Lines Matching refs:_metadata
90 static void mkdir_parents(struct __test_metadata *const _metadata, in mkdir_parents() argument
116 static void create_directory(struct __test_metadata *const _metadata, in create_directory() argument
119 mkdir_parents(_metadata, path); in create_directory()
127 static void create_file(struct __test_metadata *const _metadata, in create_file() argument
130 mkdir_parents(_metadata, path); in create_file()
172 static void prepare_layout(struct __test_metadata *const _metadata) in prepare_layout() argument
174 disable_caps(_metadata); in prepare_layout()
176 create_directory(_metadata, TMP_DIR); in prepare_layout()
182 set_cap(_metadata, CAP_SYS_ADMIN); in prepare_layout()
186 clear_cap(_metadata, CAP_SYS_ADMIN); in prepare_layout()
189 static void cleanup_layout(struct __test_metadata *const _metadata) in cleanup_layout() argument
191 set_cap(_metadata, CAP_SYS_ADMIN); in cleanup_layout()
193 clear_cap(_metadata, CAP_SYS_ADMIN); in cleanup_layout()
197 static void create_layout1(struct __test_metadata *const _metadata) in create_layout1() argument
199 create_file(_metadata, file1_s1d1); in create_layout1()
200 create_file(_metadata, file1_s1d2); in create_layout1()
201 create_file(_metadata, file1_s1d3); in create_layout1()
202 create_file(_metadata, file2_s1d1); in create_layout1()
203 create_file(_metadata, file2_s1d2); in create_layout1()
204 create_file(_metadata, file2_s1d3); in create_layout1()
206 create_file(_metadata, file1_s2d1); in create_layout1()
207 create_file(_metadata, file1_s2d2); in create_layout1()
208 create_file(_metadata, file1_s2d3); in create_layout1()
209 create_file(_metadata, file2_s2d3); in create_layout1()
211 create_directory(_metadata, dir_s3d2); in create_layout1()
212 set_cap(_metadata, CAP_SYS_ADMIN); in create_layout1()
214 clear_cap(_metadata, CAP_SYS_ADMIN); in create_layout1()
219 static void remove_layout1(struct __test_metadata *const _metadata) in remove_layout1() argument
234 set_cap(_metadata, CAP_SYS_ADMIN); in remove_layout1()
236 clear_cap(_metadata, CAP_SYS_ADMIN); in remove_layout1()
246 prepare_layout(_metadata); in FIXTURE_SETUP()
248 create_layout1(_metadata); in FIXTURE_SETUP()
253 remove_layout1(_metadata); in FIXTURE_TEARDOWN()
255 cleanup_layout(_metadata); in FIXTURE_TEARDOWN()
489 static void add_path_beneath(struct __test_metadata *const _metadata, in add_path_beneath() argument
529 static int create_ruleset(struct __test_metadata *const _metadata, in create_ruleset() argument
555 add_path_beneath(_metadata, ruleset_fd, rules[i].access, in create_ruleset()
561 static void enforce_ruleset(struct __test_metadata *const _metadata, in enforce_ruleset() argument
583 _metadata, rules[0].access | LANDLOCK_ACCESS_FS_READ_DIR, in TEST_F_FORK()
589 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
631 drop_caps(_metadata); in TEST_F_FORK()
633 ruleset_fd = create_ruleset(_metadata, ACCESS_RO, rules); in TEST_F_FORK()
639 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
657 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
662 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
711 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RO, rules); in TEST_F_FORK()
714 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
744 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
747 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
800 int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1); in TEST_F_FORK()
803 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
826 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2); in TEST_F_FORK()
828 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
851 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3); in TEST_F_FORK()
853 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
898 create_ruleset(_metadata, LANDLOCK_ACCESS_FS_MAKE_REG, layer1); in TEST_F_FORK()
900 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
908 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_REMOVE_FILE, in TEST_F_FORK()
911 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1018 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1021 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1029 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1034 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1042 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1045 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1054 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1059 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1071 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_READ_FILE, in TEST_F_FORK()
1074 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1083 ruleset_fd = create_ruleset(_metadata, LANDLOCK_ACCESS_FS_EXECUTE, in TEST_F_FORK()
1086 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1095 ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
1100 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1120 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1123 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1143 add_path_beneath(_metadata, ruleset_fd, LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1156 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1176 add_path_beneath(_metadata, ruleset_fd, ACCESS_RW, dir_s1d1); in TEST_F_FORK()
1177 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1198 add_path_beneath(_metadata, ruleset_fd, LANDLOCK_ACCESS_FS_WRITE_FILE, in TEST_F_FORK()
1200 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1236 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1239 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1249 add_path_beneath(_metadata, ruleset_fd, in TEST_F_FORK()
1253 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1274 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1278 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1304 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1313 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1318 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1336 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1339 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1365 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1368 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1393 int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1396 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1404 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1406 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1423 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1426 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1445 set_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1451 clear_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1453 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1455 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1471 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1474 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1477 set_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1482 clear_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1494 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1498 set_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1507 clear_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1509 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1512 set_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1516 clear_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1536 const int ruleset_fd = create_ruleset(_metadata, ACCESS_RW, rules); in TEST_F_FORK()
1540 set_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1542 clear_cap(_metadata, CAP_SYS_ADMIN); in TEST_F_FORK()
1544 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1560 static void test_relative_path(struct __test_metadata *const _metadata, in test_relative_path() argument
1587 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_base); in test_relative_path()
1589 enforce_ruleset(_metadata, ruleset_fd); in test_relative_path()
1592 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_subs); in test_relative_path()
1610 set_cap(_metadata, CAP_SYS_CHROOT); in test_relative_path()
1611 enforce_ruleset(_metadata, ruleset_fd); in test_relative_path()
1679 test_relative_path(_metadata, REL_OPEN); in TEST_F_FORK()
1684 test_relative_path(_metadata, REL_CHDIR); in TEST_F_FORK()
1689 test_relative_path(_metadata, REL_CHROOT_ONLY); in TEST_F_FORK()
1694 test_relative_path(_metadata, REL_CHROOT_CHDIR); in TEST_F_FORK()
1697 static void copy_binary(struct __test_metadata *const _metadata, in copy_binary() argument
1721 static void test_execute(struct __test_metadata *const _metadata, const int err, in test_execute() argument
1736 _exit(_metadata->passed ? 2 : 1); in test_execute()
1758 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
1761 copy_binary(_metadata, file1_s1d1); in TEST_F_FORK()
1762 copy_binary(_metadata, file1_s1d2); in TEST_F_FORK()
1763 copy_binary(_metadata, file1_s1d3); in TEST_F_FORK()
1765 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1770 test_execute(_metadata, EACCES, file1_s1d1); in TEST_F_FORK()
1774 test_execute(_metadata, 0, file1_s1d2); in TEST_F_FORK()
1778 test_execute(_metadata, 0, file1_s1d3); in TEST_F_FORK()
1797 int ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in TEST_F_FORK()
1805 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1826 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in TEST_F_FORK()
1828 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1864 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
1870 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
1946 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
1954 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2010 create_ruleset(_metadata, LANDLOCK_ACCESS_FS_REFER, layer1); in TEST_F_FORK()
2013 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2039 static void refer_denied_by_default(struct __test_metadata *const _metadata, in refer_denied_by_default() argument
2048 ruleset_fd = create_ruleset(_metadata, layer1[0].access, layer1); in refer_denied_by_default()
2050 enforce_ruleset(_metadata, ruleset_fd); in refer_denied_by_default()
2063 ruleset_fd = create_ruleset(_metadata, layer2[0].access, layer2); in refer_denied_by_default()
2065 enforce_ruleset(_metadata, ruleset_fd); in refer_denied_by_default()
2112 refer_denied_by_default(_metadata, layer_dir_s1d1_refer, 0, in TEST_F_FORK()
2122 refer_denied_by_default(_metadata, layer_dir_s1d1_execute, EXDEV, in TEST_F_FORK()
2133 refer_denied_by_default(_metadata, layer_dir_s1d1_refer, 0, in TEST_F_FORK()
2143 refer_denied_by_default(_metadata, layer_dir_s2d1_execute, EXDEV, in TEST_F_FORK()
2169 _metadata, in TEST_F_FORK()
2173 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2247 _metadata, in TEST_F_FORK()
2251 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2370 reparent_exdev_layers_enforce1(struct __test_metadata *const _metadata) in reparent_exdev_layers_enforce1() argument
2393 _metadata, in reparent_exdev_layers_enforce1()
2397 enforce_ruleset(_metadata, ruleset_fd); in reparent_exdev_layers_enforce1()
2402 reparent_exdev_layers_enforce2(struct __test_metadata *const _metadata) in reparent_exdev_layers_enforce2() argument
2416 create_ruleset(_metadata, LANDLOCK_ACCESS_FS_MAKE_DIR, layer2); in reparent_exdev_layers_enforce2()
2419 enforce_ruleset(_metadata, ruleset_fd); in reparent_exdev_layers_enforce2()
2428 reparent_exdev_layers_enforce1(_metadata); in TEST_F_FORK()
2452 reparent_exdev_layers_enforce2(_metadata); in TEST_F_FORK()
2479 reparent_exdev_layers_enforce1(_metadata); in TEST_F_FORK()
2497 reparent_exdev_layers_enforce2(_metadata); in TEST_F_FORK()
2531 reparent_exdev_layers_enforce1(_metadata); in TEST_F_FORK()
2588 reparent_exdev_layers_enforce2(_metadata); in TEST_F_FORK()
2634 reparent_exdev_layers_enforce1(_metadata); in TEST_F_FORK()
2635 reparent_exdev_layers_enforce2(_metadata); in TEST_F_FORK()
2653 reparent_exdev_layers_enforce1(_metadata); in TEST_F_FORK()
2690 _metadata, in TEST_F_FORK()
2696 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2761 int ruleset_fd = create_ruleset(_metadata, in TEST_F_FORK()
2770 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2835 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
2844 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2872 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
2875 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
2886 static void test_make_file(struct __test_metadata *const _metadata, in test_make_file() argument
2897 const int ruleset_fd = create_ruleset(_metadata, access, rules); in test_make_file()
2915 enforce_ruleset(_metadata, ruleset_fd); in test_make_file()
2943 set_cap(_metadata, CAP_MKNOD); in TEST_F_FORK()
2944 test_make_file(_metadata, LANDLOCK_ACCESS_FS_MAKE_CHAR, S_IFCHR, in TEST_F_FORK()
2951 set_cap(_metadata, CAP_MKNOD); in TEST_F_FORK()
2952 test_make_file(_metadata, LANDLOCK_ACCESS_FS_MAKE_BLOCK, S_IFBLK, in TEST_F_FORK()
2958 test_make_file(_metadata, LANDLOCK_ACCESS_FS_MAKE_REG, S_IFREG, 0); in TEST_F_FORK()
2963 test_make_file(_metadata, LANDLOCK_ACCESS_FS_MAKE_REG, 0, 0); in TEST_F_FORK()
2968 test_make_file(_metadata, LANDLOCK_ACCESS_FS_MAKE_SOCK, S_IFSOCK, 0); in TEST_F_FORK()
2973 test_make_file(_metadata, LANDLOCK_ACCESS_FS_MAKE_FIFO, S_IFIFO, 0); in TEST_F_FORK()
2986 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3000 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3031 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3039 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3049 static int open_proc_fd(struct __test_metadata *const _metadata, const int fd, in open_proc_fd() argument
3072 _metadata, in TEST_F_FORK()
3077 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3086 proc_fd = open_proc_fd(_metadata, reg_fd, O_RDONLY | O_CLOEXEC); in TEST_F_FORK()
3090 proc_fd = open_proc_fd(_metadata, reg_fd, O_RDWR | O_CLOEXEC); in TEST_F_FORK()
3116 create_ruleset(_metadata, rules[0].access, rules); in TEST_F_FORK()
3119 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3136 proc_fd = open_proc_fd(_metadata, pipe_fds[1], O_WRONLY | O_CLOEXEC); in TEST_F_FORK()
3146 proc_fd = open_proc_fd(_metadata, pipe_fds[0], O_RDONLY | O_CLOEXEC); in TEST_F_FORK()
3166 prepare_layout(_metadata); in FIXTURE_SETUP()
3168 create_layout1(_metadata); in FIXTURE_SETUP()
3170 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3172 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3177 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3179 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3181 remove_layout1(_metadata); in FIXTURE_TEARDOWN()
3183 cleanup_layout(_metadata); in FIXTURE_TEARDOWN()
3289 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_parent); in TEST_F_FORK()
3291 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3311 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_mount_point); in TEST_F_FORK()
3313 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3335 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3_source); in TEST_F_FORK()
3337 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3359 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer4_destination); in TEST_F_FORK()
3361 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3388 _metadata, in TEST_F_FORK()
3392 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3542 prepare_layout(_metadata); in FIXTURE_SETUP()
3544 create_directory(_metadata, LOWER_BASE); in FIXTURE_SETUP()
3545 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3548 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3549 create_file(_metadata, lower_fl1); in FIXTURE_SETUP()
3550 create_file(_metadata, lower_dl1_fl2); in FIXTURE_SETUP()
3551 create_file(_metadata, lower_fo1); in FIXTURE_SETUP()
3552 create_file(_metadata, lower_do1_fo2); in FIXTURE_SETUP()
3553 create_file(_metadata, lower_do1_fl3); in FIXTURE_SETUP()
3555 create_directory(_metadata, UPPER_BASE); in FIXTURE_SETUP()
3556 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3558 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3559 create_file(_metadata, upper_fu1); in FIXTURE_SETUP()
3560 create_file(_metadata, upper_du1_fu2); in FIXTURE_SETUP()
3561 create_file(_metadata, upper_fo1); in FIXTURE_SETUP()
3562 create_file(_metadata, upper_do1_fo2); in FIXTURE_SETUP()
3563 create_file(_metadata, upper_do1_fu3); in FIXTURE_SETUP()
3566 create_directory(_metadata, MERGE_DATA); in FIXTURE_SETUP()
3567 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3568 set_cap(_metadata, CAP_DAC_OVERRIDE); in FIXTURE_SETUP()
3572 clear_cap(_metadata, CAP_DAC_OVERRIDE); in FIXTURE_SETUP()
3573 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_SETUP()
3583 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3585 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3594 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3596 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3599 set_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3601 clear_cap(_metadata, CAP_SYS_ADMIN); in FIXTURE_TEARDOWN()
3604 cleanup_layout(_metadata); in FIXTURE_TEARDOWN()
3773 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer1_base); in TEST_F_FORK()
3775 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3821 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer2_data); in TEST_F_FORK()
3823 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3838 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer3_subdirs); in TEST_F_FORK()
3840 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3863 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer4_files); in TEST_F_FORK()
3865 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()
3891 ruleset_fd = create_ruleset(_metadata, ACCESS_RW, layer5_merge_only); in TEST_F_FORK()
3893 enforce_ruleset(_metadata, ruleset_fd); in TEST_F_FORK()