~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/landlock/fs.h

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /security/landlock/fs.h (Version linux-6.12-rc7) and /security/landlock/fs.h (Version linux-4.16.18)


  1 /* SPDX-License-Identifier: GPL-2.0-only */         1 
  2 /*                                                
  3  * Landlock LSM - Filesystem management and ho    
  4  *                                                
  5  * Copyright © 2017-2020 Mickaël Salaün <mi    
  6  * Copyright © 2018-2020 ANSSI                   
  7  */                                               
  8                                                   
  9 #ifndef _SECURITY_LANDLOCK_FS_H                   
 10 #define _SECURITY_LANDLOCK_FS_H                   
 11                                                   
 12 #include <linux/fs.h>                             
 13 #include <linux/init.h>                           
 14 #include <linux/rcupdate.h>                       
 15                                                   
 16 #include "ruleset.h"                              
 17 #include "setup.h"                                
 18                                                   
 19 /**                                               
 20  * struct landlock_inode_security - Inode secu    
 21  *                                                
 22  * Enable to reference a &struct landlock_obje    
 23  * underlying object).                            
 24  */                                               
 25 struct landlock_inode_security {                  
 26         /**                                       
 27          * @object: Weak pointer to an allocat    
 28          * new object are protected by the und    
 29          * atomically disassociating @object f    
 30          * by @object->lock, from the time @ob    
 31          * zero to the time this pointer is nu    
 32          * hook_sb_delete()).  Indeed, such di    
 33          * inode->i_lock thanks to the careful    
 34          * performed by get_inode_object().       
 35          */                                       
 36         struct landlock_object __rcu *object;     
 37 };                                                
 38                                                   
 39 /**                                               
 40  * struct landlock_file_security - File securi    
 41  *                                                
 42  * This information is populated when opening     
 43  * tracks the relevant Landlock access rights     
 44  * of opening the file. Other LSM hooks use th    
 45  * operations on already opened files.            
 46  */                                               
 47 struct landlock_file_security {                   
 48         /**                                       
 49          * @allowed_access: Access rights that    
 50          * opening the file. This is not neces    
 51          * rights available at that time, but     
 52          * needed to authorize later operation    
 53          */                                       
 54         access_mask_t allowed_access;             
 55         /**                                       
 56          * @fown_domain: Domain of the task th    
 57          * signal e.g., SIGURG when writing MS    
 58          * This pointer is protected by the re    
 59          * fown_struct's members: pid, uid, an    
 60          */                                       
 61         struct landlock_ruleset *fown_domain;     
 62 };                                                
 63                                                   
 64 /**                                               
 65  * struct landlock_superblock_security - Super    
 66  *                                                
 67  * Enable hook_sb_delete() to wait for concurr    
 68  */                                               
 69 struct landlock_superblock_security {             
 70         /**                                       
 71          * @inode_refs: Number of pending inod    
 72          * are being released by release_inode    
 73          * Cf. struct super_block->s_fsnotify_    
 74          */                                       
 75         atomic_long_t inode_refs;                 
 76 };                                                
 77                                                   
 78 static inline struct landlock_file_security *     
 79 landlock_file(const struct file *const file)      
 80 {                                                 
 81         return file->f_security + landlock_blo    
 82 }                                                 
 83                                                   
 84 static inline struct landlock_inode_security *    
 85 landlock_inode(const struct inode *const inode    
 86 {                                                 
 87         return inode->i_security + landlock_bl    
 88 }                                                 
 89                                                   
 90 static inline struct landlock_superblock_secur    
 91 landlock_superblock(const struct super_block *    
 92 {                                                 
 93         return superblock->s_security + landlo    
 94 }                                                 
 95                                                   
 96 __init void landlock_add_fs_hooks(void);          
 97                                                   
 98 int landlock_append_fs_rule(struct landlock_ru    
 99                             const struct path     
100                             access_mask_t acce    
101                                                   
102 #endif /* _SECURITY_LANDLOCK_FS_H */              
103                                                   

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php