syscall: use constants from new x/sys/unix library

landlock/syscall/landlock.go

@@ -42,9 +42,8 @@ const (
 // Please see the full documentation at
 // https://www.kernel.org/doc/html/latest/userspace-api/landlock.html#network-flags.
 const (
-	// TODO: Use these from sys/unix when available.
-	AccessNetBindTCP    = 1 << 0
-	AccessNetConnectTCP = 1 << 1
+	AccessNetBindTCP = 1 << iota
+	AccessNetConnectTCP
 )
 
 // RulesetAttr is the Landlock ruleset definition.

landlock/syscall/landlock_test.go

@@ -14,22 +14,24 @@ func TestAccessRights(t *testing.T) {
 		LandlockDef uint64
 		SyscallDef  uint64
 	}{
-		{"Execute", AccessFSExecute, unix.LANDLOCK_ACCESS_FS_EXECUTE},
-		{"WriteFile", AccessFSWriteFile, unix.LANDLOCK_ACCESS_FS_WRITE_FILE},
-		{"ReadFile", AccessFSReadFile, unix.LANDLOCK_ACCESS_FS_READ_FILE},
-		{"ReadDir", AccessFSReadDir, unix.LANDLOCK_ACCESS_FS_READ_DIR},
-		{"RemoveDir", AccessFSRemoveDir, unix.LANDLOCK_ACCESS_FS_REMOVE_DIR},
-		{"RemoveFile", AccessFSRemoveFile, unix.LANDLOCK_ACCESS_FS_REMOVE_FILE},
-		{"MakeChar", AccessFSMakeChar, unix.LANDLOCK_ACCESS_FS_MAKE_CHAR},
-		{"MakeDir", AccessFSMakeDir, unix.LANDLOCK_ACCESS_FS_MAKE_DIR},
-		{"MakeReg", AccessFSMakeReg, unix.LANDLOCK_ACCESS_FS_MAKE_REG},
-		{"MakeSock", AccessFSMakeSock, unix.LANDLOCK_ACCESS_FS_MAKE_SOCK},
-		{"MakeFifo", AccessFSMakeFifo, unix.LANDLOCK_ACCESS_FS_MAKE_FIFO},
-		{"MakeBlock", AccessFSMakeBlock, unix.LANDLOCK_ACCESS_FS_MAKE_BLOCK},
-		{"MakeSym", AccessFSMakeSym, unix.LANDLOCK_ACCESS_FS_MAKE_SYM},
-		{"Refer", AccessFSRefer, unix.LANDLOCK_ACCESS_FS_REFER},
-		{"Truncate", AccessFSTruncate, unix.LANDLOCK_ACCESS_FS_TRUNCATE},
-		{"IoctlDev", AccessFSIoctlDev, AccessFSTruncate << 1},
+		{"FSExecute", AccessFSExecute, unix.LANDLOCK_ACCESS_FS_EXECUTE},
+		{"FSWriteFile", AccessFSWriteFile, unix.LANDLOCK_ACCESS_FS_WRITE_FILE},
+		{"FSReadFile", AccessFSReadFile, unix.LANDLOCK_ACCESS_FS_READ_FILE},
+		{"FSReadDir", AccessFSReadDir, unix.LANDLOCK_ACCESS_FS_READ_DIR},
+		{"FSRemoveDir", AccessFSRemoveDir, unix.LANDLOCK_ACCESS_FS_REMOVE_DIR},
+		{"FSRemoveFile", AccessFSRemoveFile, unix.LANDLOCK_ACCESS_FS_REMOVE_FILE},
+		{"FSMakeChar", AccessFSMakeChar, unix.LANDLOCK_ACCESS_FS_MAKE_CHAR},
+		{"FSMakeDir", AccessFSMakeDir, unix.LANDLOCK_ACCESS_FS_MAKE_DIR},
+		{"FSMakeReg", AccessFSMakeReg, unix.LANDLOCK_ACCESS_FS_MAKE_REG},
+		{"FSMakeSock", AccessFSMakeSock, unix.LANDLOCK_ACCESS_FS_MAKE_SOCK},
+		{"FSMakeFifo", AccessFSMakeFifo, unix.LANDLOCK_ACCESS_FS_MAKE_FIFO},
+		{"FSMakeBlock", AccessFSMakeBlock, unix.LANDLOCK_ACCESS_FS_MAKE_BLOCK},
+		{"FSMakeSym", AccessFSMakeSym, unix.LANDLOCK_ACCESS_FS_MAKE_SYM},
+		{"FSRefer", AccessFSRefer, unix.LANDLOCK_ACCESS_FS_REFER},
+		{"FSTruncate", AccessFSTruncate, unix.LANDLOCK_ACCESS_FS_TRUNCATE},
+		{"FSIoctlDev", AccessFSIoctlDev, unix.LANDLOCK_ACCESS_FS_IOCTL_DEV},
+		{"NetBindTCP", AccessNetBindTCP, unix.LANDLOCK_ACCESS_NET_BIND_TCP},
+		{"NetConnectTCP", AccessNetConnectTCP, unix.LANDLOCK_ACCESS_NET_CONNECT_TCP},
 	} {
 		t.Run(tt.Name, func(t *testing.T) {
 			if tt.LandlockDef != tt.SyscallDef {