Lines Matching full:access
440 * (access type) confusion for this test. in test_open_rel()
541 /* Tests with denied-by-default access right. */ in TEST_F_FORK()
555 /* Test with no access. */ in TEST_F_FORK()
600 __u64 access; in TEST_F_FORK() local
612 /* Tests access rights for files. */ in TEST_F_FORK()
616 /* Tests access rights for directories. */ in TEST_F_FORK()
621 for (access = 1; access <= ACCESS_LAST; access <<= 1) { in TEST_F_FORK()
622 path_beneath_dir.allowed_access = access; in TEST_F_FORK()
627 path_beneath_file.allowed_access = access; in TEST_F_FORK()
630 if (access & ACCESS_FILE) { in TEST_F_FORK()
660 __u64 access; in TEST_F_FORK() local
674 for (access = 1ULL << 63; access != ACCESS_LAST; access >>= 1) { in TEST_F_FORK()
675 path_beneath.allowed_access = access; in TEST_F_FORK()
692 __u64 access; in TEST_F_FORK() local
701 for (access = 1; access > 0; access <<= 1) { in TEST_F_FORK()
704 path_beneath.allowed_access = access; in TEST_F_FORK()
707 if (access == ruleset_attr.handled_access_fs) { in TEST_F_FORK()
744 __u64 access; member
785 if (!rules[i].access) in create_ruleset()
788 add_path_beneath(_metadata, ruleset_fd, rules[i].access, in create_ruleset()
799 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
806 _metadata, rules[0].access | LANDLOCK_ACCESS_FS_READ_DIR, in TEST_F_FORK()
848 .access = ACCESS_RO, in TEST_F_FORK()
871 .access = ACCESS_RO, in TEST_F_FORK()
875 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
929 .access = ACCESS_RO, in TEST_F_FORK()
957 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
962 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
997 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1002 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1010 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
1019 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1104 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in TEST_F_FORK()
1111 .access = LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
1165 /* Allows read access to file1_s1d3 with the first layer. */ in TEST_F_FORK()
1168 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1174 /* Start by granting read-write access via its parent directory... */ in TEST_F_FORK()
1177 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
1180 /* ...but also denies read access via its grandparent directory. */ in TEST_F_FORK()
1183 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1188 /* Allows read access via its great-grandparent directory. */ in TEST_F_FORK()
1191 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1197 * Try to confuse the deny access by denying write (but not in TEST_F_FORK()
1198 * read) access via its grandparent directory. in TEST_F_FORK()
1202 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1208 * Try to override layer2's deny read access by explicitly in TEST_F_FORK()
1209 * allowing read access via file1_s1d3's grandparent. in TEST_F_FORK()
1213 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1219 * Restricts an unrelated file hierarchy with a new access in TEST_F_FORK()
1224 .access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
1230 * Finally, denies read access to file1_s1d3 via its in TEST_F_FORK()
1235 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1247 /* Checks that read access is granted for file1_s1d3 with layer 1. */ in TEST_F_FORK()
1260 /* Checks that previous access rights are unchanged with layer 2. */ in TEST_F_FORK()
1271 /* Checks that previous access rights are unchanged with layer 3. */ in TEST_F_FORK()
1276 /* This time, denies write access for the file hierarchy. */ in TEST_F_FORK()
1286 * Checks that the only change with layer 4 is that write access is in TEST_F_FORK()
1300 /* Checks that previous access rights are unchanged with layer 5. */ in TEST_F_FORK()
1312 /* Checks that previous access rights are unchanged with layer 6. */ in TEST_F_FORK()
1326 /* Checks read access is now denied with layer 7. */ in TEST_F_FORK()
1338 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
1351 /* Write access is forbidden. */ in TEST_F_FORK()
1353 /* Readdir access is allowed. */ in TEST_F_FORK()
1356 /* Write access is forbidden. */ in TEST_F_FORK()
1358 /* Readdir access is allowed. */ in TEST_F_FORK()
1363 * any new access, only remove some. Once enforced, these rules are in TEST_F_FORK()
1371 * access rights (even if this directory is opened a second time). in TEST_F_FORK()
1387 /* Readdir access is still allowed. */ in TEST_F_FORK()
1392 /* Readdir access is still allowed. */ in TEST_F_FORK()
1396 * Try to get more privileges by adding new access rights to the parent in TEST_F_FORK()
1408 /* Readdir access is still allowed. */ in TEST_F_FORK()
1413 /* Readdir access is still allowed. */ in TEST_F_FORK()
1438 /* Readdir access is still allowed. */ in TEST_F_FORK()
1455 .access = ACCESS_RO, in TEST_F_FORK()
1464 /* Readdir access is denied for dir_s1d2. */ in TEST_F_FORK()
1466 /* Readdir access is allowed for dir_s1d3. */ in TEST_F_FORK()
1468 /* File access is allowed for file1_s1d3. */ in TEST_F_FORK()
1479 /* Readdir access is still denied for dir_s1d2. */ in TEST_F_FORK()
1481 /* Readdir access is still allowed for dir_s1d3. */ in TEST_F_FORK()
1483 /* File access is still allowed for file1_s1d3. */ in TEST_F_FORK()
1493 .access = ACCESS_RO, in TEST_F_FORK()
1522 /* Enforces policy which deny read access to all files. */ in TEST_F_FORK()
1531 /* Nests a policy which deny read access to all directories. */ in TEST_F_FORK()
1550 .access = ACCESS_RO, in TEST_F_FORK()
1555 .access = ACCESS_RO, in TEST_F_FORK()
1579 .access = ACCESS_RO, in TEST_F_FORK()
1584 .access = ACCESS_RO, in TEST_F_FORK()
1612 .access = ACCESS_RO, in TEST_F_FORK()
1622 /* Checks allowed access. */ in TEST_F_FORK()
1626 rules[0].access = LANDLOCK_ACCESS_FS_READ_FILE; in TEST_F_FORK()
1632 /* Checks denied access (on a directory). */ in TEST_F_FORK()
1642 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1652 /* Checks denied access (on a directory). */ in TEST_F_FORK()
1662 .access = ACCESS_RO, in TEST_F_FORK()
1690 .access = ACCESS_RO, in TEST_F_FORK()
1713 .access = ACCESS_RO, in TEST_F_FORK()
1806 .access = ACCESS_RO, in TEST_F_FORK()
1810 .access = ACCESS_RO, in TEST_F_FORK()
1814 .access = ACCESS_RO, in TEST_F_FORK()
1852 .access = ACCESS_RO, in test_relative_path()
1859 .access = ACCESS_RO, in test_relative_path()
1863 .access = ACCESS_RO, in test_relative_path()
2049 .access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
2054 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
2166 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in TEST_F_FORK()
2173 .access = LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
2177 int ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in TEST_F_FORK()
2206 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in TEST_F_FORK()
2235 .access = LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
2239 .access = LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
2244 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
2317 .access = LANDLOCK_ACCESS_FS_REMOVE_DIR, in TEST_F_FORK()
2321 .access = LANDLOCK_ACCESS_FS_REMOVE_DIR, in TEST_F_FORK()
2326 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
2381 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
2385 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
2428 ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in refer_denied_by_default()
2443 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in refer_denied_by_default()
2462 .access = LANDLOCK_ACCESS_FS_REFER,
2471 .access = LANDLOCK_ACCESS_FS_EXECUTE,
2480 .access = LANDLOCK_ACCESS_FS_EXECUTE,
2488 * denying access (with MAKE_REG nor REMOVE).
2509 * denying access (with MAKE_REG nor REMOVE).
2570 .access = LANDLOCK_ACCESS_FS_REFER | in TEST_F_FORK()
2576 * access rights are already a superset of the in TEST_F_FORK()
2580 .access = LANDLOCK_ACCESS_FS_REFER | in TEST_F_FORK()
2607 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in TEST_F_FORK()
2611 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
2615 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
2619 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in TEST_F_FORK()
2665 * directory rename (because of the superset of access rights. in TEST_F_FORK()
2685 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in TEST_F_FORK()
2689 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
2693 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
2697 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in TEST_F_FORK()
2777 * directory rename (because of the superset of access rights). in TEST_F_FORK()
2785 * access rights tied to dir_s2d3. dir_s2d2 is missing one access right in TEST_F_FORK()
2830 .access = LANDLOCK_ACCESS_FS_REFER, in reparent_exdev_layers_enforce1()
2835 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in reparent_exdev_layers_enforce1()
2839 .access = LANDLOCK_ACCESS_FS_REFER, in reparent_exdev_layers_enforce1()
2843 .access = LANDLOCK_ACCESS_FS_MAKE_REG, in reparent_exdev_layers_enforce1()
2862 .access = LANDLOCK_ACCESS_FS_MAKE_DIR, in reparent_exdev_layers_enforce2()
2887 * because it doesn't inherit new access rights. in TEST_F_FORK()
2894 * gets a new inherited access rights (MAKE_REG), because MAKE_REG is in TEST_F_FORK()
2998 * because of access rights that would be inherited. in TEST_F_FORK()
3007 /* Checks with same access rights. */ in TEST_F_FORK()
3013 /* Checks with different (child-only) access rights. */ in TEST_F_FORK()
3023 * directory-related access rights is allowed, and at the same time in TEST_F_FORK()
3025 * grants less access rights is allowed too. in TEST_F_FORK()
3033 * more access rights than the current state and because file creation in TEST_F_FORK()
3061 /* Checks with different (child-only) access rights. */ in TEST_F_FORK()
3070 /* Checks with different (child-only) access rights. */ in TEST_F_FORK()
3130 .access = LANDLOCK_ACCESS_FS_REFER | in TEST_F_FORK()
3135 .access = LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
3139 .access = LANDLOCK_ACCESS_FS_REFER | in TEST_F_FORK()
3154 /* Access denied because of wrong/swapped remove file/dir. */ in TEST_F_FORK()
3166 /* Access allowed thanks to the matching rights. */ in TEST_F_FORK()
3192 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
3196 .access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
3200 .access = LANDLOCK_ACCESS_FS_MAKE_SOCK | in TEST_F_FORK()
3205 .access = LANDLOCK_ACCESS_FS_REFER | in TEST_F_FORK()
3211 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
3232 * access right. in TEST_F_FORK()
3238 * superset of access rights compared to dir_s1d2, because file1_s1d2 in TEST_F_FORK()
3239 * already has these access rights anyway. in TEST_F_FORK()
3247 * Moving dir_s1d3 beneath dir_s2d3 would grant it the MAKE_FIFO access in TEST_F_FORK()
3254 * of access rights compared to dir_s1d2, because dir_s1d3 already has in TEST_F_FORK()
3255 * these access rights anyway. in TEST_F_FORK()
3262 * will be denied because the new inherited access rights from dir_s1d2 in TEST_F_FORK()
3285 .access = LANDLOCK_ACCESS_FS_REMOVE_DIR, in TEST_F_FORK()
3290 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3322 .access = LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
3327 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3342 const __u64 access, const mode_t mode, in test_make_file() argument
3348 .access = access, in test_make_file()
3352 const int ruleset_fd = create_ruleset(_metadata, access, rules); in test_make_file()
3436 .access = LANDLOCK_ACCESS_FS_MAKE_SYM, in TEST_F_FORK()
3441 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3481 .access = LANDLOCK_ACCESS_FS_MAKE_DIR, in TEST_F_FORK()
3486 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3521 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
3564 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
3569 /* Limits read and write access to files tied to the filesystem. */ in TEST_F_FORK()
3571 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3581 /* Checks access to pipes through FD. */ in TEST_F_FORK()
3590 /* Checks write access to pipe through /proc/self/fd . */ in TEST_F_FORK()
3600 /* Checks read access to pipe through /proc/self/fd . */ in TEST_F_FORK()
3636 * (access type) confusion for this test. in test_creat()
3655 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
3659 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
3718 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
3724 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
3729 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
3734 .access = LANDLOCK_ACCESS_FS_TRUNCATE, in TEST_F_FORK()
3736 /* Implicitly: No access rights for file_none. */ in TEST_F_FORK()
3739 .access = LANDLOCK_ACCESS_FS_TRUNCATE, in TEST_F_FORK()
3743 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
3836 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
3844 .access = LANDLOCK_ACCESS_FS_TRUNCATE, in TEST_F_FORK()
3853 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
3972 .access = variant->allowed, in TEST_F_FORK()
4013 .access = variant->allowed, in TEST_F_FORK()
4408 .access = variant->allowed, in TEST_F_FORK()
4443 .access = variant->allowed, in TEST_F_FORK()
4488 .access = variant->allowed, in TEST_F_FORK()
4598 * Sets access right on parent directories of both source and in TEST_F_FORK()
4604 .access = ACCESS_RO, in TEST_F_FORK()
4608 .access = ACCESS_RW, in TEST_F_FORK()
4613 * Sets access rights on the same bind-mounted directories. The result in TEST_F_FORK()
4620 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
4624 .access = ACCESS_RW, in TEST_F_FORK()
4628 /* Only allow read-access to the s1d3 hierarchies. */ in TEST_F_FORK()
4632 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
4636 /* Removes all access rights. */ in TEST_F_FORK()
4640 .access = LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
4737 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F_FORK()
4741 .access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
5010 /* Sets access right on parent directories of both layers. */ in TEST_F_FORK()
5014 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5018 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5022 .access = ACCESS_RW, in TEST_F_FORK()
5029 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5033 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5037 .access = ACCESS_RW, in TEST_F_FORK()
5041 /* Sets access right on directories inside both layers. */ in TEST_F_FORK()
5045 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5049 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5053 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5057 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5061 .access = ACCESS_RW, in TEST_F_FORK()
5065 .access = ACCESS_RW, in TEST_F_FORK()
5069 .access = ACCESS_RW, in TEST_F_FORK()
5073 /* Tighten access rights to the files. */ in TEST_F_FORK()
5077 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5081 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5085 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5089 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5093 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5097 .access = LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
5101 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
5106 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
5111 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
5116 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
5121 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
5129 .access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
5174 * Checks that access rights are independent from the lower and upper in TEST_F_FORK()
5175 * layers: write access to upper files viewed through the merge point in TEST_F_FORK()
5176 * is still allowed, and write access to lower file viewed (and copied) in TEST_F_FORK()
5259 /* Only allowes access to the merge hierarchy. */ in TEST_F_FORK()
5445 .access = LANDLOCK_ACCESS_FS_READ_FILE, in layer3_fs_tag_inode()
5479 /* Checks with Landlock and forbidden access. */ in layer3_fs_tag_inode()
5516 .access = LANDLOCK_ACCESS_FS_READ_DIR, in TEST_F_FORK()
5554 /* Checks that access to the new mount point is denied. */ in TEST_F_FORK()
5660 EXPECT_EQ(0, records.access); in TEST_F()
5665 * Using a set of handled/denied access rights make it possible to check that
5713 EXPECT_EQ(0, records.access); in TEST_F()
5730 EXPECT_EQ(0, records.access); in TEST_F()
5747 EXPECT_EQ(0, records.access); in TEST_F()
5764 EXPECT_EQ(0, records.access); in TEST_F()
5790 EXPECT_EQ(0, records.access); in TEST_F()
5808 EXPECT_EQ(0, records.access); in TEST_F()
5828 EXPECT_EQ(0, records.access); in TEST_F()
5848 EXPECT_EQ(0, records.access); in TEST_F()
5868 EXPECT_EQ(0, records.access); in TEST_F()
5888 EXPECT_EQ(0, records.access); in TEST_F()
5908 EXPECT_EQ(0, records.access); in TEST_F()
5928 EXPECT_EQ(0, records.access); in TEST_F()
5948 EXPECT_EQ(0, records.access); in TEST_F()
5973 EXPECT_EQ(0, records.access); in TEST_F()
5998 EXPECT_EQ(0, records.access); in TEST_F()
6020 EXPECT_EQ(0, records.access); in TEST_F()
6047 EXPECT_EQ(0, records.access); in TEST_F()
6058 * ("landlock: Align partial refer access checks with final ones").
6066 .access = LANDLOCK_ACCESS_FS_REFER, in TEST_F()
6085 EXPECT_EQ(0, records.access); in TEST_F()
6103 EXPECT_EQ(0, records.access); in TEST_F()
6127 EXPECT_EQ(0, records.access); in TEST_F()
6148 EXPECT_EQ(0, records.access); in TEST_F()