Searched refs:allowed_access (Results 1 – 8 of 8) sorted by relevance
| /linux/tools/testing/selftests/landlock/ |
| H A D | net_test.c | 650 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
655 .allowed_access = LANDLOCK_ACCESS_NET_CONNECT_TCP, in TEST_F()
700 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
705 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
744 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
835 .allowed_access = LANDLOCK_ACCESS_NET_CONNECT_TCP, in TEST_F()
1021 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
1160 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP, in TEST_F()
1164 .allowed_access = LANDLOCK_ACCESS_NET_BIND_TCP | in TEST_F()
1236 .allowed_access in TEST_F()
[all...] |
| H A D | base_test.c | 195 .allowed_access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST()
242 .allowed_access = LANDLOCK_ACCESS_FS_EXECUTE, in TEST()
390 .allowed_access = LANDLOCK_ACCESS_FS_READ_DIR, in TEST()
|
| H A D | fs_test.c | 479 .allowed_access = LANDLOCK_ACCESS_FS_READ_FILE | in TEST_F_FORK()
530 /* Checks unhandled allowed_access. */ in TEST_F_FORK()
536 path_beneath.allowed_access |= LANDLOCK_ACCESS_FS_EXECUTE; in TEST_F_FORK()
540 path_beneath.allowed_access &= ~LANDLOCK_ACCESS_FS_EXECUTE; in TEST_F_FORK()
543 path_beneath.allowed_access |= LANDLOCK_ACCESS_FS_REFER; in TEST_F_FORK()
547 path_beneath.allowed_access &= ~LANDLOCK_ACCESS_FS_REFER; in TEST_F_FORK()
550 path_beneath.allowed_access |= (1ULL << 60); in TEST_F_FORK()
554 path_beneath.allowed_access &= ~(1ULL << 60); in TEST_F_FORK()
557 path_beneath.allowed_access = 0; in TEST_F_FORK()
561 path_beneath.allowed_access in TEST_F_FORK()
720 add_path_beneath(struct __test_metadata * const _metadata,const int ruleset_fd,const __u64 allowed_access,const char * const path) add_path_beneath() argument
[all...] |
| /linux/security/landlock/ |
| H A D | syscalls.c | 111 path_beneath_size = sizeof(path_beneath_attr.allowed_access); in build_check_abi()
116 net_port_size = sizeof(net_port_attr.allowed_access); in build_check_abi()
337 * Informs about useless rule: empty allowed_access (i.e. deny rules) in add_rule_path_beneath()
340 if (!path_beneath_attr.allowed_access) in add_rule_path_beneath()
343 /* Checks that allowed_access matches the @ruleset constraints. */ in add_rule_path_beneath()
345 if ((path_beneath_attr.allowed_access | mask) != mask) in add_rule_path_beneath()
355 path_beneath_attr.allowed_access); in add_rule_net_port()
373 * Informs about useless rule: empty allowed_access (i.e. deny rules) in add_rule_net_port()
376 if (!net_port_attr.allowed_access) in add_rule_net_port()
379 /* Checks that allowed_access matche in add_rule_net_port()
[all...] |
| H A D | fs.c | 1729 landlock_file(file)->allowed_access = LANDLOCK_MASK_ACCESS_FS; in hook_file_ioctl_common()
1743 access_mask_t open_access_request, full_access_request, allowed_access, in hook_file_ioctl_common()
1775 allowed_access = full_access_request; in control_current_fowner()
1782 allowed_access = full_access_request; in control_current_fowner()
1784 allowed_access &= ~layer_masks.access[i]; in control_current_fowner()
1793 landlock_file(file)->allowed_access = allowed_access; in hook_file_set_fowner()
1799 if (access_mask_subset(open_access_request, allowed_access)) in hook_file_set_fowner()
1820 if (landlock_file(file)->allowed_access & LANDLOCK_ACCESS_FS_TRUNCATE) in hook_file_free_security()
1841 access_mask_t allowed_access
1617 access_mask_t open_access_request, full_access_request, allowed_access, hook_file_open() local
1715 access_mask_t allowed_access = landlock_file(file)->allowed_access; hook_file_ioctl_common() local
[all...] |
| H A D | fs.h | 53 * @allowed_access: Access rights that were available at the time of
58 access_mask_t allowed_access;
55 access_mask_t allowed_access; global() member
|
| /linux/samples/landlock/ |
| H A D | sandboxer.c | 120 const __u64 allowed_access) in populate_ruleset_fs() argument
166 path_beneath.allowed_access = allowed_access; in populate_ruleset_fs()
168 path_beneath.allowed_access &= ACCESS_FILE; in populate_ruleset_fs()
188 const __u64 allowed_access) in populate_ruleset_net() argument
193 .allowed_access = allowed_access, in populate_ruleset_net()
|
| /linux/Documentation/userspace-api/ |
| H A D | landlock.rst | 160 .allowed_access =
184 ``allowed_access`` rights are already available in ABI 1.
192 .allowed_access = LANDLOCK_ACCESS_NET_CONNECT_TCP,
|