Linux/security/landlock/object.h

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

1 /* SPDX-License-Identifier: GPL-2.0-only */ 1 2 /* 3 * Landlock LSM - Object management 4 * 5 * Copyright © 2016-2020 Mickaël Salaün <mi 6 * Copyright © 2018-2020 ANSSI 7 */ 8 9 #ifndef _SECURITY_LANDLOCK_OBJECT_H 10 #define _SECURITY_LANDLOCK_OBJECT_H 11 12 #include <linux/compiler_types.h> 13 #include <linux/refcount.h> 14 #include <linux/spinlock.h> 15 16 struct landlock_object; 17 18 /** 19 * struct landlock_object_underops - Operation 20 */ 21 struct landlock_object_underops { 22 /** 23 * @release: Releases the underlying o 24 */ 25 void (*release)(struct landlock_object 26 __releases(object->lock); 27 }; 28 29 /** 30 * struct landlock_object - Security blob tied 31 * 32 * The goal of this structure is to enable to 33 * rights (pertaining to different domains) to 34 * in a safe way. This implies to handle conc 35 * 36 * The lifetime of a &struct landlock_object d 37 * it. 38 */ 39 struct landlock_object { 40 /** 41 * @usage: This counter is used to tie 42 * it or to keep it alive while adding 43 * reaches zero, this struct must not 44 * still be read from within an RCU re 45 * adding a new rule to an object with 46 * wait until the pointer to this obje 47 */ 48 refcount_t usage; 49 /** 50 * @lock: Protects against concurrent 51 * held from the time @usage drops to 52 * from @underobj to this object have 53 * 54 * Lock ordering: inode->i_lock nests 55 */ 56 spinlock_t lock; 57 /** 58 * @underobj: Used when cleaning up an 59 * tied to its underlying kernel struc 60 * by @lock. Cf. landlock_release_ino 61 */ 62 void *underobj; 63 union { 64 /** 65 * @rcu_free: Enables lockless 66 * @underobj from within an RC 67 * @rcu_free and @underops are 68 * landlock_put_object(). 69 */ 70 struct rcu_head rcu_free; 71 /** 72 * @underops: Enables landlock 73 * underlying object (e.g. ino 74 */ 75 const struct landlock_object_u 76 }; 77 }; 78 79 struct landlock_object * 80 landlock_create_object(const struct landlock_o 81 void *const underobj); 82 83 void landlock_put_object(struct landlock_objec 84 85 static inline void landlock_get_object(struct 86 { 87 if (object) 88 refcount_inc(&object->usage); 89 } 90 91 #endif /* _SECURITY_LANDLOCK_OBJECT_H */ 92

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference
Linux/security/landlock/object.h

Diff markup

Differences between /security/landlock/object.h (Version linux-6.12-rc7) and /security/landlock/object.h (Version linux-5.2.21)

TOMOYO Linux Cross Reference Linux/security/landlock/object.h

Diff markup

Differences between /security/landlock/object.h (Version linux-6.12-rc7) and /security/landlock/object.h (Version linux-5.2.21)

TOMOYO Linux Cross Reference
Linux/security/landlock/object.h