In order to track attempts to follow symlinks outside of a directory root, we need to be able to extract the d_name.name member from struct dentry.

The LSM function used to track this behavior is security_inode_follow_link (available since 4.19):

int security_inode_follow_link(struct dentry *dentry, struct inode *inode, bool rcu);