| /kernel/linux/linux-6.6/Documentation/filesystems/ |
| D | adfs.rst | 39 ownmask=nnn The permission mask for ADFS 'owner' permissions
41 othmask=nnn The permission mask for ADFS 'other' permissions
48 Mapping of ADFS permissions to Linux permissions
51 ADFS permissions consist of the following:
68 Possible owner mode permissions -> -rwx------
74 Possible other mode permissions -> ----rwxrwx
77 not a UnixExec filetype, then the permissions will be::
93 desire the permissions should be under Linux.
|
| D | isofs.rst | 39 mode=xxx Sets the permissions on files to xxx unless Rock Ridge
40 extensions set the permissions otherwise
41 dmode=xxx Sets the permissions on directories to xxx unless Rock Ridge
42 extensions set the permissions otherwise
43 overriderockperm Set permissions on files and directories according to
|
| /kernel/linux/linux-5.10/Documentation/filesystems/ |
| D | adfs.rst | 39 ownmask=nnn The permission mask for ADFS 'owner' permissions
41 othmask=nnn The permission mask for ADFS 'other' permissions
48 Mapping of ADFS permissions to Linux permissions
51 ADFS permissions consist of the following:
68 Possible owner mode permissions -> -rwx------
74 Possible other mode permissions -> ----rwxrwx
77 not a UnixExec filetype, then the permissions will be::
93 desire the permissions should be under Linux.
|
| D | isofs.rst | 39 mode=xxx Sets the permissions on files to xxx unless Rock Ridge
40 extensions set the permissions otherwise
41 dmode=xxx Sets the permissions on directories to xxx unless Rock Ridge
42 extensions set the permissions otherwise
43 overriderockperm Set permissions on files and directories according to
|
| /kernel/linux/linux-5.10/security/selinux/ss/ |
| D | avtab.h | 38 /* extended permissions */
51 * For operations that require more than the 32 permissions provided by the avc
52 * extended permissions may be used to provide 256 bits of permissions.
63 * specifies which permissions are included.
66 /* 256 bits of permissions */
|
| D | constraint.h | 4 * order for one or more permissions to be granted.
58 u32 permissions; /* constrained permissions */ member
59 struct constraint_expr *expr; /* constraint on permissions */
|
| /kernel/linux/linux-5.10/security/keys/ |
| D | permission.c | 24 * permissions bits or the LSM check.
53 /* use the second 8-bits of permissions for keys the caller owns */ in key_task_permission()
59 /* use the third 8-bits of permissions for keys the caller has a group in key_task_permission()
79 /* use the top 8-bits of permissions for keys the caller possesses in key_task_permission()
80 * - possessor permissions are additive with other permissions in key_task_permission()
|
| /kernel/linux/linux-6.6/security/keys/ |
| D | permission.c | 24 * permissions bits or the LSM check.
53 /* use the second 8-bits of permissions for keys the caller owns */ in key_task_permission()
59 /* use the third 8-bits of permissions for keys the caller has a group in key_task_permission()
79 /* use the top 8-bits of permissions for keys the caller possesses in key_task_permission()
80 * - possessor permissions are additive with other permissions in key_task_permission()
|
| /kernel/linux/linux-6.6/security/selinux/ss/ |
| D | avtab.h | 38 /* extended permissions */
51 * For operations that require more than the 32 permissions provided by the avc
52 * extended permissions may be used to provide 256 bits of permissions.
63 * specifies which permissions are included.
66 /* 256 bits of permissions */
|
| D | constraint.h | 4 * order for one or more permissions to be granted.
58 u32 permissions; /* constrained permissions */ member
59 struct constraint_expr *expr; /* constraint on permissions */
|
| /kernel/linux/linux-5.10/include/linux/ |
| D | lsm_hooks.h | 41 * new program. This hook may also optionally check permissions
54 * hook may also optionally check permissions (e.g. for transitions
152 * Mount this @sb if allowed by permissions.
283 * Check permissions to create a new directory in the existing directory
291 * Check permissions to create a new directory in the existing directory
311 * Check permissions when creating a special file (or a socket or a fifo
321 * Check permissions when creating a file. Note that this hook is called
361 * Check permissions before setting a watch on events as defined by @mask,
491 * Check file permissions before accessing an open file. This hook is
494 * operations, e.g. to revalidate permissions on use to support privilege
[all …]
|
| /kernel/linux/linux-6.6/tools/testing/selftests/powerpc/mm/ |
| D | pkey_exec_prot.c | 59 /* Restore permissions in order to continue */ in segv_handler()
63 sigsafe_err("failed to set access permissions\n"); in segv_handler()
82 * permissions. in segv_handler()
85 sigsafe_err("failed to set execute permissions\n"); in segv_handler()
180 printf("read from %p, pkey permissions are %s\n", fault_addr, in test()
197 printf("write to %p, pkey permissions are %s\n", fault_addr, in test()
218 printf("read from %p, pkey permissions are %s\n", fault_addr, in test()
235 printf("write to %p, pkey permissions are %s\n", fault_addr, in test()
271 printf("execute at %p, pkey permissions are %s\n", fault_addr, in test()
|
| /kernel/linux/linux-5.10/tools/testing/selftests/powerpc/mm/ |
| D | pkey_exec_prot.c | 59 /* Restore permissions in order to continue */ in segv_handler()
63 sigsafe_err("failed to set access permissions\n"); in segv_handler()
82 * permissions. in segv_handler()
85 sigsafe_err("failed to set execute permissions\n"); in segv_handler()
180 printf("read from %p, pkey permissions are %s\n", fault_addr, in test()
197 printf("write to %p, pkey permissions are %s\n", fault_addr, in test()
218 printf("read from %p, pkey permissions are %s\n", fault_addr, in test()
235 printf("write to %p, pkey permissions are %s\n", fault_addr, in test()
271 printf("execute at %p, pkey permissions are %s\n", fault_addr, in test()
|
| /kernel/linux/linux-6.6/security/selinux/ |
| D | avc.c | 550 * (@ssid, @tsid), interpreting the permissions
597 * @xp_node: resulting extended permissions
818 * @xperm: xperm permissions
953 * avc_ss_reset - Flush the cache and revalidate migrated permissions.
983 * @xp_node: AVC extended permissions node
1016 * The avc extended permissions logic adds an additional 256 bits of
1017 * permissions to an avc node when extended permissions for that node are
1018 * specified in the avtab. If the additional 256 permissions is not adequate,
1050 /* if extended permissions are not defined, only consider av_decision */ in avc_has_extended_perms()
1103 * @requested: requested permissions
[all …]
|
| /kernel/linux/linux-5.10/arch/arm64/include/asm/ |
| D | kvm_pgtable.h | 33 * enum kvm_pgtable_prot - Page-table permissions and attributes.
109 * @prot: Permissions and attributes for the mapping.
149 * @prot: Permissions and attributes for the mapping.
200 * calling this function to ensure that the updated permissions are visible
232 * calling this function to ensure that the updated permissions are visible
240 * kvm_pgtable_stage2_relax_perms() - Relax the permissions enforced by a
244 * @prot: Additional permissions to grant for the mapping.
249 * relax the permissions in that entry according to the read, write and
250 * execute permissions specified by @prot. No permissions are removed, and
|
| /kernel/linux/linux-6.6/arch/x86/kernel/cpu/sgx/ |
| D | ioctl.c | 191 * CPU will silently overwrite the permissions as zero, which means in sgx_validate_secinfo()
384 * A SECINFO for a TCS is required to always contain zero permissions because
388 * mmap()'s protection bits are capped by the page permissions. For each page
392 * 1. A regular page: PROT_R, PROT_W and PROT_X match the SECINFO permissions.
732 * sgx_enclave_restrict_permissions() - Restrict EPCM permissions
735 * their new permissions.
753 secinfo.flags = modp->permissions & SGX_SECINFO_PERMISSION_MASK; in sgx_enclave_restrict_permissions()
769 * Changing EPCM permissions is only supported on regular in sgx_enclave_restrict_permissions()
781 * how EPCM permissions can be relaxed from within the enclave. in sgx_enclave_restrict_permissions()
782 * ENCLS[EMODPR] can only remove existing EPCM permissions, in sgx_enclave_restrict_permissions()
[all …]
|
| /kernel/linux/linux-5.10/security/apparmor/ |
| D | file.c | 78 * @perms: the permissions computed for the request (NOT NULL)
80 * @request: permissions requested
121 /* only report permissions that were denied */ in aa_audit_file()
218 * splits the permissions from the dfa. This mapping can be in aa_compute_fperms()
251 * @perms: Returns - the permissions found when matching @name
303 * aa_path_perm - do permissions check & audit for @path
306 * @path: path to check permissions of (NOT NULL)
308 * @request: requested permissions
341 * test target x permissions are equal OR a subset of link x permissions
343 * a subset of permissions that the target has.
[all …]
|
| /kernel/linux/linux-5.10/security/selinux/ |
| D | avc.c | 555 * (@ssid, @tsid), interpreting the permissions
604 * @xp_node: resulting extended permissions
850 * then we must not add permissions to a cache entry in avc_update_node()
853 * will find the permissions already granted in the cache entry in avc_update_node()
969 * avc_ss_reset - Flush the cache and revalidate migrated permissions.
1034 * The avc extended permissions logic adds an additional 256 bits of
1035 * permissions to an avc node when extended permissions for that node are
1036 * specified in the avtab. If the additional 256 permissions is not adequate,
1069 /* if extended permissions are not defined, only consider av_decision */ in avc_has_extended_perms()
1118 * avc_has_perm_noaudit - Check permissions but perform no auditing.
[all …]
|
| /kernel/linux/linux-6.6/security/selinux/include/ |
| D | avc.h | 78 * actual permissions that were denied. As an example lets in avc_audit_required()
104 * avc_audit - Audit the granting or denial of permissions.
108 * @requested: requested permissions
113 * Audit the granting or denial of permissions in accordance
138 #define AVC_EXTENDED_PERMS 2 /* update extended permissions */
|
| /kernel/linux/linux-6.6/security/apparmor/ |
| D | file.c | 82 * @perms: the permissions computed for the request (NOT NULL)
84 * @request: permissions requested
126 /* only report permissions that were denied */ in aa_audit_file()
213 * @perms: Returns - the permissions found when matching @name
271 * aa_path_perm - do permissions check & audit for @path
275 * @path: path to check permissions of (NOT NULL)
277 * @request: requested permissions
311 * test target x permissions are equal OR a subset of link x permissions
313 * a subset of permissions that the target has.
385 * a subset of the allowed permissions on target. in profile_path_link()
[all …]
|
| /kernel/liteos_m/arch/risc-v/nuclei/gcc/nmsis/Core/Include/ |
| D | nmsis_gcc.h | 15 * See the License for the specific language governing permissions and
210 /** \brief Defines 'read only' permissions */
216 /** \brief Defines 'write only' permissions */
218 /** \brief Defines 'read / write' permissions */
222 /** \brief Defines 'read only' structure member permissions */
224 /** \brief Defines 'write only' structure member permissions */
226 /** \brief Defines 'read/write' structure member permissions */
|
| /kernel/linux/linux-5.10/security/selinux/include/ |
| D | avc.h | 79 * actual permissions that were denied. As an example lets in avc_audit_required()
106 * avc_audit - Audit the granting or denial of permissions.
110 * @requested: requested permissions
116 * Audit the granting or denial of permissions in accordance
146 #define AVC_EXTENDED_PERMS 2 /* update extended permissions */
|
| /kernel/linux/linux-6.6/fs/ |
| D | attr.c | 87 * chown_ok - verify permissions to chown inode
89 * @inode: inode to check permissions on
95 * permissions. On non-idmapped mounts or if permission checking is to be
114 * chgrp_ok - verify permissions to chgrp inode
116 * @inode: inode to check permissions on
122 * permissions. On non-idmapped mounts or if permission checking is to be
159 * permissions. On non-idmapped mounts or if permission checking is to be
243 * permissions to allow truncate (inode_newsize_ok does NOT check these
296 * permissions. On non-idmapped mounts or if permission checking is to be
378 * permissions. On non-idmapped mounts or if permission checking is to be
|
| /kernel/linux/linux-6.6/fs/coda/ |
| D | coda_fs_i.h | 28 unsigned int c_cached_epoch; /* epoch for cached permissions */
29 kuid_t c_uid; /* fsuid for cached permissions */
30 unsigned int c_cached_perm; /* cached access permissions */
|
| /kernel/linux/linux-5.10/fs/coda/ |
| D | coda_fs_i.h | 28 unsigned int c_cached_epoch; /* epoch for cached permissions */
29 kuid_t c_uid; /* fsuid for cached permissions */
30 unsigned int c_cached_perm; /* cached access permissions */
|