~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/landlock/object.h

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~ 
  1 /* SPDX-License-Identifier: GPL-2.0-only */
  2 /*
  3  * Landlock LSM - Object management
  4  *
  5  * Copyright © 2016-2020 Mickaël Salaün <mic@digikod.net>
  6  * Copyright © 2018-2020 ANSSI
  7  */
  8 
  9 #ifndef _SECURITY_LANDLOCK_OBJECT_H
 10 #define _SECURITY_LANDLOCK_OBJECT_H
 11 
 12 #include <linux/compiler_types.h>
 13 #include <linux/refcount.h>
 14 #include <linux/spinlock.h>
 15 
 16 struct landlock_object;
 17 
 18 /**
 19  * struct landlock_object_underops - Operations on an underlying object
 20  */
 21 struct landlock_object_underops {
 22         /**
 23          * @release: Releases the underlying object (e.g. iput() for an inode).
 24          */
 25         void (*release)(struct landlock_object *const object)
 26                 __releases(object->lock);
 27 };
 28 
 29 /**
 30  * struct landlock_object - Security blob tied to a kernel object
 31  *
 32  * The goal of this structure is to enable to tie a set of ephemeral access
 33  * rights (pertaining to different domains) to a kernel object (e.g an inode)
 34  * in a safe way.  This implies to handle concurrent use and modification.
 35  *
 36  * The lifetime of a &struct landlock_object depends on the rules referring to
 37  * it.
 38  */
 39 struct landlock_object {
 40         /**
 41          * @usage: This counter is used to tie an object to the rules matching
 42          * it or to keep it alive while adding a new rule.  If this counter
 43          * reaches zero, this struct must not be modified, but this counter can
 44          * still be read from within an RCU read-side critical section.  When
 45          * adding a new rule to an object with a usage counter of zero, we must
 46          * wait until the pointer to this object is set to NULL (or recycled).
 47          */
 48         refcount_t usage;
 49         /**
 50          * @lock: Protects against concurrent modifications.  This lock must be
 51          * held from the time @usage drops to zero until any weak references
 52          * from @underobj to this object have been cleaned up.
 53          *
 54          * Lock ordering: inode->i_lock nests inside this.
 55          */
 56         spinlock_t lock;
 57         /**
 58          * @underobj: Used when cleaning up an object and to mark an object as
 59          * tied to its underlying kernel structure.  This pointer is protected
 60          * by @lock.  Cf. landlock_release_inodes() and release_inode().
 61          */
 62         void *underobj;
 63         union {
 64                 /**
 65                  * @rcu_free: Enables lockless use of @usage, @lock and
 66                  * @underobj from within an RCU read-side critical section.
 67                  * @rcu_free and @underops are only used by
 68                  * landlock_put_object().
 69                  */
 70                 struct rcu_head rcu_free;
 71                 /**
 72                  * @underops: Enables landlock_put_object() to release the
 73                  * underlying object (e.g. inode).
 74                  */
 75                 const struct landlock_object_underops *underops;
 76         };
 77 };
 78 
 79 struct landlock_object *
 80 landlock_create_object(const struct landlock_object_underops *const underops,
 81                        void *const underobj);
 82 
 83 void landlock_put_object(struct landlock_object *const object);
 84 
 85 static inline void landlock_get_object(struct landlock_object *const object)
 86 {
 87         if (object)
 88                 refcount_inc(&object->usage);
 89 }
 90 
 91 #endif /* _SECURITY_LANDLOCK_OBJECT_H */
 92
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php