ruleset.h - OpenGrok cross reference for /linux/security/landlock/ruleset.h

Lines Matching defs:ruleset
41  * union landlock_key - Key of a ruleset's red-black tree
72  * struct landlock_id - Unique rule identifier for a ruleset
91 	 * @node: Node in the ruleset's red-black tree.
97 	 * for this ruleset element.  The pointer is set once and never
114  * struct landlock_ruleset - Landlock ruleset
122 	 * landlock_rule nodes with inode object.  Once a ruleset is tied to a
131 	 * landlock_rule nodes with network port. Once a ruleset is tied to a
145 		 * @work_free: Enables to free a ruleset within a lockless
160 			 * descriptors referencing this ruleset.
165 			 * the same object) rules in this ruleset.
170 			 * ruleset.  This enables to check that all the layers
172 			 * non-merged ruleset (i.e. not a domain).
177 			 * network actions that are restricted by a ruleset.
185 			 * lifetime of the ruleset.
197 void landlock_put_ruleset(struct landlock_ruleset *const ruleset);
198 void landlock_put_ruleset_deferred(struct landlock_ruleset *const ruleset);
203 int landlock_insert_rule(struct landlock_ruleset *const ruleset,
209 		       struct landlock_ruleset *const ruleset);
212 landlock_find_rule(const struct landlock_ruleset *const ruleset,
215 static inline void landlock_get_ruleset(struct landlock_ruleset *const ruleset)
217 	if (ruleset)
218 		refcount_inc(&ruleset->usage);
225  * @domain: Landlock ruleset (used as a domain)
247 landlock_add_fs_access_mask(struct landlock_ruleset *const ruleset,
255 	ruleset->access_masks[layer_level].fs |= fs_mask;
259 landlock_add_net_access_mask(struct landlock_ruleset *const ruleset,
267 	ruleset->access_masks[layer_level].net |= net_mask;
271 landlock_add_scope_mask(struct landlock_ruleset *const ruleset,
278 	ruleset->access_masks[layer_level].scope |= mask;
282 landlock_get_fs_access_mask(const struct landlock_ruleset *const ruleset,
286 	return ruleset->access_masks[layer_level].fs |
291 landlock_get_net_access_mask(const struct landlock_ruleset *const ruleset,
294 	return ruleset->access_masks[layer_level].net;
298 landlock_get_scope_mask(const struct landlock_ruleset *const ruleset,
301 	return ruleset->access_masks[layer_level].scope;