Linux/tools/testing/selftests/landlock/scoped_base

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

1 /* SPDX-License-Identifier: GPL-2.0 */ 1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 2 /* 3 * Landlock scoped_domains variants 3 * Landlock scoped_domains variants 4 * 4 * 5 * See the hierarchy variants from ptrace_test 5 * See the hierarchy variants from ptrace_test.c 6 * 6 * 7 * Copyright © 2017-2020 Mickaël Salaün <mi 7 * Copyright © 2017-2020 Mickaël Salaün <mic@digikod.net> 8 * Copyright © 2019-2020 ANSSI 8 * Copyright © 2019-2020 ANSSI 9 * Copyright © 2024 Tahera Fahimi <fahimitahe 9 * Copyright © 2024 Tahera Fahimi <fahimitahera@gmail.com> 10 */ 10 */ 11 11 12 /* clang-format on */ 12 /* clang-format on */ 13 FIXTURE_VARIANT(scoped_domains) 13 FIXTURE_VARIANT(scoped_domains) 14 { 14 { 15 bool domain_both; 15 bool domain_both; 16 bool domain_parent; 16 bool domain_parent; 17 bool domain_child; 17 bool domain_child; 18 }; 18 }; 19 19 20 /* 20 /* 21 * No domain 21 * No domain 22 * 22 * 23 * P1-. P1 -> P2 : allow 23 * P1-. P1 -> P2 : allow 24 * \ P2 -> P1 : allow 24 * \ P2 -> P1 : allow 25 * 'P2 25 * 'P2 26 */ 26 */ 27 /* clang-format off */ 27 /* clang-format off */ 28 FIXTURE_VARIANT_ADD(scoped_domains, without_do 28 FIXTURE_VARIANT_ADD(scoped_domains, without_domain) { 29 /* clang-format on */ 29 /* clang-format on */ 30 .domain_both = false, 30 .domain_both = false, 31 .domain_parent = false, 31 .domain_parent = false, 32 .domain_child = false, 32 .domain_child = false, 33 }; 33 }; 34 34 35 /* 35 /* 36 * Child domain 36 * Child domain 37 * 37 * 38 * P1--. P1 -> P2 : allow 38 * P1--. P1 -> P2 : allow 39 * \ P2 -> P1 : deny 39 * \ P2 -> P1 : deny 40 * .'-----. 40 * .'-----. 41 * | P2 | 41 * | P2 | 42 * '------' 42 * '------' 43 */ 43 */ 44 /* clang-format off */ 44 /* clang-format off */ 45 FIXTURE_VARIANT_ADD(scoped_domains, child_doma 45 FIXTURE_VARIANT_ADD(scoped_domains, child_domain) { 46 /* clang-format on */ 46 /* clang-format on */ 47 .domain_both = false, 47 .domain_both = false, 48 .domain_parent = false, 48 .domain_parent = false, 49 .domain_child = true, 49 .domain_child = true, 50 }; 50 }; 51 51 52 /* 52 /* 53 * Parent domain 53 * Parent domain 54 * .------. 54 * .------. 55 * | P1 --. P1 -> P2 : deny 55 * | P1 --. P1 -> P2 : deny 56 * '------' \ P2 -> P1 : allow 56 * '------' \ P2 -> P1 : allow 57 * ' 57 * ' 58 * P2 58 * P2 59 */ 59 */ 60 /* clang-format off */ 60 /* clang-format off */ 61 FIXTURE_VARIANT_ADD(scoped_domains, parent_dom 61 FIXTURE_VARIANT_ADD(scoped_domains, parent_domain) { 62 /* clang-format on */ 62 /* clang-format on */ 63 .domain_both = false, 63 .domain_both = false, 64 .domain_parent = true, 64 .domain_parent = true, 65 .domain_child = false, 65 .domain_child = false, 66 }; 66 }; 67 67 68 /* 68 /* 69 * Parent + child domain (siblings) 69 * Parent + child domain (siblings) 70 * .------. 70 * .------. 71 * | P1 ---. P1 -> P2 : deny 71 * | P1 ---. P1 -> P2 : deny 72 * '------' \ P2 -> P1 : deny 72 * '------' \ P2 -> P1 : deny 73 * .---'--. 73 * .---'--. 74 * | P2 | 74 * | P2 | 75 * '------' 75 * '------' 76 */ 76 */ 77 /* clang-format off */ 77 /* clang-format off */ 78 FIXTURE_VARIANT_ADD(scoped_domains, sibling_do 78 FIXTURE_VARIANT_ADD(scoped_domains, sibling_domain) { 79 /* clang-format on */ 79 /* clang-format on */ 80 .domain_both = false, 80 .domain_both = false, 81 .domain_parent = true, 81 .domain_parent = true, 82 .domain_child = true, 82 .domain_child = true, 83 }; 83 }; 84 84 85 /* 85 /* 86 * Same domain (inherited) 86 * Same domain (inherited) 87 * .-------------. 87 * .-------------. 88 * | P1----. | P1 -> P2 : allow 88 * | P1----. | P1 -> P2 : allow 89 * | \ | P2 -> P1 : allow 89 * | \ | P2 -> P1 : allow 90 * | ' | 90 * | ' | 91 * | P2 | 91 * | P2 | 92 * '-------------' 92 * '-------------' 93 */ 93 */ 94 /* clang-format off */ 94 /* clang-format off */ 95 FIXTURE_VARIANT_ADD(scoped_domains, inherited_ 95 FIXTURE_VARIANT_ADD(scoped_domains, inherited_domain) { 96 /* clang-format on */ 96 /* clang-format on */ 97 .domain_both = true, 97 .domain_both = true, 98 .domain_parent = false, 98 .domain_parent = false, 99 .domain_child = false, 99 .domain_child = false, 100 }; 100 }; 101 101 102 /* 102 /* 103 * Inherited + child domain 103 * Inherited + child domain 104 * .-----------------. 104 * .-----------------. 105 * | P1----. | P1 -> P2 : allow 105 * | P1----. | P1 -> P2 : allow 106 * | \ | P2 -> P1 : deny 106 * | \ | P2 -> P1 : deny 107 * | .-'----. | 107 * | .-'----. | 108 * | | P2 | | 108 * | | P2 | | 109 * | '------' | 109 * | '------' | 110 * '-----------------' 110 * '-----------------' 111 */ 111 */ 112 /* clang-format off */ 112 /* clang-format off */ 113 FIXTURE_VARIANT_ADD(scoped_domains, nested_dom 113 FIXTURE_VARIANT_ADD(scoped_domains, nested_domain) { 114 /* clang-format on */ 114 /* clang-format on */ 115 .domain_both = true, 115 .domain_both = true, 116 .domain_parent = false, 116 .domain_parent = false, 117 .domain_child = true, 117 .domain_child = true, 118 }; 118 }; 119 119 120 /* 120 /* 121 * Inherited + parent domain 121 * Inherited + parent domain 122 * .-----------------. 122 * .-----------------. 123 * |.------. | P1 -> P2 : deny 123 * |.------. | P1 -> P2 : deny 124 * || P1 ----. | P2 -> P1 : allow 124 * || P1 ----. | P2 -> P1 : allow 125 * |'------' \ | 125 * |'------' \ | 126 * | ' | 126 * | ' | 127 * | P2 | 127 * | P2 | 128 * '-----------------' 128 * '-----------------' 129 */ 129 */ 130 /* clang-format off */ 130 /* clang-format off */ 131 FIXTURE_VARIANT_ADD(scoped_domains, nested_and 131 FIXTURE_VARIANT_ADD(scoped_domains, nested_and_parent_domain) { 132 /* clang-format on */ 132 /* clang-format on */ 133 .domain_both = true, 133 .domain_both = true, 134 .domain_parent = true, 134 .domain_parent = true, 135 .domain_child = false, 135 .domain_child = false, 136 }; 136 }; 137 137 138 /* 138 /* 139 * Inherited + parent and child domain 139 * Inherited + parent and child domain (siblings) 140 * .-----------------. 140 * .-----------------. 141 * | .------. | P1 -> P2 : deny 141 * | .------. | P1 -> P2 : deny 142 * | | P1 . | P2 -> P1 : deny 142 * | | P1 . | P2 -> P1 : deny 143 * | '------'\ | 143 * | '------'\ | 144 * | \ | 144 * | \ | 145 * | .--'---. | 145 * | .--'---. | 146 * | | P2 | | 146 * | | P2 | | 147 * | '------' | 147 * | '------' | 148 * '-----------------' 148 * '-----------------' 149 */ 149 */ 150 /* clang-format off */ 150 /* clang-format off */ 151 FIXTURE_VARIANT_ADD(scoped_domains, forked_dom 151 FIXTURE_VARIANT_ADD(scoped_domains, forked_domains) { 152 /* clang-format on */ 152 /* clang-format on */ 153 .domain_both = true, 153 .domain_both = true, 154 .domain_parent = true, 154 .domain_parent = true, 155 .domain_child = true, 155 .domain_child = true, 156 }; 156 }; 157 157

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

TOMOYO Linux Cross Reference
Linux/tools/testing/selftests/landlock/scoped_base_variants.h

Diff markup

Differences between /tools/testing/selftests/landlock/scoped_base_variants.h (Architecture i386) and /tools/testing/selftests/landlock/scoped_base_variants.h (Architecture mips)

TOMOYO Linux Cross Reference Linux/tools/testing/selftests/landlock/scoped_base_variants.h

Diff markup

Differences between /tools/testing/selftests/landlock/scoped_base_variants.h (Architecture i386) and /tools/testing/selftests/landlock/scoped_base_variants.h (Architecture mips)

TOMOYO Linux Cross Reference
Linux/tools/testing/selftests/landlock/scoped_base_variants.h