| /kernel/linux/linux-5.10/include/linux/ |
| D | lsm_hooks.h | 46 * Return 0 if the hook is successful and permission is granted.
61 * Return 0 if the hook is successful and permission is granted.
69 * Return 0 if the hook is successful and permission is granted.
119 * Check permission before obtaining filesystem statistics for the @mnt
122 * Return 0 if permission is granted.
124 * Check permission before an object specified by @dev_name is mounted on
135 * Return 0 if permission is granted.
150 * Return 0 if permission is granted.
156 * Check permission before the @mnt file system is unmounted.
159 * Return 0 if permission is granted.
[all …]
|
| D | key.h | 78 KEY_NEED_UNSPECIFIED, /* Needed permission unspecified */
79 KEY_NEED_VIEW, /* Require permission to view attributes */
80 KEY_NEED_READ, /* Require permission to read content */
81 KEY_NEED_WRITE, /* Require permission to update / modify */
82 KEY_NEED_SEARCH, /* Require permission to search (keyring) or find (key) */
83 KEY_NEED_LINK, /* Require permission to link */
84 KEY_NEED_SETATTR, /* Require permission to change attributes */
85 KEY_NEED_UNLINK, /* Require permission to unlink key */
88 KEY_DEFER_PERM_CHECK, /* Special: permission check is deferred */
227 #define KEY_FLAG_ROOT_CAN_CLEAR 4 /* set if key can be cleared by root without permission */
[all …]
|
| /kernel/linux/linux-6.6/security/ |
| D | security.c | 796 * Return: Return 0 if permission is granted.
810 * Return: Returns 0 if permission is granted.
825 * Return: Returns 0 if permission is granted.
841 * Return: Returns 0 if permission is granted.
854 * Check permission before allowing the current process to trace the @child
861 * Return: Returns 0 if permission is granted.
872 * Check that the @parent process has sufficient permission to trace the
876 * Return: Returns 0 if permission is granted.
891 * @target process. The hook may also perform permission checking to determine
917 * Return: Returns 0 and update @new if permission is granted.
[all …]
|
| /kernel/linux/linux-6.6/fs/afs/ |
| D | afs.h | 110 #define AFS_ACE_READ 0x00000001U /* - permission to read a file/dir */
111 #define AFS_ACE_WRITE 0x00000002U /* - permission to write/chmod a file */
112 #define AFS_ACE_INSERT 0x00000004U /* - permission to create dirent in a dir */
113 #define AFS_ACE_LOOKUP 0x00000008U /* - permission to lookup a file/dir in a dir */
114 #define AFS_ACE_DELETE 0x00000010U /* - permission to delete a dirent from a dir */
115 #define AFS_ACE_LOCK 0x00000020U /* - permission to lock a file */
116 #define AFS_ACE_ADMINISTER 0x00000040U /* - permission to change ACL */
117 #define AFS_ACE_USER_A 0x01000000U /* - 'A' user-defined permission */
118 #define AFS_ACE_USER_B 0x02000000U /* - 'B' user-defined permission */
119 #define AFS_ACE_USER_C 0x04000000U /* - 'C' user-defined permission */
[all …]
|
| /kernel/linux/linux-5.10/fs/afs/ |
| D | afs.h | 110 #define AFS_ACE_READ 0x00000001U /* - permission to read a file/dir */
111 #define AFS_ACE_WRITE 0x00000002U /* - permission to write/chmod a file */
112 #define AFS_ACE_INSERT 0x00000004U /* - permission to create dirent in a dir */
113 #define AFS_ACE_LOOKUP 0x00000008U /* - permission to lookup a file/dir in a dir */
114 #define AFS_ACE_DELETE 0x00000010U /* - permission to delete a dirent from a dir */
115 #define AFS_ACE_LOCK 0x00000020U /* - permission to lock a file */
116 #define AFS_ACE_ADMINISTER 0x00000040U /* - permission to change ACL */
117 #define AFS_ACE_USER_A 0x01000000U /* - 'A' user-defined permission */
118 #define AFS_ACE_USER_B 0x02000000U /* - 'B' user-defined permission */
119 #define AFS_ACE_USER_C 0x04000000U /* - 'C' user-defined permission */
[all …]
|
| /kernel/linux/linux-6.6/Documentation/arch/x86/ |
| D | xstate.rst | 49 has permission in userspace storage of type uint64_t. The second argument
56 ARCH_REQ_XCOMP_PERM allows to request permission for a dynamically enabled
63 When requesting permission for a feature, the kernel checks the
72 Permission, when granted, is valid per process. Permissions are inherited
77 permission to use the feature. If the process has no permission then the
78 kernel sends SIGILL to the application. If the process has permission then
123 explicitly ask permission to use it::
150 The permission for the guest state component needs to be managed separately
152 are extended to control the guest permission:
167 same semantics for the guest permission. While providing a similar
[all …]
|
| /kernel/linux/common_modules/xpm/ |
| D | Kconfig | 4 # Config for the excutable permission manager
7 menu "Executable permission manager"
14 The Executable Permission Manager(XPM) control process execution
29 bool "Enables excutable permission manager debug mode"
|
| /kernel/linux/linux-6.6/net/sunrpc/auth_gss/ |
| D | gss_krb5_unseal.c | 15 * Permission to use, copy, modify, distribute, and sell this software
18 * that both that copyright notice and this permission notice appear in
21 * without specific, written prior permission. OpenVision makes no
44 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
48 * this permission notice appear in supporting documentation, and that
51 * permission. FundsXpress makes no representations about the suitability of
|
| D | gss_krb5_seal.c | 16 * Permission to use, copy, modify, distribute, and sell this software
19 * that both that copyright notice and this permission notice appear in
22 * without specific, written prior permission. OpenVision makes no
45 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
49 * this permission notice appear in supporting documentation, and that
52 * permission. FundsXpress makes no representations about the suitability of
|
| /kernel/linux/linux-5.10/security/apparmor/ |
| D | file.c | 177 * @old: permission set in old mapping
179 * Returns: new permission mapping
208 * TODO: convert from dfa + state to permission entry, do computation conversion
211 * Returns: computed permission set
246 * aa_str_perms - find permission that match @name
250 * @cond: conditions to consider for permission set computation (NOT NULL)
338 * @link: link permission set
339 * @target: target permission set
408 /* Do link perm subset test requiring allowed permission on link are in profile_path_link()
438 * aa_path_link - Handle hard link permission check
[all …]
|
| D | ipc.c | 22 * audit_ptrace_mask - convert mask to permission string
23 * @mask: permission mask to convert
114 * @request: permission request
116 * Returns: %0 else error code if permission denied or error
143 * audit_signal_mask - convert mask to permission string
144 * @mask: permission mask to convert
|
| /kernel/linux/linux-5.10/security/tomoyo/ |
| D | file.c | 241 * tomoyo_check_path_acl - Check permission for path operation.
268 * tomoyo_check_path_number_acl - Check permission for path number operation.
289 * tomoyo_check_path2_acl - Check permission for path path operation.
309 * tomoyo_check_mkdev_acl - Check permission for path number number number operation.
339 * Returns true if @a == @b except permission bits, false otherwise.
379 * @perm: Permission.
411 * Returns true if @a == @b except permission bits, false otherwise.
455 * @perm: Permission.
493 * Returns true if @a == @b except permission bits, false otherwise.
534 * @perm: Permission.
[all …]
|
| /kernel/linux/linux-6.6/security/tomoyo/ |
| D | file.c | 241 * tomoyo_check_path_acl - Check permission for path operation.
268 * tomoyo_check_path_number_acl - Check permission for path number operation.
289 * tomoyo_check_path2_acl - Check permission for path path operation.
309 * tomoyo_check_mkdev_acl - Check permission for path number number number operation.
339 * Returns true if @a == @b except permission bits, false otherwise.
379 * @perm: Permission.
411 * Returns true if @a == @b except permission bits, false otherwise.
455 * @perm: Permission.
493 * Returns true if @a == @b except permission bits, false otherwise.
534 * @perm: Permission.
[all …]
|
| /kernel/linux/linux-6.6/security/selinux/include/ |
| D | avc.h | 77 * permission. Take notice that this is unrelated to the in avc_audit_required()
86 * permission was READ and the auditdeny checks were for in avc_audit_required()
115 * avc_has_perm() after a permission check, but can also be
117 * in order to separate the permission check from the auditing.
118 * For example, this separation is useful when the permission check must
|
| /kernel/linux/linux-6.6/security/apparmor/ |
| D | file.c | 189 * TODO: convert from dfa + state to permission entry
191 * Returns: a pointer to a file permission set
208 * aa_str_perms - find permission that match @name
212 * @cond: conditions to consider for permission set computation (NOT NULL)
308 * @link: link permission set
309 * @target: target permission set
384 /* Do link perm subset test requiring allowed permission on link are in profile_path_link()
415 * aa_path_link - Handle hard link permission check
422 * Handle the permission test for a link & target pair. Permission
423 * is encoded as a pair where the link permission is determined
[all …]
|
| /kernel/linux/linux-6.6/security/keys/ |
| D | keyctl.c | 156 * matching key. Keyrings must have appropriate Search permission to be
254 * The requested keyring must have search permission to be found.
282 * permission for it to be joined. Session keyrings without this permit will
318 * The key must grant the caller Write permission and the key type must support
370 * The key must be grant the caller Write or Setattr permission for this to
412 * The key must be grant the caller Invalidate permission for this to work.
464 * The keyring must grant the caller Write permission and not have
509 * The key must grant the caller Link permission and the keyring must grant
510 * the caller Write permission. Furthermore, if an additional link is created,
544 * The keyring must grant the caller Write permission for this to work; the key
[all …]
|
| /kernel/linux/linux-5.10/security/keys/ |
| D | keyctl.c | 156 * matching key. Keyrings must have appropriate Search permission to be
254 * The requested keyring must have search permission to be found.
282 * permission for it to be joined. Session keyrings without this permit will
318 * The key must grant the caller Write permission and the key type must support
370 * The key must be grant the caller Write or Setattr permission for this to
412 * The key must be grant the caller Invalidate permission for this to work.
464 * The keyring must grant the caller Write permission and not have
509 * The key must grant the caller Link permission and the the keyring must grant
510 * the caller Write permission. Furthermore, if an additional link is created,
544 * The keyring must grant the caller Write permission for this to work; the key
[all …]
|
| /kernel/linux/linux-6.6/fs/ |
| D | attr.c | 95 * permissions. On non-idmapped mounts or if permission checking is to be
122 * permissions. On non-idmapped mounts or if permission checking is to be
151 * in the given dentry. This includes the normal unix access permission
159 * permissions. On non-idmapped mounts or if permission checking is to be
219 /* User has permission for the change */ in setattr_prepare()
287 * in attr on idmapped mounts. Necessary permission checks to determine
289 * the correct idmapped mount permission helpers.
296 * permissions. On non-idmapped mounts or if permission checking is to be
338 * times are UTIME_NOW), then we need to check for write permission in may_setattr()
378 * permissions. On non-idmapped mounts or if permission checking is to be
[all …]
|
| /kernel/linux/linux-6.6/include/linux/ |
| D | key.h | 78 KEY_NEED_UNSPECIFIED, /* Needed permission unspecified */
79 KEY_NEED_VIEW, /* Require permission to view attributes */
80 KEY_NEED_READ, /* Require permission to read content */
81 KEY_NEED_WRITE, /* Require permission to update / modify */
82 KEY_NEED_SEARCH, /* Require permission to search (keyring) or find (key) */
83 KEY_NEED_LINK, /* Require permission to link */
84 KEY_NEED_SETATTR, /* Require permission to change attributes */
85 KEY_NEED_UNLINK, /* Require permission to unlink key */
88 KEY_DEFER_PERM_CHECK, /* Special: permission check is deferred */
233 #define KEY_FLAG_ROOT_CAN_CLEAR 4 /* set if key can be cleared by root without permission */
[all …]
|
| D | fanotify.h | 20 /* Group classes where permission events are allowed */
32 * We do not allow unprivileged groups to request permission events.
107 /* Events that require a permission response from user */
126 /* These masks check for invalid bits in permission responses. */
|
| /kernel/linux/linux-5.10/net/sunrpc/auth_gss/ |
| D | gss_krb5_unseal.c | 15 * Permission to use, copy, modify, distribute, and sell this software
18 * that both that copyright notice and this permission notice appear in
21 * without specific, written prior permission. OpenVision makes no
44 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
48 * this permission notice appear in supporting documentation, and that
51 * permission. FundsXpress makes no representations about the suitability of
|
| D | gss_krb5_seal.c | 16 * Permission to use, copy, modify, distribute, and sell this software
19 * that both that copyright notice and this permission notice appear in
22 * without specific, written prior permission. OpenVision makes no
45 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
49 * this permission notice appear in supporting documentation, and that
52 * permission. FundsXpress makes no representations about the suitability of
|
| /kernel/linux/linux-5.10/security/selinux/include/ |
| D | avc.h | 78 * permission. Take notice that this is unrelated to the in avc_audit_required()
87 * permission was READ and the auditdeny checks were for in avc_audit_required()
118 * avc_has_perm() after a permission check, but can also be
120 * in order to separate the permission check from the auditing.
121 * For example, this separation is useful when the permission check must
|
| /kernel/linux/linux-6.6/Documentation/filesystems/ |
| D | adfs.rst | 39 ownmask=nnn The permission mask for ADFS 'owner' permissions
41 othmask=nnn The permission mask for ADFS 'other' permissions
58 (In older versions, an 'execute' permission did exist, but this
59 does not hold the same meaning as the Linux 'execute' permission
92 You can therefore tailor the permission translation to whatever you
|
| /kernel/linux/linux-5.10/Documentation/filesystems/ |
| D | adfs.rst | 39 ownmask=nnn The permission mask for ADFS 'owner' permissions
41 othmask=nnn The permission mask for ADFS 'other' permissions
58 (In older versions, an 'execute' permission did exist, but this
59 does not hold the same meaning as the Linux 'execute' permission
92 You can therefore tailor the permission translation to whatever you
|