security/landlock/object.h
Source file repositories/reference/linux-study-clean/security/landlock/object.h
File Facts
- System
- Linux kernel
- Corpus path
security/landlock/object.h- Extension
.h- Size
- 2837 bytes
- Lines
- 92
- Domain
- Core OS
- Bucket
- Security And Isolation
- Inferred role
- Core OS: implementation source
- Status
- source implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/compiler_types.hlinux/refcount.hlinux/spinlock.h
Detected Declarations
struct landlock_objectstruct landlock_object_underopsstruct landlock_objectfunction landlock_get_object
Annotated Snippet
struct landlock_object_underops {
/**
* @release: Releases the underlying object (e.g. iput() for an inode).
*/
void (*release)(struct landlock_object *const object)
__releases(object->lock);
};
/**
* struct landlock_object - Security blob tied to a kernel object
*
* The goal of this structure is to enable to tie a set of ephemeral access
* rights (pertaining to different domains) to a kernel object (e.g an inode)
* in a safe way. This implies to handle concurrent use and modification.
*
* The lifetime of a &struct landlock_object depends on the rules referring to
* it.
*/
struct landlock_object {
/**
* @usage: This counter is used to tie an object to the rules matching
* it or to keep it alive while adding a new rule. If this counter
* reaches zero, this struct must not be modified, but this counter can
* still be read from within an RCU read-side critical section. When
* adding a new rule to an object with a usage counter of zero, we must
* wait until the pointer to this object is set to NULL (or recycled).
*/
refcount_t usage;
/**
* @lock: Protects against concurrent modifications. This lock must be
* held from the time @usage drops to zero until any weak references
* from @underobj to this object have been cleaned up.
*
* Lock ordering: inode->i_lock nests inside this.
*/
spinlock_t lock;
/**
* @underobj: Used when cleaning up an object and to mark an object as
* tied to its underlying kernel structure. This pointer is protected
* by @lock. Cf. landlock_release_inodes() and release_inode().
*/
void *underobj;
union {
/**
* @rcu_free: Enables lockless use of @usage, @lock and
* @underobj from within an RCU read-side critical section.
* @rcu_free and @underops are only used by
* landlock_put_object().
*/
struct rcu_head rcu_free;
/**
* @underops: Enables landlock_put_object() to release the
* underlying object (e.g. inode).
*/
const struct landlock_object_underops *underops;
};
};
struct landlock_object *
landlock_create_object(const struct landlock_object_underops *const underops,
void *const underobj);
void landlock_put_object(struct landlock_object *const object);
static inline void landlock_get_object(struct landlock_object *const object)
{
if (object)
refcount_inc(&object->usage);
}
#endif /* _SECURITY_LANDLOCK_OBJECT_H */
Annotation
- Immediate include surface: `linux/compiler_types.h`, `linux/refcount.h`, `linux/spinlock.h`.
- Detected declarations: `struct landlock_object`, `struct landlock_object_underops`, `struct landlock_object`, `function landlock_get_object`.
- Atlas domain: Core OS / Security And Isolation.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.