Home
last modified time | relevance | path

Searched refs:mode (Results 1 – 25 of 36) sorted by relevance

12

/security/tomoyo/
Daudit.c115 static inline const char *tomoyo_filetype(const umode_t mode) in tomoyo_filetype() argument
117 switch (mode & S_IFMT) { in tomoyo_filetype()
169 tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid, in tomoyo_print_header()
188 umode_t mode; in tomoyo_print_header() local
193 mode = stat->mode; in tomoyo_print_header()
202 stat->mode & S_IALLUGO); in tomoyo_print_header()
212 mode & S_IALLUGO, tomoyo_filetype(mode)); in tomoyo_print_header()
213 if (S_ISCHR(mode) || S_ISBLK(mode)) { in tomoyo_print_header()
328 u8 mode; in tomoyo_get_audit() local
340 mode = p->config[index]; in tomoyo_get_audit()
[all …]
Dfile.c200 r->param.mkdev.mode, r->param.mkdev.major, in tomoyo_audit_mkdev_log()
317 tomoyo_compare_number_union(r->param.mkdev.mode, in tomoyo_check_mkdev_acl()
318 &acl->mode) && in tomoyo_check_mkdev_acl()
410 tomoyo_same_number_union(&p1->mode, &p2->mode) && in tomoyo_same_mkdev_acl()
460 !tomoyo_parse_number_union(param, &e.mode) || in tomoyo_update_mkdev_acl()
469 tomoyo_put_number_union(&e.mode); in tomoyo_update_mkdev_acl()
564 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_path_permission()
565 if (r->mode == TOMOYO_CONFIG_DISABLED) in tomoyo_path_permission()
596 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_execute_permission()
603 if (r->mode != TOMOYO_CONFIG_DISABLED) in tomoyo_execute_permission()
[all …]
Dtomoyo.c189 umode_t mode) in tomoyo_path_mkdir() argument
193 mode & S_IALLUGO); in tomoyo_path_mkdir()
237 umode_t mode, unsigned int dev) in tomoyo_path_mknod() argument
241 const unsigned int perm = mode & S_IALLUGO; in tomoyo_path_mknod()
243 switch (mode & S_IFMT) { in tomoyo_path_mknod()
255 switch (mode & S_IFMT) { in tomoyo_path_mknod()
361 static int tomoyo_path_chmod(struct path *path, umode_t mode) in tomoyo_path_chmod() argument
364 mode & S_IALLUGO); in tomoyo_path_chmod()
Dutil.c975 u8 mode; in tomoyo_get_mode() local
981 mode = p->config[index]; in tomoyo_get_mode()
982 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_mode()
983 mode = p->config[tomoyo_index2category[index] in tomoyo_get_mode()
985 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_mode()
986 mode = p->default_config; in tomoyo_get_mode()
987 return mode & 3; in tomoyo_get_mode()
1010 r->mode = tomoyo_get_mode(domain->ns, profile, index); in tomoyo_init_request_info()
1011 return r->mode; in tomoyo_init_request_info()
1029 if (r->mode != TOMOYO_CONFIG_LEARNING) in tomoyo_domain_quota_is_ok()
DKconfig16 int "Default maximal count for learning mode"
22 that are automatically appended into policy at "learning mode".
24 such programs in "learning mode" dulls the system response
52 enforcing mode from the beginning, you can reduce the possibility of
Dsecurityfs_if.c227 static void __init tomoyo_create_entry(const char *name, const umode_t mode, in tomoyo_create_entry() argument
230 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, in tomoyo_create_entry()
Dcommon.h445 unsigned int mode; member
495 u8 mode; /* One of tomoyo_mode_index . */ member
567 umode_t mode; member
727 struct tomoyo_number_union mode; member
972 const unsigned int mode, unsigned int dev);
Ddomain.c604 ee->r.mode = tomoyo_get_mode(r->domain->ns, ee->r.profile, in tomoyo_environ()
606 if (!r->mode || !envp_count) in tomoyo_environ()
660 if (r->mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_environ()
825 } else if (ee->r.mode == TOMOYO_CONFIG_ENFORCING) in tomoyo_find_next_domain()
Dcommon.c619 u8 mode; in tomoyo_set_mode() local
620 for (mode = 0; mode < 4; mode++) in tomoyo_set_mode()
621 if (strstr(value, tomoyo_mode[mode])) in tomoyo_set_mode()
626 config = (config & ~7) | mode; in tomoyo_set_mode()
1461 tomoyo_print_number_union(head, &ptr->mode); in tomoyo_print_entry()
2013 if (r->mode) in tomoyo_supervisor()
2014 tomoyo_update_stat(r->mode); in tomoyo_supervisor()
2015 switch (r->mode) { in tomoyo_supervisor()
/security/keys/
Dsysctl.c23 .mode = 0644,
32 .mode = 0644,
41 .mode = 0644,
50 .mode = 0644,
59 .mode = 0644,
/security/apparmor/include/
Dapparmorfs.h31 umode_t mode; member
45 { .name = (_name), .mode = 0444, \
49 { .name = (_name), .mode = 0444, \
53 { .name = (_name), .mode = 0444, \
58 .mode = (_mode), .file_ops = (_fops) }
Dipc.h23 struct aa_profile *tracee, unsigned int mode);
26 unsigned int mode);
Dpolicy.h37 ((_profile)->mode == APPARMOR_COMPLAIN))
41 ((_profile)->mode == APPARMOR_KILL))
189 enum profile_mode mode; member
/security/
Dinode.c82 struct dentry *securityfs_create_file(const char *name, umode_t mode, in securityfs_create_file() argument
87 int is_dir = S_ISDIR(mode); in securityfs_create_file()
93 mode = (mode & S_IALLUGO) | S_IFREG; in securityfs_create_file()
124 inode->i_mode = mode; in securityfs_create_file()
Dsecurity.c157 int security_ptrace_access_check(struct task_struct *child, unsigned int mode) in security_ptrace_access_check() argument
161 rc = yama_ptrace_access_check(child, mode); in security_ptrace_access_check()
165 return security_ops->ptrace_access_check(child, mode); in security_ptrace_access_check()
396 int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, in security_path_mknod() argument
401 return security_ops->path_mknod(dir, dentry, mode, dev); in security_path_mknod()
405 int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) in security_path_mkdir() argument
409 return security_ops->path_mkdir(dir, dentry, mode); in security_path_mkdir()
462 int security_path_chmod(struct path *path, umode_t mode) in security_path_chmod() argument
466 return security_ops->path_chmod(path, mode); in security_path_chmod()
482 int security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) in security_inode_create() argument
[all …]
Ddevice_cgroup.c793 int devcgroup_inode_mknod(int mode, dev_t dev) in devcgroup_inode_mknod() argument
797 if (!S_ISBLK(mode) && !S_ISCHR(mode)) in devcgroup_inode_mknod()
800 if (S_ISBLK(mode)) in devcgroup_inode_mknod()
Dcapability.c183 umode_t mode, dev_t dev) in cap_inode_mknod() argument
259 static int cap_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, in cap_path_mknod() argument
265 static int cap_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) in cap_path_mkdir() argument
303 static int cap_path_chmod(struct path *path, umode_t mode) in cap_path_chmod() argument
525 struct task_struct *target, long type, int mode) in cap_msg_queue_msgrcv() argument
/security/apparmor/
Dipc.c65 struct aa_profile *tracee, unsigned int mode) in aa_may_ptrace() argument
87 unsigned int mode) in aa_ptrace() argument
109 error = aa_may_ptrace(tracer, tracer_p, tracee_p, mode); in aa_ptrace()
Dlsm.c97 unsigned int mode) in apparmor_ptrace_access_check() argument
99 int error = cap_ptrace_access_check(child, mode); in apparmor_ptrace_access_check()
103 return aa_ptrace(current, child, mode); in apparmor_ptrace_access_check()
233 cond.mode = inode->i_mode; in common_perm_rm()
249 u32 mask, umode_t mode) in common_perm_create() argument
251 struct path_cond cond = { current_fsuid(), mode }; in common_perm_create()
265 umode_t mode) in apparmor_path_mkdir() argument
277 umode_t mode, unsigned int dev) in apparmor_path_mknod() argument
279 return common_perm_create(OP_MKNOD, dir, dentry, AA_MAY_CREATE, mode); in apparmor_path_mknod()
347 static int apparmor_path_chmod(struct path *path, umode_t mode) in apparmor_path_chmod() argument
[all …]
Dprocattr.c40 const char *mode_str = profile_mode_names[profile->mode]; in aa_getprocattr()
/security/integrity/ima/
Dima_main.c61 fmode_t mode = file->f_mode; in ima_rdwr_violation_check() local
72 if (mode & FMODE_WRITE) { in ima_rdwr_violation_check()
106 fmode_t mode = file->f_mode; in ima_check_last_writer() local
108 if (!(mode & FMODE_WRITE)) in ima_check_last_writer()
/security/smack/
Dsmack_access.c198 int smk_curacc(char *obj_label, u32 mode, struct smk_audit_info *a) in smk_curacc() argument
208 rc = smk_access(sp, obj_label, mode, NULL); in smk_curacc()
217 if ((mode & may) == mode) in smk_curacc()
231 smack_log(sp, obj_label, mode, rc, a); in smk_curacc()
/security/yama/
Dyama_lsm.c283 unsigned int mode) in yama_ptrace_access_check() argument
290 rc = cap_ptrace_access_check(child, mode); in yama_ptrace_access_check()
295 if (mode == PTRACE_MODE_ATTACH) { in yama_ptrace_access_check()
412 .mode = 0644,
/security/integrity/evm/
Devm_crypto.c103 umode_t mode; in hmac_add_misc() member
111 hmac_misc.mode = inode->i_mode; in hmac_add_misc()
/security/selinux/
DKconfig63 kernel will start in permissive mode (log everything, deny nothing)
65 can interactively toggle the kernel between enforcing mode and
66 permissive mode (if permitted by the policy) via /selinux/enforce.

12