Home
last modified time | relevance | path

Searched refs:allowed_access (Results 1 – 8 of 8) sorted by relevance

/linux/tools/testing/selftests/landlock/
H A Dnet_test.c650 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
655 .allowed_access = LANDLOCK_ACCESS_NET_CONNECT_TCP, in TEST_F()
700 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
705 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
744 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
835 .allowed_access = LANDLOCK_ACCESS_NET_CONNECT_TCP, in TEST_F()
1021 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
1160 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
1164 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
1236 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
[all …]
H A Dbase_test.c195 .allowed_access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST()
242 .allowed_access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST()
390 .allowed_access = LANDLOCK_ACCESS_FS_READ_DIR, in TEST()
H A Dfs_test.c478 .allowed_access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
535 path_beneath.allowed_access |= LANDLOCK_ACCESS_FS_EXECUTE; in TEST_F_FORK()
539 path_beneath.allowed_access &= ~LANDLOCK_ACCESS_FS_EXECUTE; in TEST_F_FORK()
542 path_beneath.allowed_access |= LANDLOCK_ACCESS_FS_REFER; in TEST_F_FORK()
546 path_beneath.allowed_access &= ~LANDLOCK_ACCESS_FS_REFER; in TEST_F_FORK()
549 path_beneath.allowed_access |= (1ULL << 60); in TEST_F_FORK()
553 path_beneath.allowed_access &= ~(1ULL << 60); in TEST_F_FORK()
556 path_beneath.allowed_access = 0; in TEST_F_FORK()
560 path_beneath.allowed_access &= ~(1ULL << 60); in TEST_F_FORK()
622 path_beneath_dir.allowed_access = access; in TEST_F_FORK()
[all …]
/linux/security/landlock/
H A Dsyscalls.c109 path_beneath_size = sizeof(path_beneath_attr.allowed_access); in build_check_abi()
114 net_port_size = sizeof(net_port_attr.allowed_access); in build_check_abi()
332 * Informs about useless rule: empty allowed_access (i.e. deny rules) in add_rule_path_beneath()
335 if (!path_beneath_attr.allowed_access) in add_rule_path_beneath()
338 /* Checks that allowed_access matches the @ruleset constraints. */ in add_rule_path_beneath()
340 if ((path_beneath_attr.allowed_access | mask) != mask) in add_rule_path_beneath()
350 path_beneath_attr.allowed_access); in add_rule_path_beneath()
368 * Informs about useless rule: empty allowed_access (i.e. deny rules) in add_rule_net_port()
371 if (!net_port_attr.allowed_access) in add_rule_net_port()
374 /* Checks that allowed_access matche in add_rule_net_port()
[all...]
H A Dfs.c1603 landlock_file(file)->allowed_access = LANDLOCK_MASK_ACCESS_FS; in hook_file_alloc_security()
1617 access_mask_t open_access_request, full_access_request, allowed_access, in hook_file_open() local
1649 allowed_access = full_access_request; in hook_file_open()
1656 allowed_access = full_access_request; in hook_file_open()
1658 allowed_access &= ~layer_masks.access[i]; in hook_file_open()
1667 landlock_file(file)->allowed_access = allowed_access; in hook_file_open()
1673 if (access_mask_subset(open_access_request, allowed_access)) in hook_file_open()
1694 if (landlock_file(file)->allowed_access & LANDLOCK_ACCESS_FS_TRUNCATE) in hook_file_truncate()
1715 access_mask_t allowed_access = landlock_file(file)->allowed_access; in hook_file_ioctl_common() local
1723 if (allowed_access & LANDLOCK_ACCESS_FS_IOCTL_DEV) in hook_file_ioctl_common()
H A Dfs.h53 * @allowed_access: Access rights that were available at the time of
58 access_mask_t allowed_access;
55 access_mask_t allowed_access; global() member
/linux/samples/landlock/
H A Dsandboxer.c119 const __u64 allowed_access) in populate_ruleset_fs() argument
165 path_beneath.allowed_access = allowed_access; in populate_ruleset_fs()
167 path_beneath.allowed_access &= ACCESS_FILE; in populate_ruleset_fs()
187 const __u64 allowed_access) in populate_ruleset_net() argument
192 .allowed_access = allowed_access, in populate_ruleset_net()
/linux/include/uapi/linux/
H A Dlandlock.h168 __u64 allowed_access; member
191 __u64 allowed_access; member