| /security/apparmor/ |
| D | domain.c | 97 const char *name, u32 request, in change_profile_perms() argument
112 aa_str_perms(profile->file.dfa, start, name, &cond, &perms); in change_profile_perms()
118 state = aa_dfa_match(profile->file.dfa, start, ns->base.name); in change_profile_perms()
120 aa_str_perms(profile->file.dfa, state, name, &cond, &perms); in change_profile_perms()
139 static struct aa_profile *__attach_match(const char *name, in __attach_match() argument
150 DFA_START, name); in __attach_match()
157 } else if (!strcmp(profile->base.name, name)) in __attach_match()
174 struct list_head *list, const char *name) in find_attach() argument
179 profile = aa_get_profile(__attach_match(name, list)); in find_attach()
208 const char *name; in separate_fqname() local
[all …]
|
| D | path.c | 57 char **name, int flags) in d_namespace_path() argument
66 *name = res; in d_namespace_path()
68 *name = buf; in d_namespace_path()
72 strncmp(*name, "/sys/", 5) == 0) { in d_namespace_path()
76 return prepend(name, *name - buf, "/proc", 5); in d_namespace_path()
103 *name = buf; in d_namespace_path()
109 *name = res; in d_namespace_path()
143 *name = res + 1; in d_namespace_path()
162 int size, char **name, const char **info) in get_name_to_buffer() argument
165 int error = d_namespace_path(path, buffer, size - adjust, name, flags); in get_name_to_buffer()
[all …]
|
| D | lib.c | 40 char *name = strim(fqname); in aa_split_fqname() local
43 if (name[0] == ':') { in aa_split_fqname()
44 char *split = strchr(&name[1], ':'); in aa_split_fqname()
45 *ns_name = skip_spaces(&name[1]); in aa_split_fqname()
51 name = skip_spaces(split); in aa_split_fqname()
54 name = NULL; in aa_split_fqname()
56 if (name && *name == 0) in aa_split_fqname()
57 name = NULL; in aa_split_fqname()
59 return name; in aa_split_fqname()
|
| D | policy.c | 129 const char *name) in policy_init() argument
133 policy->hname = kmalloc(strlen(prefix) + strlen(name) + 3, in policy_init()
136 sprintf(policy->hname, "%s//%s", prefix, name); in policy_init()
138 policy->hname = kstrdup(name, GFP_KERNEL); in policy_init()
142 policy->name = (char *)hname_tail(policy->hname); in policy_init()
159 __func__, policy->name); in policy_destroy()
164 __func__, policy->name); in policy_destroy()
181 static struct aa_policy *__policy_find(struct list_head *head, const char *name) in __policy_find() argument
186 if (!strcmp(policy->name, name)) in __policy_find()
211 if (aa_strneq(policy->name, str, len)) in __policy_strn_find()
[all …]
|
| D | procattr.c | 92 char *name; in split_token_from_name() local
94 *token = simple_strtoull(args, &name, 16); in split_token_from_name()
95 if ((name == args) || *name != '^') { in split_token_from_name()
100 name++; /* skip ^ */ in split_token_from_name()
101 if (!*name) in split_token_from_name()
102 name = NULL; in split_token_from_name()
103 return name; in split_token_from_name()
161 char *name, *ns_name; in aa_setprocattr_changeprofile() local
163 name = aa_split_fqname(fqname, &ns_name); in aa_setprocattr_changeprofile()
164 return aa_change_profile(ns_name, name, onexec, test); in aa_setprocattr_changeprofile()
|
| D | policy_unpack.c | 74 struct aa_profile *name = sa->aad->iface.target; in audit_cb() local
76 audit_log_untrustedstring(ab, name->base.hname); in audit_cb()
92 static int audit_iface(struct aa_profile *new, const char *name, in audit_iface() argument
103 aad.name = name; in audit_iface()
166 static bool unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name) in unpack_nameX() argument
180 if (name && (!size || tag[size-1] != '\0' || strcmp(name, tag))) in unpack_nameX()
182 } else if (name) { in unpack_nameX()
196 static bool unpack_u32(struct aa_ext *e, u32 *data, const char *name) in unpack_u32() argument
198 if (unpack_nameX(e, AA_U32, name)) { in unpack_u32()
209 static bool unpack_u64(struct aa_ext *e, u64 *data, const char *name) in unpack_u64() argument
[all …]
|
| D | apparmorfs.c | 40 static int mangle_name(char *name, char *target) in mangle_name() argument
44 while (*name == '/' || *name == '.') in mangle_name()
45 name++; in mangle_name()
48 for (; *name; name++) { in mangle_name()
49 if (*name == '/') in mangle_name()
51 else if (isspace(*name)) in mangle_name()
53 else if (isalnum(*name) || strchr("._-", *name)) in mangle_name()
54 *(t)++ = *name; in mangle_name()
60 for (; *name; name++) { in mangle_name()
61 if (isalnum(*name) || isspace(*name) || in mangle_name()
[all …]
|
| D | file.c | 107 gfp_t gfp, int op, u32 request, const char *name, in aa_audit_file() argument
118 aad.name = name; in aa_audit_file()
240 const char *name, struct path_cond *cond, in aa_str_perms() argument
249 state = aa_dfa_match(dfa, start, name); in aa_str_perms()
284 const char *name, *info = NULL; in aa_path_perm() local
288 error = aa_path_name(path, flags, &buffer, &name, &info); in aa_path_perm()
299 aa_str_perms(profile->file.dfa, profile->file.start, name, cond, in aa_path_perm()
304 error = aa_audit_file(profile, &perms, GFP_KERNEL, op, request, name, in aa_path_perm()
|
| /security/tomoyo/ |
| D | realpath.c | 181 char name[64]; in tomoyo_get_local_path() local
184 name[sizeof(name) - 1] = '\0'; in tomoyo_get_local_path()
185 snprintf(name, sizeof(name) - 1, "dev(%u,%u):", MAJOR(dev), in tomoyo_get_local_path()
187 name_len = strlen(name); in tomoyo_get_local_path()
191 memmove(pos, name, name_len); in tomoyo_get_local_path()
197 const char *name = sb->s_type->name; in tomoyo_get_local_path() local
198 const int name_len = strlen(name); in tomoyo_get_local_path()
202 memmove(pos, name, name_len); in tomoyo_get_local_path()
253 char *name = NULL; in tomoyo_realpath_from_path() local
303 name = tomoyo_encode(pos); in tomoyo_realpath_from_path()
[all …]
|
| D | file.c | 81 tomoyo_compare_name_union(const struct tomoyo_path_info *name, in tomoyo_compare_name_union() argument
85 return tomoyo_path_matches_group(name, ptr->group); in tomoyo_compare_name_union()
86 if (tomoyo_path_matches_pattern(name, ptr->filename)) in tomoyo_compare_name_union()
136 strcat((char *) buf->name, "/"); in tomoyo_add_slash()
150 buf->name = tomoyo_realpath_from_path(path); in tomoyo_get_realpath()
151 if (buf->name) { in tomoyo_get_realpath()
169 r->param.path.filename->name); in tomoyo_audit_path_log()
183 r->param.path2.filename1->name, in tomoyo_audit_path2_log()
184 r->param.path2.filename2->name); in tomoyo_audit_path2_log()
199 r->param.mkdev.filename->name, in tomoyo_audit_mkdev_log()
[all …]
|
| D | memory.c | 147 const struct tomoyo_path_info *tomoyo_get_name(const char *name) in tomoyo_get_name() argument
154 if (!name) in tomoyo_get_name()
156 len = strlen(name) + 1; in tomoyo_get_name()
157 hash = full_name_hash((const unsigned char *) name, len - 1); in tomoyo_get_name()
162 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name) || in tomoyo_get_name()
170 ptr->entry.name = ((char *) ptr) + sizeof(*ptr); in tomoyo_get_name()
171 memmove((char *) ptr->entry.name, name, len); in tomoyo_get_name()
195 tomoyo_kernel_namespace.name = "<kernel>"; in tomoyo_mm_init()
|
| D | domain.c | 195 static const char *tomoyo_last_word(const char *name) in tomoyo_last_word() argument
197 const char *cp = strrchr(name, ' '); in tomoyo_last_word()
200 return name; in tomoyo_last_word()
305 if (strcmp(ptr->domainname->name, last_name)) in tomoyo_scan_transition()
336 const char *last_name = tomoyo_last_word(domainname->name); in tomoyo_transition_type()
423 (const char *name, const unsigned int len) in tomoyo_find_namespace() argument
427 if (strncmp(name, ns->name, len) || in tomoyo_find_namespace()
428 (name[len] && name[len] != ' ')) in tomoyo_find_namespace()
465 char *name = (char *) (entry + 1); in tomoyo_assign_namespace() local
467 memmove(name, domainname, len); in tomoyo_assign_namespace()
[all …]
|
| D | securityfs_if.c | 56 struct tomoyo_path_info name; in tomoyo_write_self() local
58 name.name = data; in tomoyo_write_self()
59 tomoyo_fill_path_info(&name); in tomoyo_write_self()
63 r.param.task.domainname = &name; in tomoyo_write_self()
108 const char *domain = tomoyo_domain()->domainname->name; in tomoyo_read_self()
227 static void __init tomoyo_create_entry(const char *name, const umode_t mode, in tomoyo_create_entry() argument
230 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, in tomoyo_create_entry()
|
| D | environ.c | 23 return tomoyo_path_matches_pattern(r->param.environ.name, acl->env); in tomoyo_check_env_acl()
36 r->param.environ.name->name); in tomoyo_audit_env_log()
56 environ.name = env; in tomoyo_env_perm()
59 r->param.environ.name = &environ; in tomoyo_env_perm()
|
| D | util.c | 600 struct tomoyo_path_info name; in tomoyo_find_domain() local
602 name.name = domainname; in tomoyo_find_domain()
603 tomoyo_fill_path_info(&name); in tomoyo_find_domain()
606 !tomoyo_pathcmp(&name, domain->domainname)) in tomoyo_find_domain()
663 const char *name = ptr->name; in tomoyo_fill_path_info() local
664 const int len = strlen(name); in tomoyo_fill_path_info()
666 ptr->const_len = tomoyo_const_part_length(name); in tomoyo_fill_path_info()
667 ptr->is_dir = len && (name[len - 1] == '/'); in tomoyo_fill_path_info()
669 ptr->hash = full_name_hash(name, len); in tomoyo_fill_path_info()
923 const char *f = filename->name; in tomoyo_path_matches_pattern()
[all …]
|
| D | common.c | 371 namespace_list)->name); in tomoyo_print_namespace()
387 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_name_union()
389 tomoyo_set_string(head, ptr->filename->name); in tomoyo_print_name_union()
406 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_name_union_quoted()
409 tomoyo_set_string(head, ptr->filename->name); in tomoyo_print_name_union_quoted()
427 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_number_union_nospace()
584 static int tomoyo_set_mode(char *name, const char *value, in tomoyo_set_mode() argument
589 if (!strcmp(name, "CONFIG")) { in tomoyo_set_mode()
592 } else if (tomoyo_str_starts(&name, "CONFIG::")) { in tomoyo_set_mode()
602 if (strncmp(name, category, len) || in tomoyo_set_mode()
[all …]
|
| D | mount.c | 31 r->param.mount.dev->name, in tomoyo_audit_mount_log()
32 r->param.mount.dir->name, in tomoyo_audit_mount_log()
33 r->param.mount.type->name, in tomoyo_audit_mount_log()
96 rtype.name = requested_type; in tomoyo_mount_acl()
106 rdir.name = requested_dir_name; in tomoyo_mount_acl()
152 rdev.name = requested_dev_name; in tomoyo_mount_acl()
|
| D | condition.c | 30 arg.name = arg_ptr; in tomoyo_argv()
62 struct tomoyo_path_info name; in tomoyo_envp() local
64 name.name = env_name; in tomoyo_envp()
65 tomoyo_fill_path_info(&name); in tomoyo_envp()
66 value.name = env_value; in tomoyo_envp()
70 if (!tomoyo_path_matches_pattern(&name, envp->name)) in tomoyo_envp()
233 exe.name = tomoyo_realpath_from_path(&file->f_path); in tomoyo_scan_exec_realpath()
234 if (!exe.name) in tomoyo_scan_exec_realpath()
238 kfree(exe.name); in tomoyo_scan_exec_realpath()
309 const struct tomoyo_path_info *name; in tomoyo_parse_envp() local
[all …]
|
| D | common.h | 461 const struct tomoyo_path_info *name; member
501 const char *name; member
611 const struct tomoyo_path_info *name; member
707 struct tomoyo_name_union name; member
718 struct tomoyo_name_union name; member
726 struct tomoyo_name_union name; member
771 struct tomoyo_name_union name; member
911 const char *name; member
953 (const struct tomoyo_path_info *name, const struct tomoyo_name_union *ptr);
956 const struct tomoyo_path_info *tomoyo_get_name(const char *name);
[all …]
|
| /security/integrity/ima/ |
| D | ima_template.c | 24 {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT},
25 {.name = "ima-ng", .fmt = "d-ng|n-ng"},
26 {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"},
27 {.name = "", .fmt = ""}, /* placeholder for a custom format */
44 static struct ima_template_desc *lookup_template_desc(const char *name);
102 static struct ima_template_desc *lookup_template_desc(const char *name) in lookup_template_desc() argument
107 if (strcmp(defined_templates[i].name, name) == 0) in lookup_template_desc()
205 (strlen(template->name) ? in ima_init_template()
206 template->name : template->fmt), result); in ima_init_template()
|
| /security/apparmor/include/ |
| D | apparmorfs.h | 29 const char *name; member
45 { .name = (_name), .mode = 0444, \
49 { .name = (_name), .mode = 0444, \
53 { .name = (_name), .mode = 0444, \
57 { .name = (_name), .v_type = AA_FS_TYPE_FOPS, \
60 { .name = (_name), .v_type = AA_FS_TYPE_DIR, .v.files = (_value) }
102 const char *name);
|
| D | policy.h | 86 char *name; member
239 const char *name);
243 struct aa_profile *aa_alloc_profile(const char *name);
247 struct aa_profile *aa_find_child(struct aa_profile *parent, const char *name);
248 struct aa_profile *aa_lookup_profile(struct aa_namespace *ns, const char *name);
249 struct aa_profile *aa_match_profile(struct aa_namespace *ns, const char *name);
252 ssize_t aa_remove_profiles(char *name, size_t size);
|
| /security/integrity/ |
| D | digsig_asymmetric.c | 29 char name[12]; in request_asymmetric_key() local
31 sprintf(name, "id:%08x", keyid); in request_asymmetric_key()
33 pr_debug("key search: \"%s\"\n", name); in request_asymmetric_key()
39 &key_type_asymmetric, name); in request_asymmetric_key()
45 key = request_key(&key_type_asymmetric, name, NULL); in request_asymmetric_key()
50 name, PTR_ERR(key)); in request_asymmetric_key()
|
| /security/ |
| D | inode.c | 44 .name = "securityfs",
77 struct dentry *securityfs_create_file(const char *name, umode_t mode, in securityfs_create_file() argument
91 pr_debug("securityfs: creating file '%s'\n",name); in securityfs_create_file()
103 dentry = lookup_one_len2(name, mount, parent, strlen(name)); in securityfs_create_file()
166 struct dentry *securityfs_create_dir(const char *name, struct dentry *parent) in securityfs_create_dir() argument
168 return securityfs_create_file(name, in securityfs_create_dir()
|
| D | security.c | 358 struct qstr *name, void **ctx, in security_dentry_init_security() argument
362 name, ctx, ctxlen); in security_dentry_init_security()
383 &lsm_xattr->name, in security_inode_init_security()
402 const struct qstr *qstr, const char **name, in security_old_inode_init_security() argument
408 qstr, name, value, len); in security_old_inode_init_security()
623 int security_inode_setxattr(struct dentry *dentry, const char *name, in security_inode_setxattr() argument
634 ret = call_int_hook(inode_setxattr, 1, dentry, name, value, size, in security_inode_setxattr()
638 ret = cap_inode_setxattr(dentry, name, value, size, flags); in security_inode_setxattr()
641 ret = ima_inode_setxattr(dentry, name, value, size); in security_inode_setxattr()
644 return evm_inode_setxattr(dentry, name, value, size); in security_inode_setxattr()
[all …]
|