Home
last modified time | relevance | path

Searched refs:ruleset_fd (Results 1 – 14 of 14) sorted by relevance

/linux/tools/testing/selftests/landlock/
H A Dnet_test.c658 int ruleset_fd; in TEST_F() local
660 ruleset_fd = landlock_create_ruleset(&ruleset_attr, in TEST_F()
662 ASSERT_LE(0, ruleset_fd); in TEST_F()
666 landlock_add_rule(ruleset_fd, LANDLOCK_RULE_NET_PORT, in TEST_F()
671 landlock_add_rule(ruleset_fd, LANDLOCK_RULE_NET_PORT, in TEST_F()
674 enforce_ruleset(_metadata, ruleset_fd); in TEST_F()
675 EXPECT_EQ(0, close(ruleset_fd)); in TEST_F()
708 int ruleset_fd; in TEST_F() local
710 ruleset_fd = landlock_create_ruleset(&ruleset_attr, in TEST_F()
712 ASSERT_LE(0, ruleset_fd); in TEST_F()
[all …]
H A Dfs_test.c486 int ruleset_fd; in TEST_F_FORK() local
492 ruleset_fd = open(dir_s1d1, O_PATH | O_DIRECTORY | O_CLOEXEC); in TEST_F_FORK()
493 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
494 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
498 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
500 ruleset_fd = open(dir_s1d1, O_DIRECTORY | O_CLOEXEC); in TEST_F_FORK()
501 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
502 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
506 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
509 ruleset_fd = in TEST_F_FORK()
[all …]
H A Dbase_test.c150 int ruleset_fd; in TEST()
182 ruleset_fd = in TEST()
184 ASSERT_LE(0, ruleset_fd); in TEST()
185 ASSERT_EQ(0, close(ruleset_fd)); in TEST()
198 const int ruleset_fd = in TEST()
201 ASSERT_LE(0, ruleset_fd); in TEST() local
212 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, 0, NULL, 0)); in TEST()
216 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST()
221 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST()
229 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEAT in TEST()
106 int ruleset_fd; TEST() local
154 const int ruleset_fd = TEST() local
241 int ruleset_fd; TEST() local
335 int ruleset_fd, dir_fd; TEST() local
[all...]
H A Dscoped_common.h15 int ruleset_fd; in create_scoped_domain() local
20 ruleset_fd = in create_scoped_domain()
22 ASSERT_LE(0, ruleset_fd) in create_scoped_domain()
26 enforce_ruleset(_metadata, ruleset_fd); in create_scoped_domain()
27 EXPECT_EQ(0, close(ruleset_fd)); in create_scoped_domain()
H A Dsandbox-and-launch.c24 int pipe_child, pipe_parent, ruleset_fd; in main() local
39 ruleset_fd = in main()
41 if (ruleset_fd < 0) { in main()
51 if (landlock_restrict_self(ruleset_fd, 0)) { in main()
56 if (close(ruleset_fd)) { in main()
H A Daudit_test.c78 int status, ruleset_fd, i; in TEST_F() local
88 ruleset_fd = in TEST_F()
90 ASSERT_LE(0, ruleset_fd); in TEST_F()
100 EXPECT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in TEST_F()
122 EXPECT_EQ(-1, landlock_restrict_self(ruleset_fd, 0)); in TEST_F()
159 EXPECT_EQ(0, close(ruleset_fd)); in TEST_F()
164 int ruleset_fd, pipe_child, pipe_parent; member
179 if (landlock_restrict_self(data->ruleset_fd, 0)) { in thread_audit_test()
184 if (close(data->ruleset_fd)) { in thread_audit_test()
237 child_data.ruleset_fd = in TEST_F()
[all …]
H A Dwrappers.h26 static inline int landlock_add_rule(const int ruleset_fd, in landlock_add_rule() argument
31 return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, in landlock_add_rule()
37 static inline int landlock_restrict_self(const int ruleset_fd, in landlock_restrict_self() argument
40 return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); in landlock_restrict_self()
H A Dcommon.h198 enforce_ruleset(struct __test_metadata *const _metadata, const int ruleset_fd) in enforce_ruleset() argument
201 ASSERT_EQ(0, landlock_restrict_self(ruleset_fd, 0)) in enforce_ruleset()
211 int ruleset_fd; in drop_access_rights() local
213 ruleset_fd = in drop_access_rights()
215 EXPECT_LE(0, ruleset_fd) in drop_access_rights()
219 enforce_ruleset(_metadata, ruleset_fd); in drop_access_rights()
220 EXPECT_EQ(0, close(ruleset_fd)); in drop_access_rights()
H A Dptrace_test.c30 int ruleset_fd; in create_domain() local
35 ruleset_fd = in create_domain()
37 EXPECT_LE(0, ruleset_fd) in create_domain()
42 EXPECT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in create_domain()
43 EXPECT_EQ(0, close(ruleset_fd)); in create_domain()
H A Dscoped_abstract_unix_test.c32 int ruleset_fd; in create_fs_domain() local
37 ruleset_fd = in create_fs_domain()
39 EXPECT_LE(0, ruleset_fd) in create_fs_domain()
44 EXPECT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in create_fs_domain()
45 EXPECT_EQ(0, close(ruleset_fd)); in create_fs_domain()
/linux/samples/landlock/
H A Dsandboxer.c41 static inline int landlock_add_rule(const int ruleset_fd, in landlock_add_rule() argument
46 return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, in landlock_add_rule()
52 static inline int landlock_restrict_self(const int ruleset_fd, in landlock_restrict_self() argument
55 return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); in landlock_restrict_self()
118 static int populate_ruleset_fs(const char *const env_var, const int ruleset_fd, in populate_ruleset_fs() argument
168 if (landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in populate_ruleset_fs()
186 static int populate_ruleset_net(const char *const env_var, const int ruleset_fd, in populate_ruleset_net() argument
214 if (landlock_add_rule(ruleset_fd, LANDLOCK_RULE_NET_PORT, in populate_ruleset_net()
349 int ruleset_fd, abi; in main() local
493 ruleset_fd = in main()
[all …]
/linux/security/landlock/
H A Dsyscalls.c201 int err, ruleset_fd; in SYSCALL_DEFINE3() local
252 ruleset_fd = anon_inode_getfd("[landlock-ruleset]", &ruleset_fops, in SYSCALL_DEFINE3()
254 if (ruleset_fd < 0) in SYSCALL_DEFINE3()
256 return ruleset_fd; in SYSCALL_DEFINE3()
418 SYSCALL_DEFINE4(landlock_add_rule, const int, ruleset_fd, in SYSCALL_DEFINE4() argument
432 ruleset = get_ruleset_from_fd(ruleset_fd, FMODE_CAN_WRITE); in SYSCALL_DEFINE4()
478 SYSCALL_DEFINE2(landlock_restrict_self, const int, ruleset_fd, const __u32, in SYSCALL_DEFINE2() argument
514 if (!(ruleset_fd == -1 && in SYSCALL_DEFINE2()
517 ruleset = get_ruleset_from_fd(ruleset_fd, FMODE_CAN_READ); in SYSCALL_DEFINE2()
/linux/Documentation/userspace-api/
H A Dlandlock.rst136 int ruleset_fd;
138 ruleset_fd = landlock_create_ruleset(&ruleset_attr, sizeof(ruleset_attr), 0);
139 if (ruleset_fd < 0) {
164 close(ruleset_fd);
167 err = landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH,
172 close(ruleset_fd);
191 err = landlock_add_rule(ruleset_fd, LANDLOCK_RULE_NET_PORT,
203 close(ruleset_fd);
211 if (landlock_restrict_self(ruleset_fd, 0)) {
213 close(ruleset_fd);
[all …]
/linux/include/linux/
H A Dsyscalls.h986 asmlinkage long sys_landlock_add_rule(int ruleset_fd, enum landlock_rule_type rule_type,
988 asmlinkage long sys_landlock_restrict_self(int ruleset_fd, __u32 flags);