/security/apparmor/ |
D | context.c | 47 void aa_free_task_context(struct aa_task_ctx *ctx) in aa_free_task_context() argument 49 if (ctx) { in aa_free_task_context() 50 aa_put_label(ctx->label); in aa_free_task_context() 51 aa_put_label(ctx->previous); in aa_free_task_context() 52 aa_put_label(ctx->onexec); in aa_free_task_context() 54 kzfree(ctx); in aa_free_task_context() 96 struct aa_task_ctx *ctx = current_ctx(); in aa_replace_current_label() local 100 if (ctx->label == label) in aa_replace_current_label() 110 ctx = cred_ctx(new); in aa_replace_current_label() 111 if (unconfined(label) || (labels_ns(ctx->label) != labels_ns(label))) in aa_replace_current_label() [all …]
|
D | lsm.c | 68 struct aa_task_ctx *ctx = aa_alloc_task_context(gfp); in apparmor_cred_alloc_blank() local 70 if (!ctx) in apparmor_cred_alloc_blank() 73 cred_ctx(cred) = ctx; in apparmor_cred_alloc_blank() 84 struct aa_task_ctx *ctx = aa_alloc_task_context(gfp); in apparmor_cred_prepare() local 86 if (!ctx) in apparmor_cred_prepare() 89 aa_dup_task_context(ctx, cred_ctx(old)); in apparmor_cred_prepare() 90 cred_ctx(new) = ctx; in apparmor_cred_prepare() 580 struct aa_task_ctx *ctx = cred_ctx(cred); in apparmor_getprocattr() local 584 label = aa_get_newest_label(ctx->label); in apparmor_getprocattr() 585 else if (strcmp(name, "prev") == 0 && ctx->previous) in apparmor_getprocattr() [all …]
|
D | domain.c | 749 struct aa_task_ctx *ctx; in apparmor_bprm_set_creds() local 764 ctx = cred_ctx(bprm->cred); in apparmor_bprm_set_creds() 765 AA_BUG(!ctx); in apparmor_bprm_set_creds() 767 label = aa_get_newest_label(ctx->label); in apparmor_bprm_set_creds() 772 if (ctx->onexec) in apparmor_bprm_set_creds() 773 new = handle_onexec(label, ctx->onexec, ctx->token, in apparmor_bprm_set_creds() 823 aa_put_label(ctx->label); in apparmor_bprm_set_creds() 825 ctx->label = new; in apparmor_bprm_set_creds() 829 aa_clear_task_ctx_trans(ctx); in apparmor_bprm_set_creds() 1019 struct aa_task_ctx *ctx; in aa_change_hat() local [all …]
|
/security/selinux/ |
D | xfrm.c | 58 static inline int selinux_authorizable_ctx(struct xfrm_sec_ctx *ctx) in selinux_authorizable_ctx() argument 60 return (ctx && in selinux_authorizable_ctx() 61 (ctx->ctx_doi == XFRM_SC_DOI_LSM) && in selinux_authorizable_ctx() 62 (ctx->ctx_alg == XFRM_SC_ALG_SELINUX)); in selinux_authorizable_ctx() 83 struct xfrm_sec_ctx *ctx = NULL; in selinux_xfrm_alloc_user() local 95 ctx = kmalloc(sizeof(*ctx) + str_len + 1, gfp); in selinux_xfrm_alloc_user() 96 if (!ctx) in selinux_xfrm_alloc_user() 99 ctx->ctx_doi = XFRM_SC_DOI_LSM; in selinux_xfrm_alloc_user() 100 ctx->ctx_alg = XFRM_SC_ALG_SELINUX; in selinux_xfrm_alloc_user() 101 ctx->ctx_len = str_len; in selinux_xfrm_alloc_user() [all …]
|
D | hooks.c | 2919 const struct qstr *name, void **ctx, in selinux_dentry_init_security() argument 2932 return security_sid_to_context(newsid, (char **)ctx, ctxlen); in selinux_dentry_init_security() 6147 static int selinux_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) in selinux_inode_notifysecctx() argument 6150 ctx, ctxlen, 0); in selinux_inode_notifysecctx() 6158 static int selinux_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) in selinux_inode_setsecctx() argument 6160 return __vfs_setxattr_noperm(dentry, XATTR_NAME_SELINUX, ctx, ctxlen, 0); in selinux_inode_setsecctx() 6163 static int selinux_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) in selinux_inode_getsecctx() argument 6167 ctx, true); in selinux_inode_getsecctx()
|
/security/keys/ |
D | process_keys.c | 340 key_ref_t search_my_process_keyrings(struct keyring_search_context *ctx) in search_my_process_keyrings() argument 356 if (ctx->cred->thread_keyring) { in search_my_process_keyrings() 358 make_key_ref(ctx->cred->thread_keyring, 1), ctx); in search_my_process_keyrings() 374 if (ctx->cred->process_keyring) { in search_my_process_keyrings() 376 make_key_ref(ctx->cred->process_keyring, 1), ctx); in search_my_process_keyrings() 394 if (ctx->cred->session_keyring) { in search_my_process_keyrings() 397 make_key_ref(rcu_dereference(ctx->cred->session_keyring), 1), in search_my_process_keyrings() 398 ctx); in search_my_process_keyrings() 417 else if (ctx->cred->user->session_keyring) { in search_my_process_keyrings() 419 make_key_ref(ctx->cred->user->session_keyring, 1), in search_my_process_keyrings() [all …]
|
D | keyring.c | 433 struct keyring_read_iterator_context *ctx = data; in keyring_read_iterator() local 438 key->type->name, key->serial, ctx->count, ctx->buflen); in keyring_read_iterator() 440 if (ctx->count >= ctx->buflen) in keyring_read_iterator() 443 ret = put_user(key->serial, ctx->buffer); in keyring_read_iterator() 446 ctx->buffer++; in keyring_read_iterator() 447 ctx->count += sizeof(key->serial); in keyring_read_iterator() 461 struct keyring_read_iterator_context ctx; in keyring_read() local 471 ctx.buffer = (key_serial_t __user *)buffer; in keyring_read() 472 ctx.buflen = buflen; in keyring_read() 473 ctx.count = 0; in keyring_read() [all …]
|
D | request_key.c | 340 static int construct_alloc_key(struct keyring_search_context *ctx, in construct_alloc_key() argument 353 ctx->index_key.type->name, ctx->index_key.description); in construct_alloc_key() 360 if (ctx->index_key.type->read) in construct_alloc_key() 362 if (ctx->index_key.type == &key_type_keyring || in construct_alloc_key() 363 ctx->index_key.type->update) in construct_alloc_key() 366 key = key_alloc(ctx->index_key.type, ctx->index_key.description, in construct_alloc_key() 367 ctx->cred->fsuid, ctx->cred->fsgid, ctx->cred, in construct_alloc_key() 375 ret = __key_link_begin(dest_keyring, &ctx->index_key, &edit); in construct_alloc_key() 385 key_ref = search_process_keyrings(ctx); in construct_alloc_key() 394 __key_link_end(dest_keyring, &ctx->index_key, edit); in construct_alloc_key() [all …]
|
D | request_key_auth.c | 245 struct keyring_search_context ctx = { in key_get_instantiation_authkey() local 257 ctx.index_key.desc_len = sprintf(description, "%x", target_id); in key_get_instantiation_authkey() 259 authkey_ref = search_process_keyrings(&ctx); in key_get_instantiation_authkey()
|
D | internal.h | 139 struct keyring_search_context *ctx); 141 extern key_ref_t search_my_process_keyrings(struct keyring_search_context *ctx); 142 extern key_ref_t search_process_keyrings(struct keyring_search_context *ctx);
|
D | proc.c | 190 struct keyring_search_context ctx = { in proc_keys_show() local 205 skey_ref = search_my_process_keyrings(&ctx); in proc_keys_show() 213 rc = key_task_permission(key_ref, ctx.cred, KEY_NEED_VIEW); in proc_keys_show()
|
D | dh.c | 88 char ctx[]; member
|
D | trusted.c | 40 char ctx[]; member
|
/security/apparmor/include/ |
D | context.h | 48 void aa_free_task_context(struct aa_task_ctx *ctx); 68 struct aa_task_ctx *ctx = cred_ctx(cred); in aa_cred_raw_label() local 70 AA_BUG(!ctx || !ctx->label); in aa_cred_raw_label() 71 return ctx->label; in aa_cred_raw_label() 222 static inline void aa_clear_task_ctx_trans(struct aa_task_ctx *ctx) in aa_clear_task_ctx_trans() argument 224 aa_put_label(ctx->previous); in aa_clear_task_ctx_trans() 225 aa_put_label(ctx->onexec); in aa_clear_task_ctx_trans() 226 ctx->previous = NULL; in aa_clear_task_ctx_trans() 227 ctx->onexec = NULL; in aa_clear_task_ctx_trans() 228 ctx->token = 0; in aa_clear_task_ctx_trans()
|
D | file.h | 58 struct aa_file_ctx *ctx; in aa_alloc_file_ctx() local 60 ctx = kzalloc(sizeof(struct aa_file_ctx), gfp); in aa_alloc_file_ctx() 61 if (ctx) { in aa_alloc_file_ctx() 62 spin_lock_init(&ctx->lock); in aa_alloc_file_ctx() 63 rcu_assign_pointer(ctx->label, aa_get_label(label)); in aa_alloc_file_ctx() 65 return ctx; in aa_alloc_file_ctx() 72 static inline void aa_free_file_ctx(struct aa_file_ctx *ctx) in aa_free_file_ctx() argument 74 if (ctx) { in aa_free_file_ctx() 75 aa_put_label(rcu_access_pointer(ctx->label)); in aa_free_file_ctx() 76 kzfree(ctx); in aa_free_file_ctx() [all …]
|
/security/selinux/include/ |
D | xfrm.h | 18 void selinux_xfrm_policy_free(struct xfrm_sec_ctx *ctx); 19 int selinux_xfrm_policy_delete(struct xfrm_sec_ctx *ctx); 26 int selinux_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid, u8 dir);
|
/security/ |
D | security.c | 449 const struct qstr *name, void **ctx, in security_dentry_init_security() argument 453 name, ctx, ctxlen); in security_dentry_init_security() 1314 int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) in security_inode_notifysecctx() argument 1316 return call_int_hook(inode_notifysecctx, 0, inode, ctx, ctxlen); in security_inode_notifysecctx() 1320 int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) in security_inode_setsecctx() argument 1322 return call_int_hook(inode_setsecctx, 0, dentry, ctx, ctxlen); in security_inode_setsecctx() 1326 int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) in security_inode_getsecctx() argument 1328 return call_int_hook(inode_getsecctx, -EOPNOTSUPP, inode, ctx, ctxlen); in security_inode_getsecctx() 1586 void security_xfrm_policy_free(struct xfrm_sec_ctx *ctx) in security_xfrm_policy_free() argument 1588 call_void_hook(xfrm_policy_free_security, ctx); in security_xfrm_policy_free() [all …]
|
/security/selinux/ss/ |
D | services.c | 1330 struct context *ctx, in string_to_context_struct() argument 1339 context_init(ctx); in string_to_context_struct() 1360 ctx->user = usrdatum->value; in string_to_context_struct() 1375 ctx->role = role->value; in string_to_context_struct() 1388 ctx->type = typdatum->value; in string_to_context_struct() 1390 rc = mls_context_to_sid(pol, oldc, &p, ctx, sidtabp, def_sid); in string_to_context_struct() 1399 if (!policydb_context_isvalid(pol, ctx)) in string_to_context_struct() 1404 context_destroy(ctx); in string_to_context_struct() 1881 struct context ctx; in convert_context() local 1889 c->len, &ctx, SECSID_NULL); in convert_context() [all …]
|
/security/smack/ |
D | smack_lsm.c | 4596 static int smack_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen) in smack_inode_notifysecctx() argument 4598 return smack_inode_setsecurity(inode, XATTR_SMACK_SUFFIX, ctx, ctxlen, 0); in smack_inode_notifysecctx() 4601 static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) in smack_inode_setsecctx() argument 4603 return __vfs_setxattr_noperm(dentry, XATTR_NAME_SMACK, ctx, ctxlen, 0); in smack_inode_setsecctx() 4606 static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) in smack_inode_getsecctx() argument 4609 len = smack_inode_getsecurity(inode, XATTR_SMACK_SUFFIX, ctx, true); in smack_inode_getsecctx()
|