/linux/tools/testing/selftests/landlock/ |
A D | fs_test.c | 301 int ruleset_fd; in TEST_F_FORK() local 466 int ruleset_fd, i; in create_ruleset() local 488 return ruleset_fd; in create_ruleset() 492 const int ruleset_fd) in enforce_ruleset() argument 556 int ruleset_fd; in TEST_F_FORK() local 706 int ruleset_fd; in TEST_F_FORK() local 830 int ruleset_fd; in TEST_F_FORK() local 1097 int ruleset_fd; in TEST_F_FORK() local 1249 int ruleset_fd; in TEST_F_FORK() local 2198 int ruleset_fd; in TEST_F_FORK() local [all …]
|
A D | base_test.c | 117 const int ruleset_fd = landlock_create_ruleset(&ruleset_attr, in TEST() local 120 ASSERT_LE(0, ruleset_fd); in TEST() 123 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST() 126 ASSERT_EQ(0, close(ruleset_fd)); in TEST() 150 int ruleset_fd; in TEST() local 154 ruleset_fd = landlock_create_ruleset(&ruleset_attr, in TEST() 156 ASSERT_LE(0, ruleset_fd); in TEST() 158 ASSERT_EQ(-1, write(ruleset_fd, ".", 1)); in TEST() 160 ASSERT_EQ(-1, read(ruleset_fd, &buf, 1)); in TEST() 163 ASSERT_EQ(0, close(ruleset_fd)); in TEST()
|
A D | ptrace_test.c | 24 int ruleset_fd; in create_domain() local 29 ruleset_fd = landlock_create_ruleset(&ruleset_attr, in create_domain() 31 EXPECT_LE(0, ruleset_fd) { in create_domain() 35 EXPECT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in create_domain() 36 EXPECT_EQ(0, close(ruleset_fd)); in create_domain()
|
A D | common.h | 89 static inline int landlock_add_rule(const int ruleset_fd, in landlock_add_rule() argument 93 return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, in landlock_add_rule() 99 static inline int landlock_restrict_self(const int ruleset_fd, in landlock_restrict_self() argument 102 return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); in landlock_restrict_self()
|
/linux/samples/landlock/ |
A D | sandboxer.c | 34 static inline int landlock_add_rule(const int ruleset_fd, in landlock_add_rule() argument 38 return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, in landlock_add_rule() 44 static inline int landlock_restrict_self(const int ruleset_fd, in landlock_restrict_self() argument 79 const char *const env_var, const int ruleset_fd, in populate_ruleset() argument 162 int ruleset_fd; in main() local 187 if (ruleset_fd < 0) { in main() 208 if (populate_ruleset(ENV_FS_RO_NAME, ruleset_fd, in main() 212 if (populate_ruleset(ENV_FS_RW_NAME, ruleset_fd, in main() 220 if (landlock_restrict_self(ruleset_fd, 0)) { in main() 224 close(ruleset_fd); in main() [all …]
|
/linux/security/landlock/ |
A D | syscalls.c | 162 int err, ruleset_fd; in SYSCALL_DEFINE3() local 195 ruleset_fd = anon_inode_getfd("landlock-ruleset", &ruleset_fops, in SYSCALL_DEFINE3() 197 if (ruleset_fd < 0) in SYSCALL_DEFINE3() 199 return ruleset_fd; in SYSCALL_DEFINE3() 305 const int, ruleset_fd, const enum landlock_rule_type, rule_type, in SYSCALL_DEFINE4() argument 330 ruleset = get_ruleset_from_fd(ruleset_fd, FMODE_CAN_WRITE); in SYSCALL_DEFINE4() 393 const int, ruleset_fd, const __u32, flags) in SYSCALL_DEFINE2() argument 416 ruleset = get_ruleset_from_fd(ruleset_fd, FMODE_CAN_READ); in SYSCALL_DEFINE2()
|
/linux/Documentation/userspace-api/ |
A D | landlock.rst | 39 int ruleset_fd; 57 ruleset_fd = landlock_create_ruleset(&ruleset_attr, sizeof(ruleset_attr), 0); 58 if (ruleset_fd < 0) { 83 close(ruleset_fd); 86 err = landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, 91 close(ruleset_fd); 104 close(ruleset_fd); 112 if (landlock_restrict_self(ruleset_fd, 0)) { 114 close(ruleset_fd); 117 close(ruleset_fd);
|
/linux/include/linux/ |
A D | syscalls.h | 1056 asmlinkage long sys_landlock_add_rule(int ruleset_fd, enum landlock_rule_type rule_type, 1058 asmlinkage long sys_landlock_restrict_self(int ruleset_fd, __u32 flags);
|