Home
last modified time | relevance | path

Searched refs:state (Results 1 – 23 of 23) sorted by relevance

/security/apparmor/
Dmatch.c338 unsigned int state = start, pos; in aa_dfa_match_len() local
340 if (state == 0) in aa_dfa_match_len()
349 pos = base_idx(base[state]) + equiv[(u8) *str++]; in aa_dfa_match_len()
350 if (check[pos] == state) in aa_dfa_match_len()
351 state = next[pos]; in aa_dfa_match_len()
353 state = def[state]; in aa_dfa_match_len()
358 pos = base_idx(base[state]) + (u8) *str++; in aa_dfa_match_len()
359 if (check[pos] == state) in aa_dfa_match_len()
360 state = next[pos]; in aa_dfa_match_len()
362 state = def[state]; in aa_dfa_match_len()
[all …]
Dmount.c196 static unsigned int match_mnt_flags(struct aa_dfa *dfa, unsigned int state, in match_mnt_flags() argument
203 state = aa_dfa_next(dfa, state, i + 1); in match_mnt_flags()
206 return state; in match_mnt_flags()
217 unsigned int state) in compute_mnt_perms() argument
222 perms.allow = dfa_user_allow(dfa, state); in compute_mnt_perms()
223 perms.audit = dfa_user_audit(dfa, state); in compute_mnt_perms()
224 perms.quiet = dfa_user_quiet(dfa, state); in compute_mnt_perms()
225 perms.xindex = dfa_user_xindex(dfa, state); in compute_mnt_perms()
248 unsigned int state; in do_match_mnt() local
253 state = aa_dfa_match(dfa, start, mntpnt); in do_match_mnt()
[all …]
Ddomain.c102 bool stack, unsigned int state) in match_component() argument
107 state = aa_dfa_match(profile->file.dfa, state, "&"); in match_component()
109 return aa_dfa_match(profile->file.dfa, state, tp->base.hname); in match_component()
113 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); in match_component()
114 state = aa_dfa_match(profile->file.dfa, state, ns_name); in match_component()
115 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); in match_component()
116 return aa_dfa_match(profile->file.dfa, state, tp->base.hname); in match_component()
137 unsigned int state, bool subns, u32 request, in label_compound_match() argument
148 state = match_component(profile, tp, stack, state); in label_compound_match()
149 if (!state) in label_compound_match()
[all …]
Dfile.c226 struct aa_perms aa_compute_fperms(struct aa_dfa *dfa, unsigned int state, in aa_compute_fperms() argument
243 perms.allow = map_old_perms(dfa_user_allow(dfa, state)); in aa_compute_fperms()
244 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in aa_compute_fperms()
245 perms.quiet = map_old_perms(dfa_user_quiet(dfa, state)); in aa_compute_fperms()
246 perms.xindex = dfa_user_xindex(dfa, state); in aa_compute_fperms()
248 perms.allow = map_old_perms(dfa_other_allow(dfa, state)); in aa_compute_fperms()
249 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in aa_compute_fperms()
250 perms.quiet = map_old_perms(dfa_other_quiet(dfa, state)); in aa_compute_fperms()
251 perms.xindex = dfa_other_xindex(dfa, state); in aa_compute_fperms()
256 if (ACCEPT_TABLE(dfa)[state] & 0x80000000) in aa_compute_fperms()
[all …]
Dlib.c319 void aa_compute_perms(struct aa_dfa *dfa, unsigned int state, in aa_compute_perms() argument
327 perms->allow = dfa_user_allow(dfa, state); in aa_compute_perms()
328 perms->audit = dfa_user_audit(dfa, state); in aa_compute_perms()
329 perms->quiet = dfa_user_quiet(dfa, state); in aa_compute_perms()
334 perms->allow |= map_other(dfa_other_allow(dfa, state)); in aa_compute_perms()
335 perms->audit |= map_other(dfa_other_audit(dfa, state)); in aa_compute_perms()
336 perms->quiet |= map_other(dfa_other_quiet(dfa, state)); in aa_compute_perms()
382 unsigned int state; in aa_profile_match_label() local
384 state = aa_dfa_next(profile->policy.dfa, in aa_profile_match_label()
387 aa_label_match(profile, label, state, false, request, perms); in aa_profile_match_label()
Dlabel.c1248 unsigned int state) in match_component() argument
1253 return aa_dfa_match(profile->policy.dfa, state, tp->base.hname); in match_component()
1257 state = aa_dfa_match_len(profile->policy.dfa, state, ":", 1); in match_component()
1258 state = aa_dfa_match(profile->policy.dfa, state, ns_name); in match_component()
1259 state = aa_dfa_match_len(profile->policy.dfa, state, ":", 1); in match_component()
1260 return aa_dfa_match(profile->policy.dfa, state, tp->base.hname); in match_component()
1280 unsigned int state, bool subns, u32 request, in label_compound_match() argument
1290 state = match_component(profile, tp, state); in label_compound_match()
1291 if (!state) in label_compound_match()
1304 state = aa_dfa_match(profile->policy.dfa, state, "//&"); in label_compound_match()
[all …]
Dipc.c191 unsigned int state; in profile_match_signal() local
194 state = aa_dfa_next(profile->policy.dfa, in profile_match_signal()
197 state = aa_dfa_match(profile->policy.dfa, state, label); in profile_match_signal()
198 aa_compute_perms(profile->policy.dfa, state, perms); in profile_match_signal()
Dapparmorfs.c616 unsigned int state = 0; in profile_query_cb() local
622 state = aa_dfa_match_len(dfa, profile->file.start, in profile_query_cb()
625 if (state) { in profile_query_cb()
628 tmp = aa_compute_fperms(dfa, state, &cond); in profile_query_cb()
634 state = aa_dfa_match_len(dfa, profile->policy.start[0], in profile_query_cb()
636 if (state) in profile_query_cb()
637 aa_compute_perms(dfa, state, &tmp); in profile_query_cb()
/security/apparmor/include/
Dfile.h144 #define dfa_user_allow(dfa, state) (((ACCEPT_TABLE(dfa)[state]) & 0x7f) | \ argument
145 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
146 #define dfa_user_audit(dfa, state) ((ACCEPT_TABLE2(dfa)[state]) & 0x7f) argument
147 #define dfa_user_quiet(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 7) & 0x7f) argument
148 #define dfa_user_xindex(dfa, state) \ argument
149 (dfa_map_xindex(ACCEPT_TABLE(dfa)[state] & 0x3fff))
151 #define dfa_other_allow(dfa, state) ((((ACCEPT_TABLE(dfa)[state]) >> 14) & \ argument
153 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
154 #define dfa_other_audit(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 14) & 0x7f) argument
155 #define dfa_other_quiet(dfa, state) \ argument
[all …]
Dmatch.h130 unsigned int aa_dfa_next(struct aa_dfa *dfa, unsigned int state,
Dperms.h146 void aa_compute_perms(struct aa_dfa *dfa, unsigned int state,
Dlabel.h336 unsigned int state, bool subns, u32 request,
/security/keys/
Dgc.c132 short state = key->state; in key_gc_unused_keys() local
140 if (state == KEY_IS_POSITIVE && key->type->destroy) in key_gc_unused_keys()
154 if (state != KEY_IS_UNINSTANTIATED) in key_gc_unused_keys()
Dproc.c187 short state; in proc_keys_show() local
242 state = key_read_state(key); in proc_keys_show()
250 state != KEY_IS_UNINSTANTIATED ? 'I' : '-', in proc_keys_show()
255 state < 0 ? 'N' : '-', in proc_keys_show()
Dkeyring.c556 short state = READ_ONCE(key->state); in keyring_search_iterator() local
602 if (state < 0) { in keyring_search_iterator()
603 ctx->result = ERR_PTR(state); in keyring_search_iterator()
Dkey.c413 smp_store_release(&key->state, in mark_key_instantiated()
440 if (key->state == KEY_IS_UNINSTANTIATED) { in __key_instantiate_and_link()
593 if (key->state == KEY_IS_UNINSTANTIATED) { in key_reject_and_link()
Dkeyctl.c904 if (key->state != KEY_IS_UNINSTANTIATED) { in keyctl_chown_key()
/security/smack/
Dsmack_netfilter.c28 const struct nf_hook_state *state) in smack_ipv6_output() argument
46 const struct nf_hook_state *state) in smack_ipv4_output() argument
/security/selinux/ss/
Dconditional.c39 s[sp] = p->bool_val_to_struct[cur->bool - 1]->state; in cond_evaluate_expr()
217 if (!(b->state == 0 || b->state == 1)) in bool_isvalid()
239 booldatum->state = le32_to_cpu(buf[1]); in cond_read_bool()
508 buf[1] = cpu_to_le32(booldatum->state); in cond_write_bool()
Dpolicydb.h151 int state; member
Dservices.c2728 (*values)[i] = policydb.bool_val_to_struct[i]->state; in security_get_bools()
2763 if (!!values[i] != policydb.bool_val_to_struct[i]->state) { in security_set_bools()
2769 policydb.bool_val_to_struct[i]->state, in security_set_bools()
2774 policydb.bool_val_to_struct[i]->state = 1; in security_set_bools()
2776 policydb.bool_val_to_struct[i]->state = 0; in security_set_bools()
2810 rc = policydb.bool_val_to_struct[index]->state; in security_get_bool_value()
2829 booldatum->state = bvalues[i]; in security_preserve_bools()
/security/selinux/
Dhooks.c5237 const struct nf_hook_state *state) in selinux_ipv4_forward() argument
5239 return selinux_ip_forward(skb, state->in, PF_INET); in selinux_ipv4_forward()
5245 const struct nf_hook_state *state) in selinux_ipv6_forward() argument
5247 return selinux_ip_forward(skb, state->in, PF_INET6); in selinux_ipv6_forward()
5295 const struct nf_hook_state *state) in selinux_ipv4_output() argument
5303 const struct nf_hook_state *state) in selinux_ipv6_output() argument
5481 const struct nf_hook_state *state) in selinux_ipv4_postroute() argument
5483 return selinux_ip_postroute(skb, state->out, PF_INET); in selinux_ipv4_postroute()
5489 const struct nf_hook_state *state) in selinux_ipv6_postroute() argument
5491 return selinux_ip_postroute(skb, state->out, PF_INET6); in selinux_ipv6_postroute()
/security/
DKconfig119 initial state as well as data reset protection. This is used to