OSCL-LXR linux-6.0.1/​security/​landlock/​object.h	Source navigation Diff markup Identifier search General search
	Version: linux-6.0.1 spark-3.0.0 hadoop-3.2.0-src hadoop-3.3.0-src spark-2.4.7 linux-4.15.13 hadoop-2.7.4-src Revert   Change

 /* SPDX-License-Identifier: GPL-2.0-only */
 /*
  * Landlock LSM - Object management
  *
  * Copyright © 2016-2020 Mickaël Salaün <mic@digikod.net>
  * Copyright © 2018-2020 ANSSI
  */
 
 #ifndef _SECURITY_LANDLOCK_OBJECT_H
 #define _SECURITY_LANDLOCK_OBJECT_H
 
 #include <linux/compiler_types.h>
 #include <linux/refcount.h>
 #include <linux/spinlock.h>
 
 struct landlock_object;
 
 /**
  * struct landlock_object_underops - Operations on an underlying object
  */
 struct landlock_object_underops {
     /**
      * @release: Releases the underlying object (e.g. iput() for an inode).
      */
     void (*release)(struct landlock_object *const object)
         __releases(object->lock);
 };
 
 /**
  * struct landlock_object - Security blob tied to a kernel object
  *
  * The goal of this structure is to enable to tie a set of ephemeral access
  * rights (pertaining to different domains) to a kernel object (e.g an inode)
  * in a safe way.  This implies to handle concurrent use and modification.
  *
  * The lifetime of a &struct landlock_object depends on the rules referring to
  * it.
  */
 struct landlock_object {
     /**
      * @usage: This counter is used to tie an object to the rules matching
      * it or to keep it alive while adding a new rule.  If this counter
      * reaches zero, this struct must not be modified, but this counter can
      * still be read from within an RCU read-side critical section.  When
      * adding a new rule to an object with a usage counter of zero, we must
      * wait until the pointer to this object is set to NULL (or recycled).
      */
     refcount_t usage;
     /**
      * @lock: Protects against concurrent modifications.  This lock must be
      * held from the time @usage drops to zero until any weak references
      * from @underobj to this object have been cleaned up.
      *
      * Lock ordering: inode->i_lock nests inside this.
      */
     spinlock_t lock;
     /**
      * @underobj: Used when cleaning up an object and to mark an object as
      * tied to its underlying kernel structure.  This pointer is protected
      * by @lock.  Cf. landlock_release_inodes() and release_inode().
      */
     void *underobj;
     union {
         /**
          * @rcu_free: Enables lockless use of @usage, @lock and
          * @underobj from within an RCU read-side critical section.
          * @rcu_free and @underops are only used by
          * landlock_put_object().
          */
         struct rcu_head rcu_free;
         /**
          * @underops: Enables landlock_put_object() to release the
          * underlying object (e.g. inode).
          */
         const struct landlock_object_underops *underops;
     };
 };
 
 struct landlock_object *
 landlock_create_object(const struct landlock_object_underops *const underops,
                void *const underobj);
 
 void landlock_put_object(struct landlock_object *const object);
 
 static inline void landlock_get_object(struct landlock_object *const object)
 {
     if (object)
         refcount_inc(&object->usage);
 }
 
 #endif /* _SECURITY_LANDLOCK_OBJECT_H */

This page was automatically generated by the 2.1.0 LXR engine. The LXR team