add_profile(LL_MAKEDEV, argv[i] + 19);
+			ll_add_profile(LL_FS_MAKEDEV, argv[i] + 19);
 		else if (strncmp(argv[i], "--landlock.execute=", 19) == 0)
-			ll_add_profile(LL_EXEC, argv[i] + 19);
+			ll_add_profile(LL_FS_EXEC, argv[i] + 19);
 #endif
 		else if (strcmp(argv[i], "--memory-deny-write-execute") == 0) {
 			if (checkcfg(CFG_SECCOMP))

src/firejail/profile.c

@@ -1079,23 +1079,23 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
 		return 0;
 	}
 	if (strncmp(ptr, "landlock.read ", 14) == 0) {
-		ll_add_profile(LL_READ, ptr + 14);
+		ll_add_profile(LL_FS_READ, ptr + 14);
 		return 0;
 	}
 	if (strncmp(ptr, "landlock.write ", 15) == 0) {
-		ll_add_profile(LL_WRITE, ptr + 15);
+		ll_add_profile(LL_FS_WRITE, ptr + 15);
 		return 0;
 	}
 	if (strncmp(ptr, "landlock.makeipc ", 17) == 0) {
-		ll_add_profile(LL_MAKEIPC, ptr + 17);
+		ll_add_profile(LL_FS_MAKEIPC, ptr + 17);
 		return 0;
 	}
 	if (strncmp(ptr, "landlock.makedev ", 17) == 0) {
-		ll_add_profile(LL_MAKEDEV, ptr + 17);
+		ll_add_profile(LL_FS_MAKEDEV, ptr + 17);
 		return 0;
 	}
 	if (strncmp(ptr, "landlock.execute ", 17) == 0) {
-		ll_add_profile(LL_EXEC, ptr + 17);
+		ll_add_profile(LL_FS_EXEC, ptr + 17);
 		return 0;
 	}
 #endif