| /security/selinux/ss/ |
| D | policydb.c | 175 static int roles_init(struct policydb *p) in roles_init() argument
187 role->value = ++p->p_roles.nprim; in roles_init()
196 rc = hashtab_insert(p->p_roles.table, key, role); in roles_init()
274 static int policydb_init(struct policydb *p) in policydb_init() argument
278 memset(p, 0, sizeof(*p)); in policydb_init()
281 rc = symtab_init(&p->symtab[i], symtab_sizes[i]); in policydb_init()
286 rc = avtab_init(&p->te_avtab); in policydb_init()
290 rc = roles_init(p); in policydb_init()
294 rc = cond_policydb_init(p); in policydb_init()
298 p->filename_trans = hashtab_create(filenametr_hash, filenametr_cmp, (1 << 10)); in policydb_init()
[all …]
|
| D | conditional.c | 26 static int cond_evaluate_expr(struct policydb *p, struct cond_expr *expr) in cond_evaluate_expr() argument
39 s[sp] = p->bool_val_to_struct[cur->bool - 1]->state; in cond_evaluate_expr()
90 int evaluate_cond_node(struct policydb *p, struct cond_node *node) in evaluate_cond_node() argument
95 new_state = cond_evaluate_expr(p, node->expr); in evaluate_cond_node()
119 int cond_policydb_init(struct policydb *p) in cond_policydb_init() argument
123 p->bool_val_to_struct = NULL; in cond_policydb_init()
124 p->cond_list = NULL; in cond_policydb_init()
126 rc = avtab_init(&p->te_cond_avtab); in cond_policydb_init()
169 void cond_policydb_destroy(struct policydb *p) in cond_policydb_destroy() argument
171 kfree(p->bool_val_to_struct); in cond_policydb_destroy()
[all …]
|
| D | mls.c | 160 int mls_level_isvalid(struct policydb *p, struct mls_level *l) in mls_level_isvalid() argument
164 if (!l->sens || l->sens > p->p_levels.nprim) in mls_level_isvalid()
166 levdatum = hashtab_search(p->p_levels.table, in mls_level_isvalid()
167 sym_name(p, SYM_LEVELS, l->sens - 1)); in mls_level_isvalid()
177 p->p_cats.nprim); in mls_level_isvalid()
180 int mls_range_isvalid(struct policydb *p, struct mls_range *r) in mls_range_isvalid() argument
182 return (mls_level_isvalid(p, &r->level[0]) && in mls_range_isvalid()
183 mls_level_isvalid(p, &r->level[1]) && in mls_range_isvalid()
191 int mls_context_isvalid(struct policydb *p, struct context *c) in mls_context_isvalid() argument
195 if (!p->mls_enabled) in mls_context_isvalid()
[all …]
|
| D | hashtab.c | 16 struct hashtab *p; in hashtab_create() local
19 p = kzalloc(sizeof(*p), GFP_KERNEL); in hashtab_create()
20 if (p == NULL) in hashtab_create()
21 return p; in hashtab_create()
23 p->size = size; in hashtab_create()
24 p->nel = 0; in hashtab_create()
25 p->hash_value = hash_value; in hashtab_create()
26 p->keycmp = keycmp; in hashtab_create()
27 p->htable = kmalloc(sizeof(*(p->htable)) * size, GFP_KERNEL); in hashtab_create()
28 if (p->htable == NULL) { in hashtab_create()
[all …]
|
| D | conditional.h | 63 int cond_policydb_init(struct policydb *p);
64 void cond_policydb_destroy(struct policydb *p);
66 int cond_init_bool_indexes(struct policydb *p);
67 int cond_destroy_bool(void *key, void *datum, void *p);
71 int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp);
72 int cond_read_list(struct policydb *p, void *fp);
74 int cond_write_list(struct policydb *p, struct cond_node *list, void *fp);
80 int evaluate_cond_node(struct policydb *p, struct cond_node *node);
|
| D | policydb.h | 305 extern void policydb_destroy(struct policydb *p);
306 extern int policydb_load_isids(struct policydb *p, struct sidtab *s);
307 extern int policydb_context_isvalid(struct policydb *p, struct context *c);
308 extern int policydb_class_isvalid(struct policydb *p, unsigned int class);
309 extern int policydb_type_isvalid(struct policydb *p, unsigned int type);
310 extern int policydb_role_isvalid(struct policydb *p, unsigned int role);
311 extern int policydb_read(struct policydb *p, void *fp);
312 extern int policydb_write(struct policydb *p, void *fp);
335 struct policydb *p; member
361 static inline char *sym_name(struct policydb *p, unsigned int sym_num, unsigned int element_nr) in sym_name() argument
[all …]
|
| D | symtab.c | 13 const char *p, *keyp; in symhash() local
20 for (p = keyp; (p - keyp) < size; p++) in symhash()
21 val = (val << 4 | (val >> (8*sizeof(unsigned int)-4))) ^ (*p); in symhash()
|
| D | mls.h | 29 int mls_context_isvalid(struct policydb *p, struct context *c);
30 int mls_range_isvalid(struct policydb *p, struct mls_range *r);
31 int mls_level_isvalid(struct policydb *p, struct mls_level *l);
33 int mls_context_to_sid(struct policydb *p,
|
| D | services.c | 632 for (i = 0; i < ARRAY_SIZE(xperms->drivers.p); i++) in services_compute_xperms_drivers()
633 xperms->drivers.p[i] |= node->datum.u.xperms->perms.p[i]; in services_compute_xperms_drivers()
636 security_xperm_set(xperms->drivers.p, in services_compute_xperms_drivers()
952 if (!security_xperm_test(node->datum.u.xperms->perms.p, in services_compute_xperms_decision()
962 memset(xpermd->allowed->p, 0xff, in services_compute_xperms_decision()
963 sizeof(xpermd->allowed->p)); in services_compute_xperms_decision()
966 for (i = 0; i < ARRAY_SIZE(xpermd->allowed->p); i++) in services_compute_xperms_decision()
967 xpermd->allowed->p[i] |= in services_compute_xperms_decision()
968 node->datum.u.xperms->perms.p[i]; in services_compute_xperms_decision()
973 memset(xpermd->auditallow->p, 0xff, in services_compute_xperms_decision()
[all …]
|
| D | avtab.h | 103 struct avtab_datum *d, void *p),
104 void *p);
107 int avtab_write_item(struct policydb *p, struct avtab_node *cur, void *fp);
108 int avtab_write(struct policydb *p, struct avtab *a, void *fp);
|
| D | avtab.c | 417 struct avtab_datum *d, void *p), in avtab_read_item() argument
418 void *p) in avtab_read_item()
426 __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; in avtab_read_item()
493 rc = insertf(a, &key, &datum, p); in avtab_read_item()
572 rc = next_entry(buf32, fp, sizeof(u32)*ARRAY_SIZE(xperms.perms.p)); in avtab_read_item()
577 for (i = 0; i < ARRAY_SIZE(xperms.perms.p); i++) in avtab_read_item()
578 xperms.perms.p[i] = le32_to_cpu(buf32[i]); in avtab_read_item()
593 return insertf(a, &key, &datum, p); in avtab_read_item()
597 struct avtab_datum *d, void *p) in avtab_insertf() argument
646 int avtab_write_item(struct policydb *p, struct avtab_node *cur, void *fp) in avtab_write_item() argument
[all …]
|
| /security/apparmor/include/ |
| D | policy.h | 260 static inline struct aa_profile *aa_deref_parent(struct aa_profile *p) in aa_deref_parent() argument
262 return rcu_dereference_protected(p->parent, in aa_deref_parent()
263 mutex_is_locked(&p->ns->lock)); in aa_deref_parent()
273 static inline struct aa_profile *aa_get_profile(struct aa_profile *p) in aa_get_profile() argument
275 if (p) in aa_get_profile()
276 kref_get(&(p->count)); in aa_get_profile()
278 return p; in aa_get_profile()
288 static inline struct aa_profile *aa_get_profile_not0(struct aa_profile *p) in aa_get_profile_not0() argument
290 if (p && kref_get_not0(&p->count)) in aa_get_profile_not0()
291 return p; in aa_get_profile_not0()
[all …]
|
| /security/keys/ |
| D | proc.c | 22 static void *proc_keys_start(struct seq_file *p, loff_t *_pos);
23 static void *proc_keys_next(struct seq_file *p, void *v, loff_t *_pos);
24 static void proc_keys_stop(struct seq_file *p, void *v);
42 static void *proc_key_users_start(struct seq_file *p, loff_t *_pos);
43 static void *proc_key_users_next(struct seq_file *p, void *v, loff_t *_pos);
44 static void proc_key_users_stop(struct seq_file *p, void *v);
66 struct proc_dir_entry *p; in key_proc_init() local
68 p = proc_create("keys", 0, NULL, &proc_keys_fops); in key_proc_init()
69 if (!p) in key_proc_init()
72 p = proc_create("key-users", 0, NULL, &proc_key_users_fops); in key_proc_init()
[all …]
|
| D | trusted.c | 661 static int key_seal(struct trusted_key_payload *p, in key_seal() argument
672 p->key[p->key_len] = p->migratable; in key_seal()
675 p->key, p->key_len + 1, p->blob, &p->blob_len, in key_seal()
687 static int key_unseal(struct trusted_key_payload *p, in key_unseal() argument
697 ret = tpm_unseal(tb, o->keyhandle, o->keyauth, p->blob, p->blob_len, in key_unseal()
698 o->blobauth, p->key, &p->key_len); in key_unseal()
703 p->migratable = p->key[--p->key_len]; in key_unseal()
734 char *p = c; in getoptions() local
740 while ((p = strsep(&c, " \t"))) { in getoptions()
741 if (*p == '\0' || *p == ' ' || *p == '\t') in getoptions()
[all …]
|
| D | trusted.h | 51 static inline void dump_payload(struct trusted_key_payload *p) in dump_payload() argument
53 pr_info("trusted_key: key_len %d\n", p->key_len); in dump_payload()
55 16, 1, p->key, p->key_len, 0); in dump_payload()
56 pr_info("trusted_key: bloblen %d\n", p->blob_len); in dump_payload()
58 16, 1, p->blob, p->blob_len, 0); in dump_payload()
59 pr_info("trusted_key: migratable %d\n", p->migratable); in dump_payload()
87 static inline void dump_payload(struct trusted_key_payload *p) in dump_payload() argument
|
| D | key.c | 58 struct rb_node **p; in key_user_lookup() local
61 p = &key_user_tree.rb_node; in key_user_lookup()
65 while (*p) { in key_user_lookup()
66 parent = *p; in key_user_lookup()
70 p = &(*p)->rb_left; in key_user_lookup()
72 p = &(*p)->rb_right; in key_user_lookup()
105 rb_link_node(&candidate->node, parent, p); in key_user_lookup()
139 struct rb_node *parent, **p; in key_alloc_serial() local
154 p = &key_serial_tree.rb_node; in key_alloc_serial()
156 while (*p) { in key_alloc_serial()
[all …]
|
| D | user_defined.c | 212 char *p; in logon_vet_description() local
215 p = strchr(desc, ':'); in logon_vet_description()
216 if (!p) in logon_vet_description()
220 if (p == desc) in logon_vet_description()
|
| /security/tomoyo/ |
| D | util.c | 837 static bool tomoyo_path_matches_pattern2(const char *f, const char *p) in tomoyo_path_matches_pattern2() argument
842 while (*f && *p) { in tomoyo_path_matches_pattern2()
846 p_delimiter = strchr(p, '/'); in tomoyo_path_matches_pattern2()
848 p_delimiter = p + strlen(p); in tomoyo_path_matches_pattern2()
849 if (*p == '\\' && *(p + 1) == '{') in tomoyo_path_matches_pattern2()
851 if (!tomoyo_file_matches_pattern(f, f_delimiter, p, in tomoyo_path_matches_pattern2()
857 p = p_delimiter; in tomoyo_path_matches_pattern2()
858 if (*p) in tomoyo_path_matches_pattern2()
859 p++; in tomoyo_path_matches_pattern2()
862 while (*p == '\\' && in tomoyo_path_matches_pattern2()
[all …]
|
| D | realpath.c | 25 const char *p = str; in tomoyo_encode2() local
29 if (!p) in tomoyo_encode2()
32 const unsigned char c = p[i]; in tomoyo_encode2()
47 p = str; in tomoyo_encode2()
49 const unsigned char c = p[i]; in tomoyo_encode2()
|
| /security/integrity/ |
| D | iint.c | 94 struct rb_node **p; in integrity_inode_get() local
108 p = &integrity_iint_tree.rb_node; in integrity_inode_get()
109 while (*p) { in integrity_inode_get()
110 parent = *p; in integrity_inode_get()
114 p = &(*p)->rb_left; in integrity_inode_get()
116 p = &(*p)->rb_right; in integrity_inode_get()
122 rb_link_node(node, parent, p); in integrity_inode_get()
|
| /security/apparmor/ |
| D | apparmorfs.c | 411 struct aa_profile *p; in __aa_fs_profile_mkdir() local
412 p = aa_deref_parent(profile); in __aa_fs_profile_mkdir()
413 dent = prof_dir(p); in __aa_fs_profile_mkdir()
418 prof_child_dir(p) = parent = dent; in __aa_fs_profile_mkdir()
628 static struct aa_profile *__next_profile(struct aa_profile *p) in __next_profile() argument
631 struct aa_namespace *ns = p->ns; in __next_profile()
634 if (!list_empty(&p->base.profiles)) in __next_profile()
635 return list_first_entry(&p->base.profiles, typeof(*p), in __next_profile()
639 parent = rcu_dereference_protected(p->parent, in __next_profile()
640 mutex_is_locked(&p->ns->lock)); in __next_profile()
[all …]
|
| D | policy.c | 623 struct aa_profile *p = container_of(head, struct aa_profile, rcu); in aa_free_profile_rcu() local
624 if (p->flags & PFLAG_NS_COUNT) in aa_free_profile_rcu()
625 free_namespace(p->ns); in aa_free_profile_rcu()
627 aa_free_profile(p); in aa_free_profile_rcu()
636 struct aa_profile *p = container_of(kref, struct aa_profile, count); in aa_free_profile_kref() local
637 call_rcu(&p->rcu, aa_free_profile_rcu); in aa_free_profile_kref()
1003 struct aa_profile *p; in __replace_profile() local
1006 p = __find_child(&new->base.profiles, child->base.name); in __replace_profile()
1007 if (p) { in __replace_profile()
1009 __replace_profile(child, p, share_replacedby); in __replace_profile()
[all …]
|
| /security/selinux/ |
| D | avc.c | 258 rc = security_xperm_test(xpd->allowed->p, perm); in avc_xperms_has_perm()
261 rc = security_xperm_test(xpd->auditallow->p, perm); in avc_xperms_has_perm()
264 rc = security_xperm_test(xpd->dontaudit->p, perm); in avc_xperms_has_perm()
272 security_xperm_set(xp_node->xp.drivers.p, driver); in avc_xperms_allow_perm()
275 security_xperm_set(xpd->allowed->p, perm); in avc_xperms_allow_perm()
312 memcpy(dest->allowed->p, src->allowed->p, in avc_copy_xperms_decision()
313 sizeof(src->allowed->p)); in avc_copy_xperms_decision()
315 memcpy(dest->auditallow->p, src->auditallow->p, in avc_copy_xperms_decision()
316 sizeof(src->auditallow->p)); in avc_copy_xperms_decision()
318 memcpy(dest->dontaudit->p, src->dontaudit->p, in avc_copy_xperms_decision()
[all …]
|
| /security/integrity/ima/ |
| D | ima_policy.c | 502 char *p; in ima_parse_rule() local
510 while ((p = strsep(&rule, " \t")) != NULL) { in ima_parse_rule()
517 if ((*p == '\0') || (*p == ' ') || (*p == '\t')) in ima_parse_rule()
519 token = match_token(p, policy_tokens, args); in ima_parse_rule()
728 ima_log_string(ab, "UNKNOWN", p); in ima_parse_rule()
754 char *p; in ima_parse_add_rule() local
759 p = strsep(&rule, "\n"); in ima_parse_add_rule()
760 len = strlen(p) + 1; in ima_parse_add_rule()
761 p += strspn(p, " \t"); in ima_parse_add_rule()
763 if (*p == '#' || *p == '\0') in ima_parse_add_rule()
[all …]
|
| /security/ |
| D | security.c | 927 int security_task_setpgid(struct task_struct *p, pid_t pgid) in security_task_setpgid() argument
929 return call_int_hook(task_setpgid, 0, p, pgid); in security_task_setpgid()
932 int security_task_getpgid(struct task_struct *p) in security_task_getpgid() argument
934 return call_int_hook(task_getpgid, 0, p); in security_task_getpgid()
937 int security_task_getsid(struct task_struct *p) in security_task_getsid() argument
939 return call_int_hook(task_getsid, 0, p); in security_task_getsid()
942 void security_task_getsecid(struct task_struct *p, u32 *secid) in security_task_getsecid() argument
945 call_void_hook(task_getsecid, p, secid); in security_task_getsecid()
949 int security_task_setnice(struct task_struct *p, int nice) in security_task_setnice() argument
951 return call_int_hook(task_setnice, 0, p, nice); in security_task_setnice()
[all …]
|