Home
last modified time | relevance | path

Searched refs:mode (Results 1 – 25 of 37) sorted by relevance

12

/security/keys/
Dsysctl.c23 .mode = 0644,
32 .mode = 0644,
41 .mode = 0644,
50 .mode = 0644,
59 .mode = 0644,
69 .mode = 0644,
/security/tomoyo/
Daudit.c115 static inline const char *tomoyo_filetype(const umode_t mode) in tomoyo_filetype() argument
117 switch (mode & S_IFMT) { in tomoyo_filetype()
167 tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid, in tomoyo_print_header()
186 umode_t mode; in tomoyo_print_header() local
191 mode = stat->mode; in tomoyo_print_header()
200 stat->mode & S_IALLUGO); in tomoyo_print_header()
210 mode & S_IALLUGO, tomoyo_filetype(mode)); in tomoyo_print_header()
211 if (S_ISCHR(mode) || S_ISBLK(mode)) { in tomoyo_print_header()
326 u8 mode; in tomoyo_get_audit() local
338 mode = p->config[index]; in tomoyo_get_audit()
[all …]
Dfile.c200 r->param.mkdev.mode, r->param.mkdev.major, in tomoyo_audit_mkdev_log()
317 tomoyo_compare_number_union(r->param.mkdev.mode, in tomoyo_check_mkdev_acl()
318 &acl->mode) && in tomoyo_check_mkdev_acl()
410 tomoyo_same_number_union(&p1->mode, &p2->mode) && in tomoyo_same_mkdev_acl()
460 !tomoyo_parse_number_union(param, &e.mode) || in tomoyo_update_mkdev_acl()
469 tomoyo_put_number_union(&e.mode); in tomoyo_update_mkdev_acl()
564 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_path_permission()
565 if (r->mode == TOMOYO_CONFIG_DISABLED) in tomoyo_path_permission()
596 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_execute_permission()
603 if (r->mode != TOMOYO_CONFIG_DISABLED) in tomoyo_execute_permission()
[all …]
Dtomoyo.c182 umode_t mode) in tomoyo_path_mkdir() argument
186 mode & S_IALLUGO); in tomoyo_path_mkdir()
230 umode_t mode, unsigned int dev) in tomoyo_path_mknod() argument
234 const unsigned int perm = mode & S_IALLUGO; in tomoyo_path_mknod()
236 switch (mode & S_IFMT) { in tomoyo_path_mknod()
248 switch (mode & S_IFMT) { in tomoyo_path_mknod()
354 static int tomoyo_path_chmod(struct path *path, umode_t mode) in tomoyo_path_chmod() argument
357 mode & S_IALLUGO); in tomoyo_path_chmod()
Dutil.c978 u8 mode; in tomoyo_get_mode() local
984 mode = p->config[index]; in tomoyo_get_mode()
985 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_mode()
986 mode = p->config[tomoyo_index2category[index] in tomoyo_get_mode()
988 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_mode()
989 mode = p->default_config; in tomoyo_get_mode()
990 return mode & 3; in tomoyo_get_mode()
1013 r->mode = tomoyo_get_mode(domain->ns, profile, index); in tomoyo_init_request_info()
1014 return r->mode; in tomoyo_init_request_info()
1032 if (r->mode != TOMOYO_CONFIG_LEARNING) in tomoyo_domain_quota_is_ok()
DKconfig18 int "Default maximal count for learning mode"
24 that are automatically appended into policy at "learning mode".
26 such programs in "learning mode" dulls the system response
54 enforcing mode from the beginning, you can reduce the possibility of
Dsecurityfs_if.c227 static void __init tomoyo_create_entry(const char *name, const umode_t mode, in tomoyo_create_entry() argument
230 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, in tomoyo_create_entry()
Dcommon.h445 unsigned int mode; member
495 u8 mode; /* One of tomoyo_mode_index . */ member
567 umode_t mode; member
727 struct tomoyo_number_union mode; member
972 const unsigned int mode, unsigned int dev);
Ddomain.c604 ee->r.mode = tomoyo_get_mode(r->domain->ns, ee->r.profile, in tomoyo_environ()
606 if (!r->mode || !envp_count) in tomoyo_environ()
660 if (r->mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_environ()
825 } else if (ee->r.mode == TOMOYO_CONFIG_ENFORCING) in tomoyo_find_next_domain()
/security/apparmor/include/
Dapparmorfs.h31 umode_t mode; member
45 { .name = (_name), .mode = 0444, \
49 { .name = (_name), .mode = 0444, \
53 { .name = (_name), .mode = 0444, \
58 .mode = (_mode), .file_ops = (_fops) }
Dipc.h23 unsigned int mode);
26 unsigned int mode);
Dpolicy.h37 ((_profile)->mode == (_mode)))
212 long mode; member
257 #define unconfined(X) ((X)->mode == APPARMOR_UNCONFINED)
/security/
Dinode.c77 struct dentry *securityfs_create_file(const char *name, umode_t mode, in securityfs_create_file() argument
82 int is_dir = S_ISDIR(mode); in securityfs_create_file()
88 mode = (mode & S_IALLUGO) | S_IFREG; in securityfs_create_file()
119 inode->i_mode = mode; in securityfs_create_file()
Dsecurity.c156 int security_ptrace_access_check(struct task_struct *child, unsigned int mode) in security_ptrace_access_check() argument
158 return call_int_hook(ptrace_access_check, 0, child, mode); in security_ptrace_access_check()
357 int security_dentry_init_security(struct dentry *dentry, int mode, in security_dentry_init_security() argument
361 return call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode, in security_dentry_init_security()
413 int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, in security_path_mknod() argument
418 return call_int_hook(path_mknod, 0, dir, dentry, mode, dev); in security_path_mknod()
422 int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) in security_path_mkdir() argument
426 return call_int_hook(path_mkdir, 0, dir, dentry, mode); in security_path_mkdir()
488 int security_path_chmod(struct path *path, umode_t mode) in security_path_chmod() argument
492 return call_int_hook(path_chmod, 0, path, mode); in security_path_chmod()
[all …]
Ddevice_cgroup.c853 int devcgroup_inode_mknod(int mode, dev_t dev) in devcgroup_inode_mknod() argument
857 if (!S_ISBLK(mode) && !S_ISCHR(mode)) in devcgroup_inode_mknod()
860 if (S_ISBLK(mode)) in devcgroup_inode_mknod()
/security/apparmor/
Dipc.c64 unsigned int mode) in aa_may_ptrace() argument
86 unsigned int mode) in aa_ptrace() argument
103 error = aa_may_ptrace(tracer_p, tracee_p, mode); in aa_ptrace()
Dlsm.c97 unsigned int mode) in apparmor_ptrace_access_check() argument
99 return aa_ptrace(current, child, mode); in apparmor_ptrace_access_check()
223 cond.mode = inode->i_mode; in common_perm_rm()
239 u32 mask, umode_t mode) in common_perm_create() argument
241 struct path_cond cond = { current_fsuid(), mode }; in common_perm_create()
255 umode_t mode) in apparmor_path_mkdir() argument
267 umode_t mode, unsigned int dev) in apparmor_path_mknod() argument
269 return common_perm_create(OP_MKNOD, dir, dentry, AA_MAY_CREATE, mode); in apparmor_path_mknod()
337 static int apparmor_path_chmod(struct path *path, umode_t mode) in apparmor_path_chmod() argument
692 module_param_call(mode, param_set_mode, param_get_mode,
Dpolicy_unpack.c309 int mode = ACCEPT_TABLE(dfa)[i]; in verify_accept() local
311 if (mode & ~DFA_VALID_PERM_MASK) in verify_accept()
523 profile->mode = APPARMOR_COMPLAIN; in unpack_profile()
525 profile->mode = APPARMOR_KILL; in unpack_profile()
527 profile->mode = APPARMOR_UNCONFINED; in unpack_profile()
/security/smack/
DKconfig20 Enable the bring-up ("b") access mode in Smack rules.
21 When access is granted by a rule with the "b" mode a
24 of access initially with the bringup mode set on the
30 "permissive" mode of other systems.
Dsmack_access.c228 u32 mode, struct smk_audit_info *a) in smk_tskacc() argument
237 rc = smk_access(sbj_known, obj_known, mode, NULL); in smk_tskacc()
248 if ((mode & may) == mode) in smk_tskacc()
263 mode, rc, a); in smk_tskacc()
280 u32 mode, struct smk_audit_info *a) in smk_curacc() argument
284 return smk_tskacc(tsp, obj_known, mode, a); in smk_curacc()
Dsmack_lsm.c77 static void smk_bu_mode(int mode, char *s) in smk_bu_mode() argument
81 if (mode & MAY_READ) in smk_bu_mode()
83 if (mode & MAY_WRITE) in smk_bu_mode()
85 if (mode & MAY_EXEC) in smk_bu_mode()
87 if (mode & MAY_APPEND) in smk_bu_mode()
89 if (mode & MAY_TRANSMUTE) in smk_bu_mode()
91 if (mode & MAY_LOCK) in smk_bu_mode()
101 struct smack_known *oskp, int mode, int rc) in smk_bu_note() argument
110 smk_bu_mode(mode, acc); in smk_bu_note()
116 #define smk_bu_note(note, sskp, oskp, mode, RC) (RC) argument
[all …]
/security/yama/
Dyama_lsm.c279 unsigned int mode) in yama_ptrace_access_check() argument
284 if (mode & PTRACE_MODE_ATTACH) { in yama_ptrace_access_check()
312 if (rc && (mode & PTRACE_MODE_NOAUDIT) == 0) { in yama_ptrace_access_check()
389 .mode = 0644,
/security/integrity/ima/
Dima_main.c94 fmode_t mode = file->f_mode; in ima_rdwr_violation_check() local
97 if (mode & FMODE_WRITE) { in ima_rdwr_violation_check()
126 fmode_t mode = file->f_mode; in ima_check_last_writer() local
128 if (!(mode & FMODE_WRITE)) in ima_check_last_writer()
/security/integrity/evm/
Devm_crypto.c105 umode_t mode; in hmac_add_misc() member
113 hmac_misc.mode = inode->i_mode; in hmac_add_misc()
/security/selinux/
DKconfig63 kernel will start in permissive mode (log everything, deny nothing)
65 can interactively toggle the kernel between enforcing mode and
66 permissive mode (if permitted by the policy) via /selinux/enforce.

12