Lines Matching refs:ruleset_fd
41 static inline int landlock_add_rule(const int ruleset_fd, in landlock_add_rule() argument
46 return syscall(__NR_landlock_add_rule, ruleset_fd, rule_type, rule_attr, in landlock_add_rule()
52 static inline int landlock_restrict_self(const int ruleset_fd, in landlock_restrict_self() argument
55 return syscall(__NR_landlock_restrict_self, ruleset_fd, flags); in landlock_restrict_self()
118 static int populate_ruleset_fs(const char *const env_var, const int ruleset_fd, in populate_ruleset_fs() argument
168 if (landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in populate_ruleset_fs()
186 static int populate_ruleset_net(const char *const env_var, const int ruleset_fd, in populate_ruleset_net() argument
214 if (landlock_add_rule(ruleset_fd, LANDLOCK_RULE_NET_PORT, in populate_ruleset_net()
349 int ruleset_fd, abi; in main() local
493 ruleset_fd = in main()
495 if (ruleset_fd < 0) { in main()
500 if (populate_ruleset_fs(ENV_FS_RO_NAME, ruleset_fd, access_fs_ro)) { in main()
503 if (populate_ruleset_fs(ENV_FS_RW_NAME, ruleset_fd, access_fs_rw)) { in main()
507 if (populate_ruleset_net(ENV_TCP_BIND_NAME, ruleset_fd, in main()
511 if (populate_ruleset_net(ENV_TCP_CONNECT_NAME, ruleset_fd, in main()
520 if (landlock_restrict_self(ruleset_fd, set_restrict_flags)) { in main()
524 close(ruleset_fd); in main()
537 close(ruleset_fd); in main()