Home
last modified time | relevance | path

Searched refs:new (Results 1 – 25 of 25) sorted by relevance

/security/
Dcommoncap.c256 int cap_capset(struct cred *new, in cap_capset() argument
283 new->cap_effective = *effective; in cap_capset()
284 new->cap_inheritable = *inheritable; in cap_capset()
285 new->cap_permitted = *permitted; in cap_capset()
291 new->cap_ambient = cap_intersect(new->cap_ambient, in cap_capset()
294 if (WARN_ON(!cap_ambient_invariant_ok(new))) in cap_capset()
360 struct cred *new = bprm->cred; in bprm_caps_from_vfs_caps() local
378 new->cap_permitted.cap[i] = in bprm_caps_from_vfs_caps()
379 (new->cap_bset.cap[i] & permitted) | in bprm_caps_from_vfs_caps()
380 (new->cap_inheritable.cap[i] & inheritable); in bprm_caps_from_vfs_caps()
[all …]
Dsecurity.c187 int security_capset(struct cred *new, const struct cred *old, in security_capset() argument
192 return security_ops->capset(new, old, in security_capset()
818 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp) in security_prepare_creds() argument
820 return security_ops->cred_prepare(new, old, gfp); in security_prepare_creds()
823 void security_transfer_creds(struct cred *new, const struct cred *old) in security_transfer_creds() argument
825 security_ops->cred_transfer(new, old); in security_transfer_creds()
828 int security_kernel_act_as(struct cred *new, u32 secid) in security_kernel_act_as() argument
830 return security_ops->kernel_act_as(new, secid); in security_kernel_act_as()
833 int security_kernel_create_files_as(struct cred *new, struct inode *inode) in security_kernel_create_files_as() argument
835 return security_ops->kernel_create_files_as(new, inode); in security_kernel_create_files_as()
[all …]
Ddevice_cgroup.c88 struct dev_exception_item *ex, *tmp, *new; in dev_exceptions_copy() local
93 new = kmemdup(ex, sizeof(*ex), GFP_KERNEL); in dev_exceptions_copy()
94 if (!new) in dev_exceptions_copy()
96 list_add_tail(&new->list, dest); in dev_exceptions_copy()
Dcapability.c395 static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) in cap_cred_prepare() argument
400 static void cap_cred_transfer(struct cred *new, const struct cred *old) in cap_cred_transfer() argument
404 static int cap_kernel_act_as(struct cred *new, u32 secid) in cap_kernel_act_as() argument
409 static int cap_kernel_create_files_as(struct cred *new, struct inode *inode) in cap_kernel_create_files_as() argument
/security/apparmor/
Dcontext.c63 void aa_dup_task_context(struct aa_task_cxt *new, const struct aa_task_cxt *old) in aa_dup_task_context() argument
65 *new = *old; in aa_dup_task_context()
66 aa_get_profile(new->profile); in aa_dup_task_context()
67 aa_get_profile(new->previous); in aa_dup_task_context()
68 aa_get_profile(new->onexec); in aa_dup_task_context()
80 struct cred *new; in aa_replace_current_profile() local
86 new = prepare_creds(); in aa_replace_current_profile()
87 if (!new) in aa_replace_current_profile()
90 cxt = new->security; in aa_replace_current_profile()
109 commit_creds(new); in aa_replace_current_profile()
[all …]
Dresource.c112 void __aa_transition_rlimits(struct aa_profile *old, struct aa_profile *new) in __aa_transition_rlimits() argument
133 if (!new->rlimits.mask) in __aa_transition_rlimits()
136 if (!(new->rlimits.mask & mask)) in __aa_transition_rlimits()
141 new->rlimits.limits[i].rlim_max); in __aa_transition_rlimits()
Dfile.c164 u32 new = old & 0xf; in map_old_perms() local
166 new |= AA_MAY_META_READ; in map_old_perms()
168 new |= AA_MAY_META_WRITE | AA_MAY_CREATE | AA_MAY_DELETE | in map_old_perms()
171 new |= AA_MAY_LINK; in map_old_perms()
176 new |= AA_MAY_LOCK | AA_LINK_SUBSET; in map_old_perms()
178 new |= AA_EXEC_MMAP; in map_old_perms()
180 return new; in map_old_perms()
Dpolicy.c487 static void __replace_profile(struct aa_profile *old, struct aa_profile *new) in __replace_profile() argument
498 new->parent = aa_get_profile(old->parent); in __replace_profile()
499 new->ns = aa_get_namespace(old->ns); in __replace_profile()
500 new->sid = old->sid; in __replace_profile()
501 __list_add_profile(&policy->profiles, new); in __replace_profile()
505 child->parent = aa_get_profile(new); in __replace_profile()
507 list_move(&child->base.list, &new->base.profiles); in __replace_profile()
511 old->replacedby = aa_get_profile(new); in __replace_profile()
Dlsm.c72 static int apparmor_cred_prepare(struct cred *new, const struct cred *old, in apparmor_cred_prepare() argument
81 new->security = cxt; in apparmor_cred_prepare()
88 static void apparmor_cred_transfer(struct cred *new, const struct cred *old) in apparmor_cred_transfer() argument
91 struct aa_task_cxt *new_cxt = new->security; in apparmor_cred_transfer()
Dpolicy_unpack.c92 static int audit_iface(struct aa_profile *new, const char *name, in audit_iface() argument
102 aad.iface.target = new; in audit_iface()
/security/keys/
Dprocess_keys.c131 int install_thread_keyring_to_cred(struct cred *new) in install_thread_keyring_to_cred() argument
135 keyring = keyring_alloc("_tid", new->uid, new->gid, new, in install_thread_keyring_to_cred()
141 new->thread_keyring = keyring; in install_thread_keyring_to_cred()
150 struct cred *new; in install_thread_keyring() local
153 new = prepare_creds(); in install_thread_keyring()
154 if (!new) in install_thread_keyring()
157 BUG_ON(new->thread_keyring); in install_thread_keyring()
159 ret = install_thread_keyring_to_cred(new); in install_thread_keyring()
161 abort_creds(new); in install_thread_keyring()
165 return commit_creds(new); in install_thread_keyring()
[all …]
Dkeyring.c1195 struct keyring_list *klist, *new; in keyring_gc() local
1219 new = kmalloc(sizeof(struct keyring_list) + max * sizeof(struct key *), in keyring_gc()
1221 if (!new) in keyring_gc()
1223 new->maxkeys = max; in keyring_gc()
1224 new->nkeys = 0; in keyring_gc()
1225 new->delkey = 0; in keyring_gc()
1236 RCU_INIT_POINTER(new->keys[keep++], key_get(key)); in keyring_gc()
1239 new->nkeys = keep; in keyring_gc()
1248 kfree(new); in keyring_gc()
1250 rcu_assign_pointer(keyring->payload.subscriptions, new); in keyring_gc()
[all …]
Dkeyctl.c975 struct cred *new; in keyctl_change_reqkey_auth() local
977 new = prepare_creds(); in keyctl_change_reqkey_auth()
978 if (!new) in keyctl_change_reqkey_auth()
981 key_put(new->request_key_auth); in keyctl_change_reqkey_auth()
982 new->request_key_auth = key_get(key); in keyctl_change_reqkey_auth()
984 return commit_creds(new); in keyctl_change_reqkey_auth()
1248 struct cred *new; in keyctl_set_reqkey_keyring() local
1256 new = prepare_creds(); in keyctl_set_reqkey_keyring()
1257 if (!new) in keyctl_set_reqkey_keyring()
1262 ret = install_thread_keyring_to_cred(new); in keyctl_set_reqkey_keyring()
[all …]
/security/selinux/ss/
Debitmap.c51 struct ebitmap_node *n, *new, *prev; in ebitmap_cpy() local
57 new = kzalloc(sizeof(*new), GFP_ATOMIC); in ebitmap_cpy()
58 if (!new) { in ebitmap_cpy()
62 new->startbit = n->startbit; in ebitmap_cpy()
63 memcpy(new->maps, n->maps, EBITMAP_SIZE / 8); in ebitmap_cpy()
64 new->next = NULL; in ebitmap_cpy()
66 prev->next = new; in ebitmap_cpy()
68 dst->node = new; in ebitmap_cpy()
69 prev = new; in ebitmap_cpy()
265 struct ebitmap_node *n, *prev, *new; in ebitmap_set_bit() local
[all …]
/security/selinux/
Dnetif.c140 struct sel_netif *new = NULL; in sel_netif_sid_slow() local
161 new = kzalloc(sizeof(*new), GFP_ATOMIC); in sel_netif_sid_slow()
162 if (new == NULL) { in sel_netif_sid_slow()
166 ret = security_netif_sid(dev->name, &new->nsec.sid); in sel_netif_sid_slow()
169 new->nsec.ns = ns; in sel_netif_sid_slow()
170 new->nsec.ifindex = ifindex; in sel_netif_sid_slow()
171 ret = sel_netif_insert(new); in sel_netif_sid_slow()
174 *sid = new->nsec.sid; in sel_netif_sid_slow()
184 kfree(new); in sel_netif_sid_slow()
Dnetport.c152 struct sel_netport *new = NULL; in sel_netport_sid_slow() local
161 new = kzalloc(sizeof(*new), GFP_ATOMIC); in sel_netport_sid_slow()
162 if (new == NULL) in sel_netport_sid_slow()
168 new->psec.port = pnum; in sel_netport_sid_slow()
169 new->psec.protocol = protocol; in sel_netport_sid_slow()
170 new->psec.sid = *sid; in sel_netport_sid_slow()
171 sel_netport_insert(new); in sel_netport_sid_slow()
179 kfree(new); in sel_netport_sid_slow()
Dnetnode.c203 struct sel_netnode *new = NULL; in sel_netnode_sid_slow() local
212 new = kzalloc(sizeof(*new), GFP_ATOMIC); in sel_netnode_sid_slow()
213 if (new == NULL) in sel_netnode_sid_slow()
219 new->nsec.addr.ipv4 = *(__be32 *)addr; in sel_netnode_sid_slow()
224 new->nsec.addr.ipv6 = *(struct in6_addr *)addr; in sel_netnode_sid_slow()
232 new->nsec.family = family; in sel_netnode_sid_slow()
233 new->nsec.sid = *sid; in sel_netnode_sid_slow()
234 sel_netnode_insert(new); in sel_netnode_sid_slow()
242 kfree(new); in sel_netnode_sid_slow()
Dhooks.c793 struct superblock_security_struct *new = newsb->s_security; in selinux_cmp_sb_context() local
795 char newflags = new->flags & SE_MNTMASK; in selinux_cmp_sb_context()
799 if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid) in selinux_cmp_sb_context()
801 if ((oldflags & CONTEXT_MNT) && old->mntpoint_sid != new->mntpoint_sid) in selinux_cmp_sb_context()
803 if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid) in selinux_cmp_sb_context()
1973 static int selinux_capset(struct cred *new, const struct cred *old, in selinux_capset() argument
1980 error = cap_capset(new, old, in selinux_capset()
1985 return cred_has_perm(old, new, PROCESS__SETCAP); in selinux_capset()
3452 static int selinux_cred_prepare(struct cred *new, const struct cred *old, in selinux_cred_prepare() argument
3464 new->security = tsec; in selinux_cred_prepare()
[all …]
Davc.c507 static void avc_node_replace(struct avc_node *new, struct avc_node *old) in avc_node_replace() argument
509 hlist_replace_rcu(&old->list, &new->list); in avc_node_replace()
/security/tomoyo/
Dtomoyo.c18 static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp) in tomoyo_cred_alloc_blank() argument
20 new->security = NULL; in tomoyo_cred_alloc_blank()
33 static int tomoyo_cred_prepare(struct cred *new, const struct cred *old, in tomoyo_cred_prepare() argument
37 new->security = domain; in tomoyo_cred_prepare()
49 static void tomoyo_cred_transfer(struct cred *new, const struct cred *old) in tomoyo_cred_transfer() argument
51 tomoyo_cred_prepare(new, old, 0); in tomoyo_cred_transfer()
/security/apparmor/include/
Dresource.h43 void __aa_transition_rlimits(struct aa_profile *old, struct aa_profile *new);
Dcontext.h77 void aa_dup_task_context(struct aa_task_cxt *new,
/security/smack/
Dsmack_lsm.c1422 static int smack_cred_prepare(struct cred *new, const struct cred *old, in smack_cred_prepare() argument
1437 new->security = new_tsp; in smack_cred_prepare()
1448 static void smack_cred_transfer(struct cred *new, const struct cred *old) in smack_cred_transfer() argument
1451 struct task_smack *new_tsp = new->security; in smack_cred_transfer()
1469 static int smack_kernel_act_as(struct cred *new, u32 secid) in smack_kernel_act_as() argument
1471 struct task_smack *new_tsp = new->security; in smack_kernel_act_as()
1489 static int smack_kernel_create_files_as(struct cred *new, in smack_kernel_create_files_as() argument
1493 struct task_smack *tsp = new->security; in smack_kernel_create_files_as()
2682 struct cred *new; in smack_setprocattr() local
2711 new = prepare_creds(); in smack_setprocattr()
[all …]
Dsmackfs.c1087 static void smk_netlbladdr_insert(struct smk_netlbladdr *new) in smk_netlbladdr_insert() argument
1092 list_add_rcu(&new->list, &smk_netlbladdr_list); in smk_netlbladdr_insert()
1100 if (new->smk_mask.s_addr > m->smk_mask.s_addr) { in smk_netlbladdr_insert()
1101 list_add_rcu(&new->list, &smk_netlbladdr_list); in smk_netlbladdr_insert()
1107 list_add_rcu(&new->list, &m->list); in smk_netlbladdr_insert()
1112 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) { in smk_netlbladdr_insert()
1113 list_add_rcu(&new->list, &m->list); in smk_netlbladdr_insert()
/security/integrity/
DKconfig16 to "lock" certain keyring to prevent adding new keys.