| /security/integrity/ima/ |
| D | ima_main.c | 84 static void ima_rdwr_violation_check(struct file *file, in ima_rdwr_violation_check() argument
90 struct inode *inode = file_inode(file); in ima_rdwr_violation_check()
91 fmode_t mode = file->f_mode; in ima_rdwr_violation_check()
110 *pathname = ima_d_path(&file->f_path, pathbuf); in ima_rdwr_violation_check()
113 ima_add_violation(file, *pathname, "invalid_pcr", "ToMToU"); in ima_rdwr_violation_check()
115 ima_add_violation(file, *pathname, in ima_rdwr_violation_check()
120 struct inode *inode, struct file *file) in ima_check_last_writer() argument
122 fmode_t mode = file->f_mode; in ima_check_last_writer()
133 ima_update_xattr(iint, file); in ima_check_last_writer()
145 void ima_file_free(struct file *file) in ima_file_free() argument
[all …]
|
| D | ima.h | 64 int (*field_init) (struct integrity_iint_cache *iint, struct file *file,
100 int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash);
105 void ima_add_violation(struct file *file, const unsigned char *filename,
134 struct file *file,
137 void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file,
144 struct file *file, const unsigned char *filename,
172 struct file *file, const unsigned char *filename,
176 void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file);
187 struct file *file, in ima_appraise_measurement() argument
202 struct file *file) in ima_update_xattr() argument
|
| D | ima_template_lib.h | 29 int ima_eventdigest_init(struct integrity_iint_cache *iint, struct file *file,
33 int ima_eventname_init(struct integrity_iint_cache *iint, struct file *file,
38 struct file *file, const unsigned char *filename,
41 int ima_eventname_ng_init(struct integrity_iint_cache *iint, struct file *file,
45 int ima_eventsig_init(struct integrity_iint_cache *iint, struct file *file,
|
| D | ima_crypto.c | 78 static int ima_kernel_read(struct file *file, loff_t offset, in ima_kernel_read() argument
85 if (!(file->f_mode & FMODE_READ)) in ima_kernel_read()
90 if (file->f_op->read) in ima_kernel_read()
91 ret = file->f_op->read(file, buf, count, &offset); in ima_kernel_read()
92 else if (file->f_op->aio_read) in ima_kernel_read()
93 ret = do_sync_read(file, buf, count, &offset); in ima_kernel_read()
94 else if (file->f_op->read_iter) in ima_kernel_read()
95 ret = new_sync_read(file, buf, count, &offset); in ima_kernel_read()
257 static int ima_calc_file_hash_atfm(struct file *file, in ima_calc_file_hash_atfm() argument
284 i_size = i_size_read(file_inode(file)); in ima_calc_file_hash_atfm()
[all …]
|
| D | ima_template_lib.c | 199 int ima_eventdigest_init(struct integrity_iint_cache *iint, struct file *file, in ima_eventdigest_init() argument
224 if (!file) /* missing info to re-calculate the digest */ in ima_eventdigest_init()
227 inode = file_inode(file); in ima_eventdigest_init()
230 result = ima_calc_file_hash(file, &hash.hdr); in ima_eventdigest_init()
248 struct file *file, const unsigned char *filename, in ima_eventdigest_ng_init() argument
269 struct file *file, in ima_eventname_init_common() argument
277 BUG_ON(filename == NULL && file == NULL); in ima_eventname_init_common()
287 if (file) { in ima_eventname_init_common()
288 cur_filename = file->f_dentry->d_name.name; in ima_eventname_init_common()
304 int ima_eventname_init(struct integrity_iint_cache *iint, struct file *file, in ima_eventname_init() argument
[all …]
|
| D | ima_api.c | 41 struct file *file, const unsigned char *filename, in ima_alloc_init_template() argument
58 result = field->field_init(iint, file, filename, in ima_alloc_init_template()
131 void ima_add_violation(struct file *file, const unsigned char *filename, in ima_add_violation() argument
135 struct inode *inode = file_inode(file); in ima_add_violation()
142 result = ima_alloc_init_template(NULL, file, filename, in ima_add_violation()
193 struct file *file, in ima_collect_measurement() argument
198 struct inode *inode = file_inode(file); in ima_collect_measurement()
199 const char *filename = file->f_dentry->d_name.name; in ima_collect_measurement()
207 *xattr_len = ima_read_xattr(file->f_dentry, xattr_value); in ima_collect_measurement()
210 u64 i_version = file_inode(file)->i_version; in ima_collect_measurement()
[all …]
|
| D | ima_fs.c | 40 static ssize_t ima_show_htable_violations(struct file *filp, in ima_show_htable_violations()
52 static ssize_t ima_show_measurements_count(struct file *filp, in ima_show_measurements_count()
177 static int ima_measurements_open(struct inode *inode, struct file *file) in ima_measurements_open() argument
179 return seq_open(file, &ima_measurments_seqops); in ima_measurements_open()
239 static int ima_ascii_measurements_open(struct inode *inode, struct file *file) in ima_ascii_measurements_open() argument
241 return seq_open(file, &ima_ascii_measurements_seqops); in ima_ascii_measurements_open()
251 static ssize_t ima_write_policy(struct file *file, const char __user *buf, in ima_write_policy() argument
295 static int ima_open_policy(struct inode *inode, struct file *filp) in ima_open_policy()
312 static int ima_release_policy(struct inode *inode, struct file *file) in ima_release_policy() argument
|
| D | ima_appraise.c | 186 struct file *file, const unsigned char *filename, in ima_appraise_measurement() argument
192 struct dentry *dentry = file->f_dentry; in ima_appraise_measurement()
291 void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file) in ima_update_xattr() argument
293 struct dentry *dentry = file->f_dentry; in ima_update_xattr()
303 rc = ima_collect_measurement(iint, file, NULL, NULL); in ima_update_xattr()
|
| /security/tomoyo/ |
| D | securityfs_if.c | 39 static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, in tomoyo_write_self() argument
105 static ssize_t tomoyo_read_self(struct file *file, char __user *buf, in tomoyo_read_self() argument
136 static int tomoyo_open(struct inode *inode, struct file *file) in tomoyo_open() argument
138 const int key = ((u8 *) file_inode(file)->i_private) in tomoyo_open()
140 return tomoyo_open_control(key, file); in tomoyo_open()
149 static int tomoyo_release(struct inode *inode, struct file *file) in tomoyo_release() argument
151 tomoyo_close_control(file->private_data); in tomoyo_release()
164 static unsigned int tomoyo_poll(struct file *file, poll_table *wait) in tomoyo_poll() argument
166 return tomoyo_poll_control(file, wait); in tomoyo_poll()
179 static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count, in tomoyo_read() argument
[all …]
|
| D | tomoyo.c | 135 return tomoyo_check_open_permission(domain, &bprm->file->f_path, in tomoyo_bprm_check_security()
312 static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, in tomoyo_file_fcntl() argument
315 if (!(cmd == F_SETFL && ((arg ^ file->f_flags) & O_APPEND))) in tomoyo_file_fcntl()
317 return tomoyo_check_open_permission(tomoyo_domain(), &file->f_path, in tomoyo_file_fcntl()
329 static int tomoyo_file_open(struct file *f, const struct cred *cred) in tomoyo_file_open()
347 static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, in tomoyo_file_ioctl() argument
350 return tomoyo_path_number_perm(TOMOYO_TYPE_IOCTL, &file->f_path, cmd); in tomoyo_file_ioctl()
|
| /security/keys/ |
| D | big_key.c | 51 struct file *file; in big_key_preparse() local
71 file = shmem_kernel_file_setup("", datalen, 0); in big_key_preparse()
72 if (IS_ERR(file)) { in big_key_preparse()
73 ret = PTR_ERR(file); in big_key_preparse()
77 written = kernel_write(file, prep->data, prep->datalen, 0); in big_key_preparse()
88 *path = file->f_path; in big_key_preparse()
90 fput(file); in big_key_preparse()
102 fput(file); in big_key_preparse()
179 struct file *file; in big_key_read() local
182 file = dentry_open(path, O_RDONLY, current_cred()); in big_key_read()
[all …]
|
| D | proc.c | 22 static int proc_keys_open(struct inode *inode, struct file *file);
43 static int proc_key_users_open(struct inode *inode, struct file *file);
105 static int proc_keys_open(struct inode *inode, struct file *file) in proc_keys_open() argument
107 return seq_open(file, &proc_keys_ops); in proc_keys_open()
306 static int proc_key_users_open(struct inode *inode, struct file *file) in proc_key_users_open() argument
308 return seq_open(file, &proc_key_users_ops); in proc_key_users_open()
|
| /security/smack/ |
| D | smackfs.c | 461 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, in smk_write_rules_list() argument
673 static int smk_open_load(struct inode *inode, struct file *file) in smk_open_load() argument
675 return seq_open(file, &load_seq_ops); in smk_open_load()
686 static ssize_t smk_write_load(struct file *file, const char __user *buf, in smk_write_load() argument
697 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, in smk_write_load()
844 static int smk_open_cipso(struct inode *inode, struct file *file) in smk_open_cipso() argument
846 return seq_open(file, &cipso_seq_ops); in smk_open_cipso()
860 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, in smk_set_cipso() argument
963 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, in smk_write_cipso() argument
966 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); in smk_write_cipso()
[all …]
|
| D | smack_lsm.c | 156 static int smk_bu_file(struct file *file, int mode, int rc) in smk_bu_file() argument
160 struct inode *inode = file->f_inode; in smk_bu_file()
168 sskp->smk_known, (char *)file->f_security, acc, in smk_bu_file()
169 inode->i_sb->s_id, inode->i_ino, file->f_dentry->d_name.name, in smk_bu_file()
174 #define smk_bu_file(file, mode, RC) (RC) argument
178 static int smk_bu_credfile(const struct cred *cred, struct file *file, in smk_bu_credfile() argument
183 struct inode *inode = file->f_inode; in smk_bu_credfile()
192 inode->i_sb->s_id, inode->i_ino, file->f_dentry->d_name.name, in smk_bu_credfile()
197 #define smk_bu_credfile(cred, file, mode, RC) (RC) argument
671 struct inode *inode = file_inode(bprm->file); in smack_bprm_set_creds()
[all …]
|
| /security/apparmor/ |
| D | lsm.c | 376 static int apparmor_file_open(struct file *file, const struct cred *cred) in apparmor_file_open() argument
378 struct aa_file_cxt *fcxt = file->f_security; in apparmor_file_open()
382 if (!mediated_filesystem(file_inode(file))) in apparmor_file_open()
397 struct inode *inode = file_inode(file); in apparmor_file_open()
400 error = aa_path_perm(OP_OPEN, profile, &file->f_path, 0, in apparmor_file_open()
401 aa_map_file_to_perms(file), &cond); in apparmor_file_open()
403 fcxt->allow = aa_map_file_to_perms(file); in apparmor_file_open()
409 static int apparmor_file_alloc_security(struct file *file) in apparmor_file_alloc_security() argument
412 file->f_security = aa_alloc_file_context(GFP_KERNEL); in apparmor_file_alloc_security()
413 if (!file->f_security) in apparmor_file_alloc_security()
[all …]
|
| D | apparmorfs.c | 117 static ssize_t profile_load(struct file *f, const char __user *buf, size_t size, in profile_load()
140 static ssize_t profile_replace(struct file *f, const char __user *buf, in profile_replace()
162 static ssize_t profile_remove(struct file *f, const char __user *buf, in profile_remove()
214 static int aa_fs_seq_open(struct inode *inode, struct file *file) in aa_fs_seq_open() argument
216 return single_open(file, aa_fs_seq_show, inode->i_private); in aa_fs_seq_open()
227 static int aa_fs_seq_profile_open(struct inode *inode, struct file *file, in aa_fs_seq_profile_open() argument
231 int error = single_open(file, show, r); in aa_fs_seq_profile_open()
234 file->private_data = NULL; in aa_fs_seq_profile_open()
241 static int aa_fs_seq_profile_release(struct inode *inode, struct file *file) in aa_fs_seq_profile_release() argument
243 struct seq_file *seq = (struct seq_file *) file->private_data; in aa_fs_seq_profile_release()
[all …]
|
| D | file.c | 298 aa_str_perms(profile->file.dfa, profile->file.start, name, cond, in aa_path_perm()
380 state = aa_str_perms(profile->file.dfa, profile->file.start, lname, in aa_path_link()
387 state = aa_dfa_null_transition(profile->file.dfa, state); in aa_path_link()
388 aa_str_perms(profile->file.dfa, state, tname, &cond, &perms); in aa_path_link()
409 aa_str_perms(profile->file.dfa, profile->file.start, tname, &cond, in aa_path_link()
448 int aa_file_perm(int op, struct aa_profile *profile, struct file *file, in aa_file_perm() argument
452 .uid = file_inode(file)->i_uid, in aa_file_perm()
453 .mode = file_inode(file)->i_mode in aa_file_perm()
456 return aa_path_perm(op, profile, &file->f_path, PATH_DELEGATE_DELETED, in aa_file_perm()
|
| D | domain.c | 108 } else if (!profile->file.dfa) { in change_profile_perms()
112 aa_str_perms(profile->file.dfa, start, name, &cond, &perms); in change_profile_perms()
118 state = aa_dfa_match(profile->file.dfa, start, ns->base.name); in change_profile_perms()
119 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); in change_profile_perms()
120 aa_str_perms(profile->file.dfa, state, name, &cond, &perms); in change_profile_perms()
248 for (name = profile->file.trans.table[index]; !new_profile && name; in x_table_lookup()
346 file_inode(bprm->file)->i_uid, in apparmor_bprm_set_creds()
347 file_inode(bprm->file)->i_mode in apparmor_bprm_set_creds()
366 state = profile->file.start; in apparmor_bprm_set_creds()
369 error = aa_path_name(&bprm->file->f_path, profile->path_flags, &buffer, in apparmor_bprm_set_creds()
[all …]
|
| D | policy_unpack.c | 384 profile->file.trans.table = kzalloc(sizeof(char *) * size, in unpack_trans_table()
386 if (!profile->file.trans.table) in unpack_trans_table()
389 profile->file.trans.size = size; in unpack_trans_table()
398 profile->file.trans.table[i] = str; in unpack_trans_table()
430 aa_free_domain_entries(&profile->file.trans); in unpack_trans_table()
602 profile->file.dfa = unpack_dfa(e); in unpack_profile()
603 if (IS_ERR(profile->file.dfa)) { in unpack_profile()
604 error = PTR_ERR(profile->file.dfa); in unpack_profile()
605 profile->file.dfa = NULL; in unpack_profile()
609 if (!unpack_u32(e, &profile->file.start, "dfa_start")) in unpack_profile()
[all …]
|
| /security/selinux/ |
| D | selinuxfs.c | 131 static ssize_t sel_read_enforce(struct file *filp, char __user *buf, in sel_read_enforce()
142 static ssize_t sel_write_enforce(struct file *file, const char __user *buf, in sel_write_enforce() argument
202 static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, in sel_read_handle_unknown()
220 static int sel_open_handle_status(struct inode *inode, struct file *filp) in sel_open_handle_status()
232 static ssize_t sel_read_handle_status(struct file *filp, char __user *buf, in sel_read_handle_status()
244 static int sel_mmap_handle_status(struct file *filp, in sel_mmap_handle_status()
274 static ssize_t sel_write_disable(struct file *file, const char __user *buf, in sel_write_disable() argument
328 static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, in sel_read_policyvers()
352 static ssize_t sel_read_mls(struct file *filp, char __user *buf, in sel_read_mls()
373 static int sel_open_policy(struct inode *inode, struct file *filp) in sel_open_policy()
[all …]
|
| D | hooks.c | 277 static int file_alloc_security(struct file *file) in file_alloc_security() argument
288 file->f_security = fsec; in file_alloc_security()
293 static void file_free_security(struct file *file) in file_free_security() argument
295 struct file_security_struct *fsec = file->f_security; in file_free_security()
296 file->f_security = NULL; in file_free_security()
1649 struct file *file, in file_path_has_perm() argument
1655 ad.u.path = file->f_path; in file_path_has_perm()
1656 return inode_has_perm(cred, file_inode(file), av, &ad); in file_path_has_perm()
1668 struct file *file, in file_has_perm() argument
1671 struct file_security_struct *fsec = file->f_security; in file_has_perm()
[all …]
|
| /security/ |
| D | security.c | 153 … security_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) in security_binder_transfer_file() argument
155 return security_ops->binder_transfer_file(from, to, file); in security_binder_transfer_file()
707 int security_file_permission(struct file *file, int mask) in security_file_permission() argument
711 ret = security_ops->file_permission(file, mask); in security_file_permission()
715 return fsnotify_perm(file, mask); in security_file_permission()
718 int security_file_alloc(struct file *file) in security_file_alloc() argument
720 return security_ops->file_alloc_security(file); in security_file_alloc()
723 void security_file_free(struct file *file) in security_file_free() argument
725 security_ops->file_free_security(file); in security_file_free()
728 int security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg) in security_file_ioctl() argument
[all …]
|
| D | capability.c | 30 …c int cap_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) in cap_binder_transfer_file() argument
329 static int cap_file_permission(struct file *file, int mask) in cap_file_permission() argument
334 static int cap_file_alloc_security(struct file *file) in cap_file_alloc_security() argument
339 static void cap_file_free_security(struct file *file) in cap_file_free_security() argument
343 static int cap_file_ioctl(struct file *file, unsigned int command, in cap_file_ioctl() argument
355 static int cap_file_lock(struct file *file, unsigned int cmd) in cap_file_lock() argument
360 static int cap_file_fcntl(struct file *file, unsigned int cmd, in cap_file_fcntl() argument
366 static void cap_file_set_fowner(struct file *file) in cap_file_set_fowner() argument
377 static int cap_file_receive(struct file *file) in cap_file_receive() argument
382 static int cap_file_open(struct file *file, const struct cred *cred) in cap_file_open() argument
[all …]
|
| /security/apparmor/include/ |
| D | file.h | 180 int aa_file_perm(int op, struct aa_profile *profile, struct file *file,
195 static inline u32 aa_map_file_to_perms(struct file *file) in aa_map_file_to_perms() argument
197 int flags = file->f_flags; in aa_map_file_to_perms()
200 if (file->f_mode & FMODE_WRITE) in aa_map_file_to_perms()
202 if (file->f_mode & FMODE_READ) in aa_map_file_to_perms()
|
| /security/integrity/evm/ |
| D | evm_secfs.c | 34 static ssize_t evm_read_key(struct file *filp, char __user *buf, in evm_read_key()
61 static ssize_t evm_write_key(struct file *file, const char __user *buf, in evm_write_key() argument
|