| /linux/certs/ |
| H A D | system_keyring.c | 36 * restrict_link_by_builtin_trusted - Restrict keyring addition by built-in CA
42 * Restrict the addition of keys into a keyring based on the key-to-be-added
55 * restrict_link_by_digsig_builtin - Restrict digitalSignature key additions by the built-in keyring
61 * Restrict the addition of keys into a keyring based on the key-to-be-added
76 * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring
83 * Restrict the addition of keys into a keyring based on the key-to-be-added
107 * restrict_link_by_digsig_builtin_and_secondary - Restrict by digitalSignature.
113 * Restrict the addition of keys into a keyring based on the key-to-be-added
196 * restrict_link_by_builtin_secondary_and_machine - Restrict keyring addition.
202 * Restrict the addition of keys into a keyring based on the key-to-be-added
|
| /linux/tools/testing/selftests/bpf/progs/ |
| H A D | btf_dump_test_case_syntax.c | 67 … we_need_to_go_deeper_ptr_t * restrict * volatile * const * restrict volatile * restrict const * v…
226 void * restrict g;
|
| /linux/Documentation/userspace-api/ |
| H A D | landlock.rst | 19 any process, including unprivileged ones, to securely restrict themselves.
33 perform. A set of rules is aggregated in a ruleset, which can then restrict
200 similar backwards compatibility check is needed for the restrict flags
228 The next step is to restrict the current thread from gaining more privileges
236 perror("Failed to restrict privileges");
308 be tied, either via the source or the destination path. These rules restrict
309 access when they are encountered on a path, which means that they can restrict
320 OverlayFS layer will not restrict the resulted merged hierarchy, and vice versa.
353 Similar to the implicit `Ptrace restrictions`_, we may want to further restrict
355 Landlock domain can restrict th
[all...] |
| /linux/include/uapi/linux/ |
| H A D | landlock.h | 220 * These flags enable to restrict a sandboxed process to a set of actions on
334 * It is currently not possible to restrict some file-related actions
339 * Future Landlock evolutions will enable to restrict them.
367 * These flags enable to restrict a sandboxed process to a set of network
396 * - %LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET: Restrict a sandboxed process from
399 * - %LANDLOCK_SCOPE_SIGNAL: Restrict a sandboxed process from sending a signal
|
| H A D | btf.h | 58 * "type" is used by PTR, TYPEDEF, VOLATILE, CONST, RESTRICT,
84 BTF_KIND_RESTRICT = 11, /* Restrict */
|
| H A D | tiocl.h | 33 #define TIOCL_SETKMSGREDIRECT 11 /* restrict kernel messages to a vt */
|
| /linux/crypto/asymmetric_keys/ |
| H A D | restrict.c | 57 * restrict_link_by_signature - Restrict additions to a ring of public keys
119 * restrict_link_by_ca - Restrict additions to a ring of CA keys
159 * restrict_link_by_digsig - Restrict additions to a ring of digsig keys
314 * restrict_link_by_key_or_keyring - Restrict additions to a ring of public
341 * restrict_link_by_key_or_keyring_chain - Restrict additions to a ring of
|
| H A D | Makefile | 10 restrict.o \
|
| /linux/scripts/genksyms/ |
| H A D | keywords.c | 30 // According to rth, c99 defines "_Bool", "__restrict", "__restrict__", "restrict". KAO
34 { "restrict", RESTRICT_KEYW },
|
| /linux/Documentation/crypto/ |
| H A D | asymmetric-keys.rst | 338 1) Restrict using the kernel builtin trusted keyring
348 2) Restrict using the kernel builtin and secondary trusted keyrings
359 3) Restrict using a separate key or keyring
383 # Create and restrict a keyring for the certificate chain
404 # Restrict the keyring that already has root1.cert linked. The cert
|
| /linux/Documentation/devicetree/bindings/leds/ |
| H A D | richtek,rt8515.yaml | 64 the device tree, you can further restrict the maximum
76 the device tree, you can further restrict the maximum
|
| /linux/tools/testing/selftests/bpf/prog_tests/ |
| H A D | btf_write.c | 54 /* PTR/CONST/VOLATILE/RESTRICT */ in gen_btf()
63 id = btf__add_const(btf, 5); /* points forward to restrict */ in gen_btf()
85 "[5] RESTRICT '(anon)' type_id=4", "raw_dump"); in gen_btf()
371 "[5] RESTRICT '(anon)' type_id=4", in test_btf_add()
430 "[5] RESTRICT '(anon)' type_id=4", in test_btf_add_btf()
465 "[27] RESTRICT '(anon)' type_id=26", in test_btf_add_btf()
|
| H A D | btf_field_iter.c | 71 btf__add_restrict(btf, 3); /* [12] restrict int *; */ in test_btf_field_iter()
110 "[12] RESTRICT '(anon)' type_id=3", in test_btf_field_iter()
|
| H A D | btf_distill.c | 111 btf__add_restrict(btf2, 7); /* [21] restrict union (anon) */ in test_distilled_base()
115 btf__add_ptr(btf2, 11); /* [25] restrict enum64 (anon) */ in test_distilled_base()
161 "[21] RESTRICT '(anon)' type_id=7", in test_distilled_base()
195 "[11] RESTRICT '(anon)' type_id=21", in test_distilled_base()
260 "[21] RESTRICT '(anon)' type_id=31", in test_distilled_base()
|
| /linux/samples/landlock/ |
| H A D | sandboxer.c | 328 " - \"a\" to restrict opening abstract unix sockets\n"
329 " - \"s\" to restrict sending signals\n"
412 * should then fall back to not restrict themselves at all if in main()
524 perror("Failed to restrict privileges"); in main()
|
| /linux/tools/include/uapi/linux/ |
| H A D | btf.h | 58 * "type" is used by PTR, TYPEDEF, VOLATILE, CONST, RESTRICT,
84 BTF_KIND_RESTRICT = 11, /* Restrict */
|
| /linux/tools/build/feature/ |
| H A D | test-scandirat.c | 9 // expects non-NULL, arg3 is 'restrict' so "pointers" have to be different in main()
|
| /linux/security/safesetid/ |
| H A D | Kconfig | 9 restrict UID/GID transitions from a given UID/GID to only those
|
| /linux/Documentation/mm/ |
| H A D | numa.rst | 106 System administrators and application designers can restrict a task's migration
113 System administrators can restrict the CPUs and nodes' memories that a non-
|
| /linux/Documentation/devicetree/bindings/iommu/ |
| H A D | xen,grant-dma.yaml | 16 The binding is required to restrict memory access using Xen grant mappings.
|
| /linux/security/landlock/ |
| H A D | Kconfig | 9 Landlock is a sandboxing mechanism that enables processes to restrict
|
| /linux/drivers/sh/intc/ |
| H A D | irqdomain.c | 58 * restrict the linear case to these conditions here, taking the in intc_irq_domain_init()
|
| /linux/tools/testing/selftests/landlock/ |
| H A D | sandbox-and-launch.c | 52 perror("Failed to restrict self"); in main()
|
| /linux/net/netfilter/ |
| H A D | xt_CHECKSUM.c | 62 …pr_warn_once("CHECKSUM should be avoided. If really needed, restrict with \"-p udp\" and only use… in checksum_tg_check()
|
| /linux/Documentation/devicetree/bindings/bus/ |
| H A D | fsl,imx8mp-aipstz.yaml | 12 control configurations meant to restrict which peripherals a master can
|