Lines Matching refs:ruleset_fd
486 int ruleset_fd; in TEST_F_FORK() local
492 ruleset_fd = open(dir_s1d1, O_PATH | O_DIRECTORY | O_CLOEXEC); in TEST_F_FORK()
493 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
494 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
498 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
500 ruleset_fd = open(dir_s1d1, O_DIRECTORY | O_CLOEXEC); in TEST_F_FORK()
501 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
502 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
506 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
509 ruleset_fd = in TEST_F_FORK()
511 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
512 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
519 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
524 path_beneath.parent_fd = ruleset_fd; in TEST_F_FORK()
525 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
536 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
543 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
550 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
557 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
566 ASSERT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in TEST_F_FORK()
568 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
607 const int ruleset_fd = in TEST_F_FORK() local
610 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
623 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, in TEST_F_FORK()
628 err = landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
639 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
665 const int ruleset_fd = in TEST_F_FORK() local
668 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
676 EXPECT_EQ(-1, landlock_add_rule(ruleset_fd, in TEST_F_FORK()
682 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
691 int ruleset_fd; in TEST_F_FORK() local
694 ruleset_fd = in TEST_F_FORK()
696 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
705 err = landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
716 EXPECT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
720 const int ruleset_fd, const __u64 allowed_access, in add_path_beneath() argument
733 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in add_path_beneath()
763 int ruleset_fd, i; in create_ruleset() local
777 ruleset_fd = in create_ruleset()
779 ASSERT_LE(0, ruleset_fd) in create_ruleset()
788 add_path_beneath(_metadata, ruleset_fd, rules[i].access, in create_ruleset()
791 return ruleset_fd; in create_ruleset()
805 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
809 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
812 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
837 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
852 int ruleset_fd; in TEST_F_FORK() local
856 ruleset_fd = create_ruleset(_metadata, ACCESS_RO, rules); in TEST_F_FORK()
857 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
858 ASSERT_EQ(-1, landlock_restrict_self(ruleset_fd, 0)); in TEST_F_FORK()
862 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
863 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
880 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
884 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
885 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
886 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
934 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RO, rules); in TEST_F_FORK() local
936 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
937 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
938 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
967 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
969 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
970 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
971 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1023 int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1); in TEST_F_FORK() local
1025 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1026 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1027 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1049 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2); in TEST_F_FORK()
1050 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1051 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1052 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1074 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3); in TEST_F_FORK()
1075 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1076 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1077 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1115 int ruleset_fd; in TEST_F_FORK() local
1120 ruleset_fd = in TEST_F_FORK()
1122 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1123 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1124 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1131 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
1133 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1134 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1135 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1239 int ruleset_fd; in TEST_F_FORK() local
1241 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1243 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1244 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1245 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1252 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1256 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1257 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1258 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1265 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1267 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1268 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1269 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1277 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1281 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1282 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1283 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1294 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1296 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1297 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1298 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1306 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
1308 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1309 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1310 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1318 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1322 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1323 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1324 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1343 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1345 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1346 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1366 add_path_beneath(_metadata, ruleset_fd, LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1379 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1399 add_path_beneath(_metadata, ruleset_fd, ACCESS_RW, dir_s1d1); in TEST_F_FORK()
1400 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1421 add_path_beneath(_metadata, ruleset_fd, LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1423 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1424 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1459 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1461 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1462 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1472 add_path_beneath(_metadata, ruleset_fd, in TEST_F_FORK()
1476 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1477 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1497 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1499 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1501 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1504 err = landlock_restrict_self(ruleset_fd, 0); in TEST_F_FORK()
1508 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1514 int ruleset_fd; in TEST_F_FORK() local
1517 ruleset_fd = in TEST_F_FORK()
1519 ASSERT_LE(-1, ruleset_fd); in TEST_F_FORK()
1524 ruleset_fd = in TEST_F_FORK()
1526 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1527 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1533 ruleset_fd = in TEST_F_FORK()
1535 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1536 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1541 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1542 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1559 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1561 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1562 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1563 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1588 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1590 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1591 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1592 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1616 int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1618 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1619 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1620 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1627 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1628 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1629 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1630 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1646 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1648 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1649 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1650 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1666 int ruleset_fd; in TEST_F_FORK() local
1676 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1677 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1678 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1679 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1694 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1696 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1697 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1698 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1717 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1719 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1732 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1733 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1748 int ruleset_fd; in TEST_F_FORK() local
1751 ruleset_fd = in TEST_F_FORK()
1753 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1754 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1755 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1776 int ruleset_fd; in TEST_F_FORK() local
1779 ruleset_fd = landlock_create_ruleset(&ruleset_net_fs, in TEST_F_FORK()
1781 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1782 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1783 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1818 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1820 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1826 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1827 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1849 int ruleset_fd; in TEST_F_FORK() local
1857 ruleset_fd = in TEST_F_FORK()
1859 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1868 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1869 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1907 int dirfd, ruleset_fd; in test_relative_path() local
1909 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_base); in test_relative_path()
1910 ASSERT_LE(0, ruleset_fd); in test_relative_path()
1911 enforce_ruleset(_metadata, ruleset_fd); in test_relative_path()
1912 ASSERT_EQ(0, close(ruleset_fd)); in test_relative_path()
1914 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_subs); in test_relative_path()
1916 ASSERT_LE(0, ruleset_fd); in test_relative_path()
1933 enforce_ruleset(_metadata, ruleset_fd); in test_relative_path()
1996 ASSERT_EQ(0, close(ruleset_fd)); in test_relative_path()
2093 const int ruleset_fd = in TEST_F_FORK() local
2096 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2105 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2106 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2217 int ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in TEST_F_FORK() local
2219 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2225 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2226 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2246 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in TEST_F_FORK()
2247 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2248 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2249 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2283 const int ruleset_fd = in TEST_F_FORK() local
2286 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2290 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2291 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2365 const int ruleset_fd = in TEST_F_FORK() local
2368 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2374 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2375 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2429 int ruleset_fd = in TEST_F_FORK() local
2432 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2433 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2434 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2464 int ruleset_fd; in refer_denied_by_default() local
2468 ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in refer_denied_by_default()
2469 ASSERT_LE(0, ruleset_fd); in refer_denied_by_default()
2470 enforce_ruleset(_metadata, ruleset_fd); in refer_denied_by_default()
2471 ASSERT_EQ(0, close(ruleset_fd)); in refer_denied_by_default()
2483 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in refer_denied_by_default()
2484 ASSERT_LE(0, ruleset_fd); in refer_denied_by_default()
2485 enforce_ruleset(_metadata, ruleset_fd); in refer_denied_by_default()
2486 ASSERT_EQ(0, close(ruleset_fd)); in refer_denied_by_default()
2575 int root_fd, ruleset_fd; in TEST_F_FORK() local
2585 ruleset_fd = in TEST_F_FORK()
2587 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2590 ASSERT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in TEST_F_FORK()
2591 EXPECT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2626 int ruleset_fd; in TEST_F_FORK() local
2629 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
2635 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2636 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2637 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2663 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
2667 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2668 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2669 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2741 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
2745 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2746 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2747 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2887 const int ruleset_fd = create_ruleset( in reparent_exdev_layers_enforce1() local
2891 ASSERT_LE(0, ruleset_fd); in reparent_exdev_layers_enforce1()
2892 enforce_ruleset(_metadata, ruleset_fd); in reparent_exdev_layers_enforce1()
2893 ASSERT_EQ(0, close(ruleset_fd)); in reparent_exdev_layers_enforce1()
2910 const int ruleset_fd = in reparent_exdev_layers_enforce2() local
2913 ASSERT_LE(0, ruleset_fd); in reparent_exdev_layers_enforce2()
2914 enforce_ruleset(_metadata, ruleset_fd); in reparent_exdev_layers_enforce2()
2915 ASSERT_EQ(0, close(ruleset_fd)); in reparent_exdev_layers_enforce2()
3184 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
3190 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3191 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3192 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3256 int ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK() local
3264 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3265 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3266 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3329 const int ruleset_fd = in TEST_F_FORK() local
3332 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3339 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3340 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3366 const int ruleset_fd = in TEST_F_FORK() local
3369 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3370 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3371 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3392 const int ruleset_fd = create_ruleset(_metadata, access, rules); in test_make_file() local
3394 ASSERT_LE(0, ruleset_fd); in test_make_file()
3410 enforce_ruleset(_metadata, ruleset_fd); in test_make_file()
3411 ASSERT_EQ(0, close(ruleset_fd)); in test_make_file()
3480 const int ruleset_fd = in TEST_F_FORK() local
3483 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3495 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3496 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3525 const int ruleset_fd = in TEST_F_FORK() local
3528 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3534 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3535 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3566 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
3571 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3572 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3573 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3610 const int ruleset_fd = in TEST_F_FORK() local
3613 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3614 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3615 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3707 int ruleset_fd; in TEST_F_FORK() local
3710 ruleset_fd = create_ruleset(_metadata, handled, rules); in TEST_F_FORK()
3712 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3713 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3714 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3790 int ruleset_fd; in TEST_F_FORK() local
3793 ruleset_fd = create_ruleset(_metadata, handled, rules); in TEST_F_FORK()
3795 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3796 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3797 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3897 int fd_layer0, fd_layer1, fd_layer2, fd_layer3, ruleset_fd; in TEST_F_FORK() local
3902 ruleset_fd = create_ruleset(_metadata, handled1, layer1); in TEST_F_FORK()
3903 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3904 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3905 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3911 ruleset_fd = create_ruleset(_metadata, handled2, layer2); in TEST_F_FORK()
3912 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3913 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3914 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3921 ruleset_fd = create_ruleset(_metadata, handled3, layer3); in TEST_F_FORK()
3922 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3923 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3924 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4016 int fd, ruleset_fd; in TEST_F_FORK() local
4019 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
4020 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4021 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4022 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4057 int fd, ruleset_fd; in TEST_F_FORK() local
4059 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
4060 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4061 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4062 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4110 int ruleset_fd, fd, i; in TEST() local
4132 ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); in TEST()
4133 ASSERT_LE(0, ruleset_fd); in TEST()
4134 enforce_ruleset(_metadata, ruleset_fd); in TEST()
4135 ASSERT_EQ(0, close(ruleset_fd)); in TEST()
4153 int ruleset_fd, fd; in TEST_F_FORK() local
4169 ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); in TEST_F_FORK()
4170 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4171 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4172 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4249 int ruleset_fd, fd; in TEST_F_FORK() local
4252 ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); in TEST_F_FORK()
4253 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4254 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4255 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4308 int fd, ruleset_fd; in TEST_F_FORK() local
4318 ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); in TEST_F_FORK()
4319 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4320 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4321 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4348 int srv_fd, cli_fd, ruleset_fd; in TEST_F_FORK() local
4368 ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0); in TEST_F_FORK()
4369 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4370 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4371 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4452 int file_fd, ruleset_fd; in TEST_F_FORK() local
4455 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
4456 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4457 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4458 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4487 int dir_fd, ruleset_fd; in TEST_F_FORK() local
4490 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
4491 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4492 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4493 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4532 int file_fd, ruleset_fd; in TEST_F_FORK() local
4535 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
4536 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4537 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4538 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4684 int ruleset_fd; in TEST_F_FORK() local
4687 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_parent); in TEST_F_FORK()
4688 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4689 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4690 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4709 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_mount_point); in TEST_F_FORK()
4710 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4711 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4712 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4733 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3_source); in TEST_F_FORK()
4734 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4735 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4736 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4757 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer4_destination); in TEST_F_FORK()
4758 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4759 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4760 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4785 int ruleset_fd = create_ruleset( in TEST_F_FORK() local
4789 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4790 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4791 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
5174 int ruleset_fd; in TEST_F_FORK() local
5182 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_base); in TEST_F_FORK()
5183 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
5184 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
5185 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
5230 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_data); in TEST_F_FORK()
5231 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
5232 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
5233 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
5247 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3_subdirs); in TEST_F_FORK()
5248 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
5249 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
5250 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
5272 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer4_files); in TEST_F_FORK()
5273 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
5274 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
5275 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
5300 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer5_merge_only); in TEST_F_FORK()
5301 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
5302 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
5303 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
5493 int ruleset_fd; in layer3_fs_tag_inode() local
5502 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in layer3_fs_tag_inode()
5504 EXPECT_LE(0, ruleset_fd); in layer3_fs_tag_inode()
5505 enforce_ruleset(_metadata, ruleset_fd); in layer3_fs_tag_inode()
5506 EXPECT_EQ(0, close(ruleset_fd)); in layer3_fs_tag_inode()
5512 ruleset_fd = in layer3_fs_tag_inode()
5515 EXPECT_LE(0, ruleset_fd); in layer3_fs_tag_inode()
5516 enforce_ruleset(_metadata, ruleset_fd); in layer3_fs_tag_inode()
5517 EXPECT_EQ(0, close(ruleset_fd)); in layer3_fs_tag_inode()
5560 int ruleset_fd; in TEST_F_FORK() local
5577 ruleset_fd = in TEST_F_FORK()
5579 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
5591 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
5592 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
6110 int ruleset_fd = in TEST_F() local
6113 ASSERT_LE(0, ruleset_fd); in TEST_F()
6114 enforce_ruleset(_metadata, ruleset_fd); in TEST_F()
6115 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F()