| /kernel/linux/linux-5.10/security/apparmor/ |
| D | policy_ns.c | 11 * to be loaded for tasks within the namespace.
25 /* root profile namespace */
31 * @curr: namespace to treat as the parent (NOT NULL)
32 * @view: namespace to test if visible from @curr (NOT NULL)
55 * @curr - current namespace (NOT NULL)
56 * @view - namespace attempting to view (NOT NULL)
63 /* if view == curr then the namespace name isn't displayed */ in aa_ns_name()
81 * alloc_ns - allocate, initialize and return a new namespace
82 * @prefix: parent namespace name (MAYBE NULL)
85 * Returns: refcounted namespace or NULL on failure.
[all …]
|
| /kernel/linux/linux-6.6/security/apparmor/ |
| D | policy_ns.c | 11 * to be loaded for tasks within the namespace.
28 /* root profile namespace */
34 * @curr: namespace to treat as the parent (NOT NULL)
35 * @view: namespace to test if visible from @curr (NOT NULL)
58 * @curr: current namespace (NOT NULL)
59 * @view: namespace attempting to view (NOT NULL)
66 /* if view == curr then the namespace name isn't displayed */ in aa_ns_name()
99 * alloc_ns - allocate, initialize and return a new namespace
100 * @prefix: parent namespace name (MAYBE NULL)
103 * Returns: refcounted namespace or NULL on failure.
[all …]
|
| /kernel/linux/linux-6.6/tools/testing/selftests/uevent/ |
| D | uevent_filtering.c | 131 "%s - Failed to unshare user namespace\n", in uevent_listener()
141 "%s - Failed to unshare network namespace\n", in uevent_listener()
277 "%s - Failed to unshare user namespace\n", in do_test()
287 "%s - Failed to unshare network namespace\n", in do_test()
380 * - Open uevent listening socket in initial network namespace owned by in TEST()
381 * initial user namespace. in TEST()
382 * - Trigger uevent in initial network namespace owned by initial user in TEST()
383 * namespace. in TEST()
394 * - Open uevent listening socket in non-initial network namespace in TEST()
395 * owned by initial user namespace. in TEST()
[all …]
|
| /kernel/linux/linux-5.10/tools/testing/selftests/uevent/ |
| D | uevent_filtering.c | 131 "%s - Failed to unshare user namespace\n", in uevent_listener()
141 "%s - Failed to unshare network namespace\n", in uevent_listener()
277 "%s - Failed to unshare user namespace\n", in do_test()
287 "%s - Failed to unshare network namespace\n", in do_test()
380 * - Open uevent listening socket in initial network namespace owned by in TEST()
381 * initial user namespace. in TEST()
382 * - Trigger uevent in initial network namespace owned by initial user in TEST()
383 * namespace. in TEST()
394 * - Open uevent listening socket in non-initial network namespace in TEST()
395 * owned by initial user namespace. in TEST()
[all …]
|
| /kernel/linux/linux-6.6/Documentation/core-api/ |
| D | symbol-namespaces.rst | 25 documentation purposes (think of the SUBSYSTEM_DEBUG namespace) as well as for
28 are required to import the namespace. Otherwise the kernel will, depending on
31 Additionally, it is possible to put symbols into a module namespace, strictly
37 Symbols can be exported into namespace using different methods. All of them are
46 available to export symbols into a certain namespace: EXPORT_SYMBOL_NS() and
47 EXPORT_SYMBOL_NS_GPL(). They take one additional argument: the namespace.
50 namespace ``USB_STORAGE``, use::
55 ``namespace`` set accordingly. A symbol that is exported without a namespace will
56 refer to ``NULL``. There is no default namespace if none is defined. ``modpost``
57 and kernel/module/main.c make use the namespace at build time or module load
[all …]
|
| /kernel/linux/linux-5.10/Documentation/core-api/ |
| D | symbol-namespaces.rst | 25 documentation purposes (think of the SUBSYSTEM_DEBUG namespace) as well as for
28 are required to import the namespace. Otherwise the kernel will, depending on
34 Symbols can be exported into namespace using different methods. All of them are
43 available to export symbols into a certain namespace: EXPORT_SYMBOL_NS() and
44 EXPORT_SYMBOL_NS_GPL(). They take one additional argument: the namespace.
47 namespace `USB_STORAGE`, use::
52 `namespace` set accordingly. A symbol that is exported without a namespace will
53 refer to `NULL`. There is no default namespace if none is defined. `modpost`
54 and kernel/module.c make use the namespace at build time or module load time,
63 and EXPORT_SYMBOL_GPL() macro expansions that do not specify a namespace.
[all …]
|
| /kernel/linux/linux-5.10/include/linux/ |
| D | nd.h | 41 * struct nd_namespace_common - core infrastructure of a namespace
42 * @force_raw: ignore other personalities for the namespace (e.g. btt)
44 * @claim: when set a another personality has taken ownership of the namespace
46 * @rw_bytes: access the raw namespace capacity with byte-aligned transfers
64 * @dev: namespace device created by the nd region driver
67 * @addr: virtual address to access the namespace range
68 * @bb: badblocks list for the namespace range
79 * struct nd_namespace_pmem - namespace device for dimm-backed interleaved memory
81 * @lbasize: logical sector size for the namespace in block-device-mode
82 * @alt_name: namespace name supplied in the dimm label
[all …]
|
| /kernel/linux/linux-6.6/security/apparmor/include/ |
| D | policy_ns.h | 22 /* struct aa_ns_acct - accounting of profiles in namespace
23 * @max_size: maximum space allowed for all profiles in namespace
24 * @max_count: maximum number of profiles that can be in this namespace
35 /* struct aa_ns - namespace for a set of profiles
37 * @parent: parent of namespace
39 * @acct: accounting for the namespace
40 * @unconfined: special unconfined profile for the namespace
41 * @sub_ns: list of namespaces under the current namespace.
43 * @uniq_id: a unique id count for the profiles in the namespace
49 * and profile names within a namespace are guaranteed to be unique. When
[all …]
|
| /kernel/linux/linux-5.10/security/apparmor/include/ |
| D | policy_ns.h | 22 /* struct aa_ns_acct - accounting of profiles in namespace
23 * @max_size: maximum space allowed for all profiles in namespace
24 * @max_count: maximum number of profiles that can be in this namespace
35 /* struct aa_ns - namespace for a set of profiles
37 * @parent: parent of namespace
39 * @acct: accounting for the namespace
40 * @unconfined: special unconfined profile for the namespace
41 * @sub_ns: list of namespaces under the current namespace.
43 * @uniq_id: a unique id count for the profiles in the namespace
49 * and profile names within a namespace are guaranteed to be unique. When
[all …]
|
| /kernel/linux/linux-5.10/Documentation/admin-guide/sysctl/ |
| D | user.rst | 16 per user per user namespace limits.
24 The creation of per user per user namespace objects are charged to
25 the user in the user namespace who created the object and
26 verified to be below the per user limit in that user namespace.
34 user namespace does not allow a user to escape their current limits.
42 user namespace may create.
48 user namespace may create.
54 user namespace may create.
60 current user namespace may create.
66 user namespace may create.
[all …]
|
| /kernel/linux/linux-6.6/Documentation/admin-guide/sysctl/ |
| D | user.rst | 16 per user per user namespace limits.
24 The creation of per user per user namespace objects are charged to
25 the user in the user namespace who created the object and
26 verified to be below the per user limit in that user namespace.
34 user namespace does not allow a user to escape their current limits.
42 user namespace may create.
48 user namespace may create.
54 user namespace may create.
60 current user namespace may create.
66 user namespace may create.
[all …]
|
| /kernel/linux/linux-6.6/Documentation/networking/ |
| D | sysfs-tagging.rst | 11 namespace active multiple devices with the same name can show up in
18 By using the network namespace pointers as tags to separate out
23 Each sysfs directory entry may be tagged with a namespace via the
26 and KOBJ_NS_TYPES, and ns will point to the namespace to which it
30 ``void *ns[KOBJ_NS_TYPES]``. When a task in a tagging namespace
33 ``s_fs_info->ns[kobj_nstype]`` set to the new namespace. Note that
36 namespace exits, it will call kobj_ns_exit() to invalidate any
44 - current_ns() which returns current's namespace
45 - netlink_ns() which returns a socket's namespace
46 - initial_ns() which returns the initial namespace
|
| /kernel/linux/linux-5.10/Documentation/networking/ |
| D | sysfs-tagging.rst | 11 namespace active multiple devices with the same name can show up in
18 By using the network namespace pointers as tags to separate out
23 Each sysfs directory entry may be tagged with a namespace via the
26 and KOBJ_NS_TYPES, and ns will point to the namespace to which it
30 ``void *ns[KOBJ_NS_TYPES]``. When a task in a tagging namespace
33 ``s_fs_info->ns[kobj_nstype]`` set to the new namespace. Note that
36 namespace exits, it will call kobj_ns_exit() to invalidate any
44 - current_ns() which returns current's namespace
45 - netlink_ns() which returns a socket's namespace
|
| /kernel/linux/linux-6.6/include/linux/ |
| D | nd.h | 94 * struct nd_namespace_common - core infrastructure of a namespace
95 * @force_raw: ignore other personalities for the namespace (e.g. btt)
97 * @claim: when set a another personality has taken ownership of the namespace
99 * @rw_bytes: access the raw namespace capacity with byte-aligned transfers
117 * @dev: namespace device created by the nd region driver
120 * @addr: virtual address to access the namespace range
121 * @bb: badblocks list for the namespace range
132 * struct nd_namespace_pmem - namespace device for dimm-backed interleaved memory
134 * @lbasize: logical sector size for the namespace in block-device-mode
135 * @alt_name: namespace name supplied in the dimm label
[all …]
|
| /kernel/linux/linux-6.6/Documentation/admin-guide/LSM/ |
| D | SafeSetID.rst | 8 allowing a user to set up user namespace UID/GID mappings.
40 namespace). The higher level goal is to allow for uid-based sandboxing of system
69 namespace and give programs in the tree setid capabilities. In this way,
71 own user namespace, and only approved UIDs/GIDs could be mapped back to the
72 initial system user namespace, affectively preventing privilege escalation.
74 without pairing them with other namespace types, which is not always an option.
75 Linux checks for capabilities based off of the user namespace that "owns" some
77 the user namespace in which they were created. A consequence of this is that
78 capability checks for access to a given network namespace are done by checking
79 whether a task has the given capability in the context of the user namespace
[all …]
|
| /kernel/linux/linux-5.10/Documentation/admin-guide/LSM/ |
| D | SafeSetID.rst | 8 allowing a user to set up user namespace UID/GID mappings.
40 namespace). The higher level goal is to allow for uid-based sandboxing of system
69 namespace and give programs in the tree setid capabilities. In this way,
71 own user namespace, and only approved UIDs/GIDs could be mapped back to the
72 initial system user namespace, affectively preventing privilege escalation.
74 without pairing them with other namespace types, which is not always an option.
75 Linux checks for capabilities based off of the user namespace that "owns" some
77 the user namespace in which they were created. A consequence of this is that
78 capability checks for access to a given network namespace are done by checking
79 whether a task has the given capability in the context of the user namespace
[all …]
|
| /kernel/linux/linux-5.10/tools/testing/selftests/tc-testing/plugin-lib/ |
| D | nsPlugin.py | 19 if self.args.namespace:
30 if self.args.namespace:
39 'options for nsPlugin(run commands in net namespace)')
41 '-N', '--no-namespace', action='store_false', default=True,
42 dest='namespace', help='Don\'t run commands in namespace')
50 if not self.args.namespace:
85 if not self.args.namespace:
95 Create the network namespace in which the tests will be run and set up
99 if self.args.namespace:
114 Destroy the network namespace for testing (and any associated network
[all …]
|
| /kernel/linux/linux-6.6/tools/testing/selftests/tc-testing/plugin-lib/ |
| D | nsPlugin.py | 19 if self.args.namespace:
30 if self.args.namespace:
39 'options for nsPlugin(run commands in net namespace)')
41 '-N', '--no-namespace', action='store_false', default=True,
42 dest='namespace', help='Don\'t run commands in namespace')
50 if not self.args.namespace:
85 if not self.args.namespace:
95 Create the network namespace in which the tests will be run and set up
99 if self.args.namespace:
114 Destroy the network namespace for testing (and any associated network
[all …]
|
| /kernel/linux/linux-6.6/Documentation/sphinx/ |
| D | load_config.py | 9 def loadConfig(namespace): argument
12 u"""Load an additional configuration file into *namespace*.
21 and os.path.normpath(namespace["__file__"]) != os.path.normpath(config_file) ):
35 latex_documents = namespace['latex_documents']
44 namespace['latex_documents'] = new_latex_docs
49 config = namespace.copy()
55 namespace.update(config)
57 config = namespace.copy()
59 namespace.update(config)
|
| /kernel/linux/linux-5.10/Documentation/sphinx/ |
| D | load_config.py | 9 def loadConfig(namespace): argument
12 u"""Load an additional configuration file into *namespace*.
21 and os.path.normpath(namespace["__file__"]) != os.path.normpath(config_file) ):
35 latex_documents = namespace['latex_documents']
44 namespace['latex_documents'] = new_latex_docs
49 config = namespace.copy()
55 namespace.update(config)
57 config = namespace.copy()
59 namespace.update(config)
|
| /kernel/linux/linux-6.6/Documentation/driver-api/acpi/ |
| D | scan_handlers.rst | 12 During system initialization and ACPI-based device hot-add, the ACPI namespace
15 registered with the driver core for every device object in the ACPI namespace
16 and the hierarchy of those struct acpi_device objects reflects the namespace
17 layout (i.e. parent device objects in the namespace are represented by parent
26 The core ACPI namespace scanning code in drivers/acpi/scan.c carries out basic
54 The namespace scanning function, acpi_bus_scan(), first registers all of the
55 device nodes in the given namespace scope with the driver core. Then, it tries
68 the namespace scan should be terminated due to a serious error. The error code
71 The namespace trimming function, acpi_bus_trim(), first executes .detach()
72 callbacks from the scan handlers of all device nodes in the given namespace
[all …]
|
| /kernel/linux/linux-5.10/Documentation/driver-api/acpi/ |
| D | scan_handlers.rst | 12 During system initialization and ACPI-based device hot-add, the ACPI namespace
15 registered with the driver core for every device object in the ACPI namespace
16 and the hierarchy of those struct acpi_device objects reflects the namespace
17 layout (i.e. parent device objects in the namespace are represented by parent
26 The core ACPI namespace scanning code in drivers/acpi/scan.c carries out basic
54 The namespace scanning function, acpi_bus_scan(), first registers all of the
55 device nodes in the given namespace scope with the driver core. Then, it tries
68 the namespace scan should be terminated due to a serious error. The error code
71 The namespace trimming function, acpi_bus_trim(), first executes .detach()
72 callbacks from the scan handlers of all device nodes in the given namespace
[all …]
|
| /kernel/linux/linux-6.6/Documentation/driver-api/nvdimm/ |
| D | nvdimm.rst | 35 LIBNVDIMM/LIBNDCTL: Namespace
36 libnvdimm: namespace
37 libndctl: namespace enumeration example
38 libndctl: namespace creation example
39 Why the Term "namespace"?
85 the namespace. Note that traditional partition tables, GPT/MBR, are
86 layered on top of a PMEM namespace, or an address abstraction like BTT
108 NVDIMM Namespace:
140 namespace label index block is found), then no block device is created
181 single PMEM namespace is created in the REGION0-SPA-range that spans most
[all …]
|
| /kernel/linux/linux-6.6/Documentation/firmware-guide/acpi/ |
| D | namespace.rst | 5 ACPI Device Tree - Representation of ACPI Namespace
17 The Linux ACPI subsystem converts ACPI namespace objects into a Linux
42 data structure called the ACPI namespace whose topology reflects the
69 | ACPI Namespace |
80 Example ACPI Namespace
83 All definition blocks are loaded into a single namespace. The namespace
86 namespace:
93 5. The '\' symbol represents the root of the namespace (i.e. names
94 prepended with '\' are relative to the namespace root).
95 6. The '^' symbol represents the parent of the current namespace node
[all …]
|
| /kernel/linux/linux-5.10/Documentation/firmware-guide/acpi/ |
| D | namespace.rst | 5 ACPI Device Tree - Representation of ACPI Namespace
17 The Linux ACPI subsystem converts ACPI namespace objects into a Linux
42 data structure called the ACPI namespace whose topology reflects the
69 | ACPI Namespace |
80 Example ACPI Namespace
83 All definition blocks are loaded into a single namespace. The namespace
86 namespace:
93 5. The '\' symbol represents the root of the namespace (i.e. names
94 prepended with '\' are relative to the namespace root).
95 6. The '^' symbol represents the parent of the current namespace node
[all …]
|