| /security/selinux/ss/ |
| D | context.h | 45 dst->range.level[0].sens = src->range.level[0].sens; in mls_context_cpy()
46 rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat); in mls_context_cpy()
50 dst->range.level[1].sens = src->range.level[1].sens; in mls_context_cpy()
51 rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat); in mls_context_cpy()
53 ebitmap_destroy(&dst->range.level[0].cat); in mls_context_cpy()
65 dst->range.level[0].sens = src->range.level[0].sens; in mls_context_cpy_low()
66 rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat); in mls_context_cpy_low()
70 dst->range.level[1].sens = src->range.level[0].sens; in mls_context_cpy_low()
71 rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat); in mls_context_cpy_low()
73 ebitmap_destroy(&dst->range.level[0].cat); in mls_context_cpy_low()
[all …]
|
| D | mls.c | 48 int index_sens = context->range.level[l].sens; in mls_compute_context_len()
54 e = &context->range.level[l].cat; in mls_compute_context_len()
73 if (mls_level_eq(&context->range.level[0], in mls_compute_context_len()
74 &context->range.level[1])) in mls_compute_context_len()
107 context->range.level[l].sens - 1)); in mls_sid_to_context()
113 e = &context->range.level[l].cat; in mls_sid_to_context()
149 if (mls_level_eq(&context->range.level[0], in mls_sid_to_context()
150 &context->range.level[1])) in mls_sid_to_context()
177 return ebitmap_contains(&levdatum->level->cat, &l->cat, in mls_level_isvalid()
183 return (mls_level_isvalid(p, &r->level[0]) && in mls_range_isvalid()
[all …]
|
| D | mls_types.h | 27 struct mls_level level[2]; /* low == level[0], high == level[1] */ member
49 (mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
50 mls_level_dom(&(r1).level[1], &(r2).level[1]))
|
| D | services.c | 352 l1 = &(scontext->range.level[0]); in constraint_expr_eval()
353 l2 = &(tcontext->range.level[0]); in constraint_expr_eval()
356 l1 = &(scontext->range.level[0]); in constraint_expr_eval()
357 l2 = &(tcontext->range.level[1]); in constraint_expr_eval()
360 l1 = &(scontext->range.level[1]); in constraint_expr_eval()
361 l2 = &(tcontext->range.level[0]); in constraint_expr_eval()
364 l1 = &(scontext->range.level[1]); in constraint_expr_eval()
365 l2 = &(tcontext->range.level[1]); in constraint_expr_eval()
368 l1 = &(scontext->range.level[0]); in constraint_expr_eval()
369 l2 = &(scontext->range.level[1]); in constraint_expr_eval()
[all …]
|
| D | policydb.c | 460 if (!levdatum->level->sens || in sens_index()
461 levdatum->level->sens > p->p_levels.nprim) in sens_index()
464 if (flex_array_put_ptr(fa, levdatum->level->sens - 1, key, in sens_index()
722 ebitmap_destroy(&usrdatum->range.level[0].cat); in user_destroy()
723 ebitmap_destroy(&usrdatum->range.level[1].cat); in user_destroy()
737 if (levdatum->level) in sens_destroy()
738 ebitmap_destroy(&levdatum->level->cat); in sens_destroy()
739 kfree(levdatum->level); in sens_destroy()
778 ebitmap_destroy(&rt->level[0].cat); in range_tr_destroy()
779 ebitmap_destroy(&rt->level[1].cat); in range_tr_destroy()
[all …]
|
| D | policydb.h | 132 struct mls_level *level; /* sensitivity and associated categories */ member
|
| /security/selinux/ |
| D | netlabel.c | 424 static inline int selinux_netlbl_option(int level, int optname) in selinux_netlbl_option() argument
426 return (level == IPPROTO_IP && optname == IP_OPTIONS) || in selinux_netlbl_option()
427 (level == IPPROTO_IPV6 && optname == IPV6_HOPOPTS); in selinux_netlbl_option()
444 int level, in selinux_netlbl_socket_setsockopt() argument
452 if (selinux_netlbl_option(level, optname) && in selinux_netlbl_socket_setsockopt()
|
| D | hooks.c | 4664 static int selinux_socket_setsockopt(struct socket *sock, int level, int optname) in selinux_socket_setsockopt() argument
4672 return selinux_netlbl_socket_setsockopt(sock, level, optname); in selinux_socket_setsockopt()
4675 static int selinux_socket_getsockopt(struct socket *sock, int level, in selinux_socket_getsockopt() argument
|
| /security/keys/ |
| D | keyring.c | 230 static unsigned long keyring_get_key_chunk(const void *data, int level) in keyring_get_key_chunk() argument
237 level /= ASSOC_ARRAY_KEY_CHUNK_SIZE; in keyring_get_key_chunk()
238 switch (level) { in keyring_get_key_chunk()
251 offset += (level - 3) * sizeof(chunk); in keyring_get_key_chunk()
263 if (level == 2) { in keyring_get_key_chunk()
272 static unsigned long keyring_get_object_key_chunk(const void *object, int level) in keyring_get_object_key_chunk() argument
275 return keyring_get_key_chunk(&key->index_key, level); in keyring_get_object_key_chunk()
299 int level, i; in keyring_diff_objects() local
301 level = 0; in keyring_diff_objects()
311 level += ASSOC_ARRAY_KEY_CHUNK_SIZE / 8; in keyring_diff_objects()
[all …]
|
| D | Kconfig | 38 LSMs gets to rule on which admin-level processes get to access the
|
| /security/selinux/include/ |
| D | netlabel.h | 65 int level,
139 int level, in selinux_netlbl_socket_setsockopt() argument
|
| /security/apparmor/ |
| D | policy_ns.c | 269 ns->level = parent->level + 1; in __aa_create_ns()
|
| D | policy.c | 653 user_ns->level == view_ns->level))) in policy_view_capable()
|
| D | label.c | 123 res = a->level - b->level; in ns_cmp()
|
| D | apparmorfs.c | 1189 seq_printf(seq, "%d\n", labels_ns(label)->level); in seq_ns_level_show()
1206 SEQ_NS_FOPS(level);
|
| /security/ |
| D | Kconfig.hardening | 16 This chooses the level of coverage over classes of potentially
|
| D | security.c | 1399 int security_socket_getsockopt(struct socket *sock, int level, int optname) in security_socket_getsockopt() argument
1401 return call_int_hook(socket_getsockopt, 0, sock, level, optname); in security_socket_getsockopt()
1404 int security_socket_setsockopt(struct socket *sock, int level, int optname) in security_socket_setsockopt() argument
1406 return call_int_hook(socket_setsockopt, 0, sock, level, optname); in security_socket_setsockopt()
|
| D | commoncap.c | 93 if (ns->level <= cred->user_ns->level) in __cap_capable()
|
| D | Kconfig | 122 correctly. This level of protection requires a root of trust outside
|
| /security/apparmor/include/ |
| D | policy_ns.h | 71 int level; member
|
| /security/smack/ |
| D | smack_access.c | 489 int smk_netlbl_mls(int level, char *catset, struct netlbl_lsm_secattr *sap, in smk_netlbl_mls() argument
499 sap->attr.mls.lvl = level; in smk_netlbl_mls()
|
| /security/integrity/ |
| D | Kconfig | 61 controls the level of integrity auditing messages.
|