Searched refs:rule (Results 1 – 7 of 7) sorted by relevance
| /security/integrity/ima/ |
| D | ima_policy.c | 71 void *rule; /* LSM file metadata specific */ member
229 if (!entry->lsm[i].rule) in ima_lsm_update_rules()
234 &entry->lsm[i].rule); in ima_lsm_update_rules()
235 BUG_ON(!entry->lsm[i].rule); in ima_lsm_update_rules()
249 static bool ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, in ima_match_rules() argument
256 if ((rule->flags & IMA_FUNC) && in ima_match_rules()
257 (rule->func != func && func != POST_SETATTR)) in ima_match_rules()
259 if ((rule->flags & IMA_MASK) && in ima_match_rules()
260 (rule->mask != mask && func != POST_SETATTR)) in ima_match_rules()
262 if ((rule->flags & IMA_INMASK) && in ima_match_rules()
[all …]
|
| /security/selinux/include/ |
| D | audit.h | 32 int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule);
41 void selinux_audit_rule_free(void *rule);
54 int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *rule,
|
| /security/smack/ |
| D | smackfs.c | 346 struct smack_parsed_rule *rule, int import, in smk_fill_rule() argument
353 rule->smk_subject = smk_import_entry(subject, len); in smk_fill_rule()
354 if (IS_ERR(rule->smk_subject)) in smk_fill_rule()
355 return PTR_ERR(rule->smk_subject); in smk_fill_rule()
357 rule->smk_object = smk_import_entry(object, len); in smk_fill_rule()
358 if (IS_ERR(rule->smk_object)) in smk_fill_rule()
359 return PTR_ERR(rule->smk_object); in smk_fill_rule()
368 rule->smk_subject = skp; in smk_fill_rule()
377 rule->smk_object = skp; in smk_fill_rule()
380 rule->smk_access1 = smk_perm_from_str(access1); in smk_fill_rule()
[all …]
|
| D | Kconfig | 21 When access is granted by a rule with the "b" mode a
28 access rule set once the behavior is well understood.
|
| D | smack_lsm.c | 4455 char **rule = (char **)vrule; in smack_audit_rule_init() local
4456 *rule = NULL; in smack_audit_rule_init()
4468 *rule = skp->smk_known; in smack_audit_rule_init()
4511 char *rule = vrule; in smack_audit_rule_match() local
4513 if (unlikely(!rule)) { in smack_audit_rule_match()
4529 return (rule == skp->smk_known); in smack_audit_rule_match()
4531 return (rule != skp->smk_known); in smack_audit_rule_match()
|
| /security/selinux/ss/ |
| D | services.c | 3133 struct selinux_audit_rule *rule = vrule; in selinux_audit_rule_free() local
3135 if (rule) { in selinux_audit_rule_free()
3136 context_destroy(&rule->au_ctxt); in selinux_audit_rule_free()
3137 kfree(rule); in selinux_audit_rule_free()
3147 struct selinux_audit_rule **rule = (struct selinux_audit_rule **)vrule; in selinux_audit_rule_init() local
3150 *rule = NULL; in selinux_audit_rule_init()
3232 *rule = tmprule; in selinux_audit_rule_init()
3238 int selinux_audit_rule_known(struct audit_krule *rule) in selinux_audit_rule_known() argument
3242 for (i = 0; i < rule->field_count; i++) { in selinux_audit_rule_known()
3243 struct audit_field *f = &rule->fields[i]; in selinux_audit_rule_known()
[all …]
|
| /security/keys/ |
| D | Kconfig | 38 LSMs gets to rule on which admin-level processes get to access the
|