Home
last modified time | relevance | path

Searched refs:security (Results 1 – 25 of 26) sorted by relevance

12

/security/
DKconfig7 source security/keys/Kconfig
31 bool "Enable different security models"
34 This allows you to choose different security modules to be
37 If this option is not selected, the default Linux security
55 This enables the socket and networking security hooks.
56 If enabled, a security module can use these hooks to
64 This enables the XFRM (IPSec) networking security hooks.
65 If enabled, a security module can use these hooks to
77 This enables the security hooks for pathname based access control.
78 If enabled, a security module can use these hooks to
[all …]
Dsecurity.c1277 int security_tun_dev_alloc_security(void **security) in security_tun_dev_alloc_security() argument
1279 return security_ops->tun_dev_alloc_security(security); in security_tun_dev_alloc_security()
1283 void security_tun_dev_free_security(void *security) in security_tun_dev_free_security() argument
1285 security_ops->tun_dev_free_security(security); in security_tun_dev_free_security()
1295 int security_tun_dev_attach_queue(void *security) in security_tun_dev_attach_queue() argument
1297 return security_ops->tun_dev_attach_queue(security); in security_tun_dev_attach_queue()
1301 int security_tun_dev_attach(struct sock *sk, void *security) in security_tun_dev_attach() argument
1303 return security_ops->tun_dev_attach(sk, security); in security_tun_dev_attach()
1307 int security_tun_dev_open(void *security) in security_tun_dev_open() argument
1309 return security_ops->tun_dev_open(security); in security_tun_dev_open()
DMakefile17 obj-$(CONFIG_SECURITY) += security.o capability.o
Dcapability.c733 static int cap_tun_dev_alloc_security(void **security) in cap_tun_dev_alloc_security() argument
738 static void cap_tun_dev_free_security(void *security) in cap_tun_dev_free_security() argument
747 static int cap_tun_dev_attach_queue(void *security) in cap_tun_dev_attach_queue() argument
752 static int cap_tun_dev_attach(struct sock *sk, void *security) in cap_tun_dev_attach() argument
757 static int cap_tun_dev_open(void *security) in cap_tun_dev_open() argument
/security/selinux/
Dxfrm.c73 return selinux_authorizable_ctx(x->security); in selinux_authorizable_xfrm()
120 if (!xp->security) in selinux_xfrm_state_pol_flow_match()
121 if (x->security) in selinux_xfrm_state_pol_flow_match()
128 if (!x->security) in selinux_xfrm_state_pol_flow_match()
136 state_sid = x->security->ctx_sid; in selinux_xfrm_state_pol_flow_match()
176 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_decode_session()
360 err = selinux_xfrm_sec_ctx_alloc(&x->security, uctx, secid); in selinux_xfrm_state_alloc()
372 kfree(x->security); in selinux_xfrm_state_free()
381 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_state_delete()
412 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_sock_rcv_skb()
Dhooks.c173 cred->security = tsec; in cred_init_security()
183 tsec = cred->security; in cred_sid()
354 const struct task_security_struct *tsec = cred->security; in may_context_mount_sb_relabel()
371 const struct task_security_struct *tsec = cred->security; in may_context_mount_inode_relabel()
1473 __tsec1 = __task_cred(tsk1)->security; sid1 = __tsec1->sid; in task_has_perm()
1474 __tsec2 = __task_cred(tsk2)->security; sid2 = __tsec2->sid; in task_has_perm()
2113 new_tsec = bprm->cred->security; in selinux_bprm_set_creds()
2189 sec = __task_cred(tracer)->security; in selinux_bprm_set_creds()
2294 new_tsec = bprm->cred->security; in selinux_bprm_committing_creds()
3429 cred->security = tsec; in selinux_cred_alloc_blank()
[all …]
/security/apparmor/
Dcontext.c79 struct aa_task_cxt *cxt = current_cred()->security; in aa_replace_current_profile()
90 cxt = new->security; in aa_replace_current_profile()
126 cxt = new->security; in aa_set_current_onexec()
153 cxt = new->security; in aa_set_current_hat()
190 cxt = new->security; in aa_restore_previous_profile()
Dlsm.c51 aa_free_task_context(cred->security); in apparmor_cred_free()
52 cred->security = NULL; in apparmor_cred_free()
65 cred->security = cxt; in apparmor_cred_alloc_blank()
80 aa_dup_task_context(cxt, old->security); in apparmor_cred_prepare()
81 new->security = cxt; in apparmor_cred_prepare()
90 const struct aa_task_cxt *old_cxt = old->security; in apparmor_cred_transfer()
91 struct aa_task_cxt *new_cxt = new->security; in apparmor_cred_transfer()
513 struct aa_task_cxt *cxt = cred->security; in apparmor_getprocattr()
889 cred->security = cxt; in set_init_cxt()
934 aa_free_task_context(current->real_cred->security); in apparmor_init()
Ddomain.c363 cxt = bprm->cred->security; in apparmor_bprm_set_creds()
560 struct aa_task_cxt *new_cxt = bprm->cred->security; in apparmor_bprm_committing_creds()
637 cxt = cred->security; in aa_change_hat()
773 cxt = cred->security; in aa_change_profile()
DKconfig10 This enables the AppArmor security module.
/security/tomoyo/
Dtomoyo.c20 new->security = NULL; in tomoyo_cred_alloc_blank()
36 struct tomoyo_domain_info *domain = old->security; in tomoyo_cred_prepare()
37 new->security = domain; in tomoyo_cred_prepare()
61 struct tomoyo_domain_info *domain = cred->security; in tomoyo_cred_free()
102 bprm->cred->security)->users); in tomoyo_bprm_set_creds()
107 bprm->cred->security = NULL; in tomoyo_bprm_set_creds()
120 struct tomoyo_domain_info *domain = bprm->cred->security; in tomoyo_bprm_check_security()
556 cred->security = &tomoyo_kernel_domain; in tomoyo_init()
Dsecurityfs_if.c78 cred->security; in tomoyo_write_self()
79 cred->security = new_domain; in tomoyo_write_self()
244 if (current_cred()->security != &tomoyo_kernel_domain) in tomoyo_initerface_init()
DKconfig36 You can read the log via /sys/kernel/security/tomoyo/audit.
Dcommon.h1205 return current_cred()->security; in tomoyo_domain()
1218 return task_cred_xxx(task, security); in tomoyo_real_domain()
Ddomain.c843 bprm->cred->security = domain; in tomoyo_find_next_domain()
/security/apparmor/include/
Dcontext.h92 struct aa_task_cxt *cxt = __task_cred(task)->security; in __aa_task_is_confined()
111 struct aa_task_cxt *cxt = cred->security; in aa_cred_profile()
139 const struct aa_task_cxt *cxt = current_cred()->security; in aa_current_profile()
/security/smack/
Dsmack_lsm.c43 #define task_security(task) (task_cred_xxx((task), security))
460 struct task_smack *bsp = bprm->cred->security; in smack_bprm_set_creds()
492 struct task_smack *bsp = bprm->cred->security; in smack_bprm_committing_creds()
1302 char *tsp = smk_of_task(tsk->cred->security); in smack_file_send_sigiotask()
1384 cred->security = tsp; in smack_cred_alloc_blank()
1397 struct task_smack *tsp = cred->security; in smack_cred_free()
1404 cred->security = NULL; in smack_cred_free()
1425 struct task_smack *old_tsp = old->security; in smack_cred_prepare()
1437 new->security = new_tsp; in smack_cred_prepare()
1450 struct task_smack *old_tsp = old->security; in smack_cred_transfer()
[all …]
DKconfig12 of other mandatory security schemes.
Dsmackfs.c1648 char *sp = smk_of_task(current->cred->security); in smk_write_onlycap()
/security/yama/
DKconfig9 system-wide security settings beyond regular Linux discretionary
11 Further information can be found in Documentation/security/Yama.txt.
/security/integrity/
DKconfig32 source security/integrity/ima/Kconfig
33 source security/integrity/evm/Kconfig
/security/integrity/ima/
DKconfig66 It requires the system to be labeled with a security extended
68 the security extended attributes from offline attack, enable
/security/integrity/evm/
DKconfig10 EVM protects a file's security extended attributes against
/security/keys/
DKconfig65 Note that LSM security checks are still performed, and may further
Dkey.c298 key->security = NULL; in key_alloc()

12