From bf9e0e7f922c3b093ca5a37a31b76a896d839015 Mon Sep 17 00:00:00 2001
From: CismonX <admin@cismon.net>
Date: Sat, 15 Feb 2025 19:08:08 +0800
Subject: [PATCH] sandbox: workaround legacy landlock

So that they can build with kernel headers older than 6.2,
and still work as expected on newer kernels.
---
 src/sandbox.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/sandbox.c b/src/sandbox.c
index a9843b2..4fefbaa 100644
--- a/src/sandbox.c
+++ b/src/sandbox.c
@@ -278,6 +278,12 @@ sandbox_enter (
         goto free_sfctx;
     }
 
+#ifndef LANDLOCK_ACCESS_FS_REFER  // Available since Linux 5.19
+#define LANDLOCK_ACCESS_FS_REFER  ( UINT64_C(1) << 13 )
+#endif
+#ifndef LANDLOCK_ACCESS_FS_TRUNCATE  // Available since Linux 6.2
+#define LANDLOCK_ACCESS_FS_TRUNCATE  ( UINT64_C(1) << 14 )
+#endif
 #define LANDLOCK_FS_RIGHT_NAME_(name)  LANDLOCK_ACCESS_FS_##name
 #define LANDLOCK_FS_RIGHT(...)  \
     BITWISE_OR(LANDLOCK_FS_RIGHT_NAME_, __VA_ARGS__)