commit | 6711d2123055b94dd7e9d025b67098465539d1e1 | [log] [tgz] |
---|---|---|
author | Elliott Hughes <enh@google.com> | Fri Sep 22 19:48:05 2023 +0000 |
committer | Elliott Hughes <enh@google.com> | Fri Sep 22 19:48:05 2023 +0000 |
tree | 88c5c410a4e191c3d97e88e9f1d1329fa8e26c4f | |
parent | 68011a4ac7bf7b56ee148bbdfef44dd69364109e [diff] [blame] |
<sys/statvfs.h>: add a new mount option. This flag was added as part of https://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/hardening-against-malicious-stateful-data#TOC-Restricting-symlink-traversal in 2020. Annoyingly, these flags are in include/linux/statvfs.h rather than in the uapi headers, so we don't get them for free. Test: treehugger Change-Id: I55c0dcc8a5da17c3efc8938ec04f23f157764d4d
diff --git a/libc/include/sys/statvfs.h b/libc/include/sys/statvfs.h index 46fbea5..7bc5e63 100644 --- a/libc/include/sys/statvfs.h +++ b/libc/include/sys/statvfs.h
@@ -88,6 +88,9 @@ /** Flag for `f_flag` in `struct statvfs`: see `MS_RELATIME`. */ #define ST_RELATIME 0x1000 +/** Flag for `f_flag` in `struct statvfs`: don't follow symlinks. */ +#define ST_NOSYMFOLLOW 0x2000 + /** * [statvfs(3)](http://man7.org/linux/man-pages/man3/statvfs.3.html) * queries filesystem statistics for the given path.