/security/tomoyo/ |
D | file.c | 256 if (acl->perm & (1 << r->param.path.operation)) { in tomoyo_check_path_acl() 278 return (acl->perm & (1 << r->param.path_number.operation)) && in tomoyo_check_path_number_acl() 298 return (acl->perm & (1 << r->param.path2.operation)) && in tomoyo_check_path2_acl() 317 return (acl->perm & (1 << r->param.mkdev.operation)) && in tomoyo_check_mkdev_acl() 358 ->perm; in tomoyo_merge_path_acl() 359 u16 perm = *a_perm; in tomoyo_merge_path_acl() local 360 const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm; in tomoyo_merge_path_acl() 362 perm &= ~b_perm; in tomoyo_merge_path_acl() 364 perm |= b_perm; in tomoyo_merge_path_acl() 365 *a_perm = perm; in tomoyo_merge_path_acl() [all …]
|
D | network.c | 235 &container_of(a, struct tomoyo_inet_acl, head)->perm; in tomoyo_merge_inet_acl() 236 u8 perm = *a_perm; in tomoyo_merge_inet_acl() local 237 const u8 b_perm = container_of(b, struct tomoyo_inet_acl, head)->perm; in tomoyo_merge_inet_acl() 240 perm &= ~b_perm; in tomoyo_merge_inet_acl() 242 perm |= b_perm; in tomoyo_merge_inet_acl() 243 *a_perm = perm; in tomoyo_merge_inet_acl() 244 return !perm; in tomoyo_merge_inet_acl() 261 &container_of(a, struct tomoyo_unix_acl, head)->perm; in tomoyo_merge_unix_acl() 262 u8 perm = *a_perm; in tomoyo_merge_unix_acl() local 263 const u8 b_perm = container_of(b, struct tomoyo_unix_acl, head)->perm; in tomoyo_merge_unix_acl() [all …]
|
D | util.c | 1040 u16 perm; in tomoyo_domain_quota_is_ok() local 1046 perm = container_of(ptr, struct tomoyo_path_acl, head) in tomoyo_domain_quota_is_ok() 1047 ->perm; in tomoyo_domain_quota_is_ok() 1050 perm = container_of(ptr, struct tomoyo_path2_acl, head) in tomoyo_domain_quota_is_ok() 1051 ->perm; in tomoyo_domain_quota_is_ok() 1054 perm = container_of(ptr, struct tomoyo_path_number_acl, in tomoyo_domain_quota_is_ok() 1055 head)->perm; in tomoyo_domain_quota_is_ok() 1058 perm = container_of(ptr, struct tomoyo_mkdev_acl, in tomoyo_domain_quota_is_ok() 1059 head)->perm; in tomoyo_domain_quota_is_ok() 1062 perm = container_of(ptr, struct tomoyo_inet_acl, in tomoyo_domain_quota_is_ok() [all …]
|
D | common.c | 1377 const u16 perm = ptr->perm; in tomoyo_print_entry() local 1379 if (!(perm & (1 << bit))) in tomoyo_print_entry() 1406 const u8 perm = ptr->perm; in tomoyo_print_entry() local 1408 if (!(perm & (1 << bit))) in tomoyo_print_entry() 1426 const u8 perm = ptr->perm; in tomoyo_print_entry() local 1428 if (!(perm & (1 << bit))) in tomoyo_print_entry() 1446 const u8 perm = ptr->perm; in tomoyo_print_entry() local 1448 if (!(perm & (1 << bit))) in tomoyo_print_entry() 1468 const u8 perm = ptr->perm; in tomoyo_print_entry() local 1471 if (!(perm & (1 << bit))) in tomoyo_print_entry() [all …]
|
D | tomoyo.c | 235 const unsigned int perm = mode & S_IALLUGO; in tomoyo_path_mknod() local 247 return tomoyo_mkdev_perm(type, &path, perm, dev); in tomoyo_path_mknod() 257 return tomoyo_path_number_perm(type, &path, perm); in tomoyo_path_mknod()
|
D | common.h | 707 u16 perm; /* Bitmask of values in "enum tomoyo_path_acl_index". */ member 718 u8 perm; member 726 u8 perm; /* Bitmask of values in "enum tomoyo_mkdev_acl_index". */ member 738 u8 perm; /* Bitmask of values in "enum tomoyo_path2_acl_index". */ member 762 u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ member 771 u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ member
|
D | domain.c | 117 ->perm == 1 << TOMOYO_TYPE_EXECUTE)) in tomoyo_update_domain()
|
/security/keys/ |
D | permission.c | 31 unsigned perm) in key_task_permission() argument 41 kperm = key->perm >> 16; in key_task_permission() 47 if (gid_valid(key->gid) && key->perm & KEY_GRP_ALL) { in key_task_permission() 49 kperm = key->perm >> 8; in key_task_permission() 55 kperm = key->perm >> 8; in key_task_permission() 61 kperm = key->perm; in key_task_permission() 69 kperm |= key->perm >> 24; in key_task_permission() 71 kperm = kperm & perm & KEY_NEED_ALL; in key_task_permission() 73 if (kperm != perm) in key_task_permission() 77 return security_key_permission(key_ref, cred, perm); in key_task_permission()
|
D | internal.h | 162 key_perm_t perm); 181 key_perm_t perm); 186 static inline int key_permission(const key_ref_t key_ref, unsigned perm) in key_permission() argument 188 return key_task_permission(key_ref, current_cred(), perm); in key_permission()
|
D | key.c | 230 key_perm_t perm, unsigned long flags, in key_alloc() argument 298 key->perm = perm; in key_alloc() 811 key_perm_t perm, in key_create_or_update() argument 903 if (perm == KEY_PERM_UNDEF) { in key_create_or_update() 904 perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; in key_create_or_update() 905 perm |= KEY_USR_VIEW; in key_create_or_update() 908 perm |= KEY_POS_READ; in key_create_or_update() 912 perm |= KEY_POS_WRITE; in key_create_or_update() 917 cred->fsuid, cred->fsgid, cred, perm, flags, NULL); in key_create_or_update()
|
D | request_key.c | 348 key_perm_t perm; in construct_alloc_key() local 358 perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; in construct_alloc_key() 359 perm |= KEY_USR_VIEW; in construct_alloc_key() 361 perm |= KEY_POS_READ; in construct_alloc_key() 364 perm |= KEY_POS_WRITE; in construct_alloc_key() 368 perm, flags, NULL); in construct_alloc_key()
|
D | process_keys.c | 535 key_perm_t perm) in lookup_user_key() argument 721 if (perm) in lookup_user_key() 726 } else if (perm) { in lookup_user_key() 738 ret = key_task_permission(key_ref, ctx.cred, perm); in lookup_user_key()
|
D | proc.c | 204 if (key->perm & KEY_POS_VIEW) { in proc_keys_show() 259 key->perm, in proc_keys_show()
|
D | keyctl.c | 630 key->perm); in keyctl_describe_key() 942 long keyctl_setperm_key(key_serial_t id, key_perm_t perm) in keyctl_setperm_key() argument 949 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) in keyctl_setperm_key() 967 key->perm = perm; in keyctl_setperm_key()
|
D | gc.c | 228 key->perm = 0; in key_garbage_collector()
|
D | keyring.c | 495 const struct cred *cred, key_perm_t perm, in keyring_alloc() argument 504 uid, gid, cred, perm, flags, restrict_link); in keyring_alloc()
|
/security/selinux/ |
D | nlmsgtab.c | 28 u32 perm; member 141 static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize) in nlmsg_perm() argument 147 *perm = tab[i].perm; in nlmsg_perm() 155 int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) in selinux_nlmsg_lookup() argument 163 err = nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms, in selinux_nlmsg_lookup() 168 err = nlmsg_perm(nlmsg_type, perm, nlmsg_tcpdiag_perms, in selinux_nlmsg_lookup() 174 err = nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms, in selinux_nlmsg_lookup() 183 *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; in selinux_nlmsg_lookup() 185 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, in selinux_nlmsg_lookup() 199 static void nlmsg_set_getlink_perm(u32 perm) in nlmsg_set_getlink_perm() argument [all …]
|
D | avc.c | 112 int i, perm; in avc_dump_av() local 124 perm = 1; in avc_dump_av() 126 if ((perm & av) && perms[i]) { in avc_dump_av() 128 av &= ~perm; in avc_dump_av() 131 perm <<= 1; in avc_dump_av() 250 u8 perm, u8 which) in avc_xperms_has_perm() argument 256 rc = security_xperm_test(xpd->allowed->p, perm); in avc_xperms_has_perm() 259 rc = security_xperm_test(xpd->auditallow->p, perm); in avc_xperms_has_perm() 262 rc = security_xperm_test(xpd->dontaudit->p, perm); in avc_xperms_has_perm() 267 u8 driver, u8 perm) in avc_xperms_allow_perm() argument [all …]
|
D | netlabel.c | 378 u32 perm; in selinux_netlbl_sock_rcv_skb() local 397 perm = UDP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb() 400 perm = TCP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb() 403 perm = RAWIP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb() 406 rc = avc_has_perm(sksec->sid, nlbl_sid, sksec->sclass, perm, ad); in selinux_netlbl_sock_rcv_skb()
|
D | hooks.c | 1712 u32 perm = 0; in signal_to_av() local 1717 perm = PROCESS__SIGCHLD; in signal_to_av() 1721 perm = PROCESS__SIGKILL; in signal_to_av() 1725 perm = PROCESS__SIGSTOP; in signal_to_av() 1729 perm = PROCESS__SIGNAL; in signal_to_av() 1733 return perm; in signal_to_av() 3763 u32 perm; in selinux_file_send_sigiotask() local 3772 perm = signal_to_av(SIGIO); /* as per send_sigio_to_task */ in selinux_file_send_sigiotask() 3774 perm = signal_to_av(signum); in selinux_file_send_sigiotask() 3777 SECCLASS_PROCESS, perm, NULL); in selinux_file_send_sigiotask() [all …]
|
/security/apparmor/ |
D | lib.c | 207 unsigned int i, perm = 1; in aa_perm_mask_to_str() local 209 for (i = 0; i < 32; perm <<= 1, i++) { in aa_perm_mask_to_str() 210 if (mask & perm) in aa_perm_mask_to_str() 219 unsigned int i, perm = 1; in aa_audit_perm_names() local 222 for (i = 0; i < 32; perm <<= 1, i++) { in aa_audit_perm_names() 223 if (mask & perm) { in aa_audit_perm_names()
|
D | domain.c | 330 u32 perm = dfa_user_allow(profile->xmatch, state); in __attach_match() local 332 if (perm & MAY_EXEC) { in __attach_match()
|
/security/selinux/include/ |
D | avc.h | 162 u8 driver, u8 perm, struct common_audit_data *ad);
|
D | security.h | 279 extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm);
|
/security/smack/ |
D | smackfs.c | 292 int perm = 0; in smk_perm_from_str() local 301 perm |= MAY_READ; in smk_perm_from_str() 305 perm |= MAY_WRITE; in smk_perm_from_str() 309 perm |= MAY_EXEC; in smk_perm_from_str() 313 perm |= MAY_APPEND; in smk_perm_from_str() 317 perm |= MAY_TRANSMUTE; in smk_perm_from_str() 321 perm |= MAY_LOCK; in smk_perm_from_str() 325 perm |= MAY_BRINGUP; in smk_perm_from_str() 328 return perm; in smk_perm_from_str()
|