Lines Matching refs:ruleset_fd
437 int ruleset_fd; in TEST_F_FORK() local
443 ruleset_fd = open(dir_s1d1, O_PATH | O_DIRECTORY | O_CLOEXEC); in TEST_F_FORK()
444 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
445 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
449 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
451 ruleset_fd = open(dir_s1d1, O_DIRECTORY | O_CLOEXEC); in TEST_F_FORK()
452 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
453 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
457 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
460 ruleset_fd = in TEST_F_FORK()
462 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
463 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
470 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
475 path_beneath.parent_fd = ruleset_fd; in TEST_F_FORK()
476 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
487 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
494 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
501 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
508 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
517 ASSERT_EQ(0, landlock_restrict_self(ruleset_fd, 0)); in TEST_F_FORK()
519 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
557 const int ruleset_fd = in TEST_F_FORK() local
560 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
573 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, in TEST_F_FORK()
578 err = landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
589 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
609 const int ruleset_fd, const __u64 allowed_access, in add_path_beneath() argument
622 ASSERT_EQ(0, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in add_path_beneath()
652 int ruleset_fd, i; in create_ruleset() local
666 ruleset_fd = in create_ruleset()
668 ASSERT_LE(0, ruleset_fd) in create_ruleset()
674 add_path_beneath(_metadata, ruleset_fd, rules[i].access, in create_ruleset()
677 return ruleset_fd; in create_ruleset()
681 const int ruleset_fd) in enforce_ruleset() argument
684 ASSERT_EQ(0, landlock_restrict_self(ruleset_fd, 0)) in enforce_ruleset()
701 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
705 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
708 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
733 ASSERT_EQ(-1, landlock_add_rule(ruleset_fd, LANDLOCK_RULE_PATH_BENEATH, in TEST_F_FORK()
748 int ruleset_fd; in TEST_F_FORK() local
752 ruleset_fd = create_ruleset(_metadata, ACCESS_RO, rules); in TEST_F_FORK()
753 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
754 ASSERT_EQ(-1, landlock_restrict_self(ruleset_fd, 0)); in TEST_F_FORK()
758 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
759 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
776 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
780 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
781 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
782 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
830 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RO, rules); in TEST_F_FORK() local
832 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
833 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
834 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
863 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
865 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
866 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
867 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
919 int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1); in TEST_F_FORK() local
921 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
922 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
923 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
945 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2); in TEST_F_FORK()
946 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
947 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
948 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
970 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3); in TEST_F_FORK()
971 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
972 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
973 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1011 int ruleset_fd; in TEST_F_FORK() local
1016 ruleset_fd = in TEST_F_FORK()
1018 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1019 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1020 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1027 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
1029 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1030 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1031 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1135 int ruleset_fd; in TEST_F_FORK() local
1137 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1139 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1140 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1141 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1148 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1152 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1153 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1154 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1161 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1163 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1164 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1165 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1173 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1177 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1178 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1179 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1190 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1192 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1193 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1194 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1202 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
1204 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1205 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1206 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1214 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1218 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1219 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1220 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1239 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1241 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1242 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1262 add_path_beneath(_metadata, ruleset_fd, LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1275 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1295 add_path_beneath(_metadata, ruleset_fd, ACCESS_RW, dir_s1d1); in TEST_F_FORK()
1296 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1317 add_path_beneath(_metadata, ruleset_fd, LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1319 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1320 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1355 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1357 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1358 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1368 add_path_beneath(_metadata, ruleset_fd, in TEST_F_FORK()
1372 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1373 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1393 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1395 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1397 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1400 err = landlock_restrict_self(ruleset_fd, 0); in TEST_F_FORK()
1404 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1410 int ruleset_fd; in TEST_F_FORK() local
1413 ruleset_fd = in TEST_F_FORK()
1415 ASSERT_LE(-1, ruleset_fd); in TEST_F_FORK()
1420 ruleset_fd = in TEST_F_FORK()
1422 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1423 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1429 ruleset_fd = in TEST_F_FORK()
1431 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1432 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1437 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1438 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1455 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1457 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1458 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1459 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1484 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1486 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1487 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1488 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1512 int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1514 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1515 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1516 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1523 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1524 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1525 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1526 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1542 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1544 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1545 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1546 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1562 int ruleset_fd; in TEST_F_FORK() local
1572 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1573 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1574 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1575 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1590 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1592 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1593 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1594 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1613 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1615 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1628 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1629 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1655 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK() local
1657 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1663 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1664 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1704 int dirfd, ruleset_fd; in test_relative_path() local
1706 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_base); in test_relative_path()
1707 ASSERT_LE(0, ruleset_fd); in test_relative_path()
1708 enforce_ruleset(_metadata, ruleset_fd); in test_relative_path()
1709 ASSERT_EQ(0, close(ruleset_fd)); in test_relative_path()
1711 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_subs); in test_relative_path()
1713 ASSERT_LE(0, ruleset_fd); in test_relative_path()
1730 enforce_ruleset(_metadata, ruleset_fd); in test_relative_path()
1793 ASSERT_EQ(0, close(ruleset_fd)); in test_relative_path()
1876 const int ruleset_fd = in TEST_F_FORK() local
1879 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1884 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1885 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1916 int ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in TEST_F_FORK() local
1918 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1924 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1925 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1945 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in TEST_F_FORK()
1946 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1947 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1948 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
1982 const int ruleset_fd = in TEST_F_FORK() local
1985 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
1989 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1990 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2064 const int ruleset_fd = in TEST_F_FORK() local
2067 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2073 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2074 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2128 int ruleset_fd = in TEST_F_FORK() local
2131 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2132 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2133 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2163 int ruleset_fd; in refer_denied_by_default() local
2167 ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in refer_denied_by_default()
2168 ASSERT_LE(0, ruleset_fd); in refer_denied_by_default()
2169 enforce_ruleset(_metadata, ruleset_fd); in refer_denied_by_default()
2170 ASSERT_EQ(0, close(ruleset_fd)); in refer_denied_by_default()
2182 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in refer_denied_by_default()
2183 ASSERT_LE(0, ruleset_fd); in refer_denied_by_default()
2184 enforce_ruleset(_metadata, ruleset_fd); in refer_denied_by_default()
2185 ASSERT_EQ(0, close(ruleset_fd)); in refer_denied_by_default()
2287 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
2291 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2292 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2293 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2365 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
2369 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2370 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2371 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2511 const int ruleset_fd = create_ruleset( in reparent_exdev_layers_enforce1() local
2515 ASSERT_LE(0, ruleset_fd); in reparent_exdev_layers_enforce1()
2516 enforce_ruleset(_metadata, ruleset_fd); in reparent_exdev_layers_enforce1()
2517 ASSERT_EQ(0, close(ruleset_fd)); in reparent_exdev_layers_enforce1()
2534 const int ruleset_fd = in reparent_exdev_layers_enforce2() local
2537 ASSERT_LE(0, ruleset_fd); in reparent_exdev_layers_enforce2()
2538 enforce_ruleset(_metadata, ruleset_fd); in reparent_exdev_layers_enforce2()
2539 ASSERT_EQ(0, close(ruleset_fd)); in reparent_exdev_layers_enforce2()
2808 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
2814 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2815 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2816 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2880 int ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK() local
2888 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2889 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2890 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2953 const int ruleset_fd = in TEST_F_FORK() local
2956 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2963 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2964 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
2990 const int ruleset_fd = in TEST_F_FORK() local
2993 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
2994 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2995 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3016 const int ruleset_fd = create_ruleset(_metadata, access, rules); in test_make_file() local
3018 ASSERT_LE(0, ruleset_fd); in test_make_file()
3034 enforce_ruleset(_metadata, ruleset_fd); in test_make_file()
3035 ASSERT_EQ(0, close(ruleset_fd)); in test_make_file()
3104 const int ruleset_fd = in TEST_F_FORK() local
3107 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3119 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3120 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3149 const int ruleset_fd = in TEST_F_FORK() local
3152 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3158 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3159 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3190 const int ruleset_fd = create_ruleset( in TEST_F_FORK() local
3195 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3196 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3197 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3234 const int ruleset_fd = in TEST_F_FORK() local
3237 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3238 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3239 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3331 int ruleset_fd; in TEST_F_FORK() local
3334 ruleset_fd = create_ruleset(_metadata, handled, rules); in TEST_F_FORK()
3336 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3337 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3338 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3414 int ruleset_fd; in TEST_F_FORK() local
3417 ruleset_fd = create_ruleset(_metadata, handled, rules); in TEST_F_FORK()
3419 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3420 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3421 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3521 int fd_layer0, fd_layer1, fd_layer2, fd_layer3, ruleset_fd; in TEST_F_FORK() local
3526 ruleset_fd = create_ruleset(_metadata, handled1, layer1); in TEST_F_FORK()
3527 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3528 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3529 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3535 ruleset_fd = create_ruleset(_metadata, handled2, layer2); in TEST_F_FORK()
3536 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3537 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3538 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3545 ruleset_fd = create_ruleset(_metadata, handled3, layer3); in TEST_F_FORK()
3546 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3547 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3548 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3641 int fd, ruleset_fd; in TEST_F_FORK() local
3644 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
3645 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3646 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3647 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3682 int fd, ruleset_fd; in TEST_F_FORK() local
3684 ruleset_fd = create_ruleset(_metadata, variant->handled, rules); in TEST_F_FORK()
3685 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3686 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3687 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3862 int ruleset_fd; in TEST_F_FORK() local
3865 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_parent); in TEST_F_FORK()
3866 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3867 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3868 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3887 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_mount_point); in TEST_F_FORK()
3888 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3889 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3890 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3911 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3_source); in TEST_F_FORK()
3912 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3913 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3914 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3935 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer4_destination); in TEST_F_FORK()
3936 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3937 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3938 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
3963 int ruleset_fd = create_ruleset( in TEST_F_FORK() local
3967 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
3968 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3969 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4356 int ruleset_fd; in TEST_F_FORK() local
4364 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_base); in TEST_F_FORK()
4365 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4366 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4367 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4412 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_data); in TEST_F_FORK()
4413 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4414 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4415 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4429 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3_subdirs); in TEST_F_FORK()
4430 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4431 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4432 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4454 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer4_files); in TEST_F_FORK()
4455 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4456 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4457 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4482 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer5_merge_only); in TEST_F_FORK()
4483 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4484 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4485 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()
4667 int ruleset_fd; in layer3_fs_tag_inode() local
4676 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in layer3_fs_tag_inode()
4678 EXPECT_LE(0, ruleset_fd); in layer3_fs_tag_inode()
4679 enforce_ruleset(_metadata, ruleset_fd); in layer3_fs_tag_inode()
4680 EXPECT_EQ(0, close(ruleset_fd)); in layer3_fs_tag_inode()
4686 ruleset_fd = in layer3_fs_tag_inode()
4689 EXPECT_LE(0, ruleset_fd); in layer3_fs_tag_inode()
4690 enforce_ruleset(_metadata, ruleset_fd); in layer3_fs_tag_inode()
4691 EXPECT_EQ(0, close(ruleset_fd)); in layer3_fs_tag_inode()
4731 int ruleset_fd; in TEST_F_FORK() local
4744 ruleset_fd = in TEST_F_FORK()
4746 ASSERT_LE(0, ruleset_fd); in TEST_F_FORK()
4758 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
4759 ASSERT_EQ(0, close(ruleset_fd)); in TEST_F_FORK()