Lines Matching refs:func
67 enum ima_hooks func; member
115 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
117 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
119 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
122 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
123 {.action = MEASURE, .func = FIRMWARE_CHECK, .flags = IMA_FUNC},
127 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
129 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
131 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
134 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
137 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
138 {.action = MEASURE, .func = FIRMWARE_CHECK, .flags = IMA_FUNC},
139 {.action = MEASURE, .func = POLICY_CHECK, .flags = IMA_FUNC},
158 {.action = APPRAISE, .func = POLICY_CHECK,
173 {.action = APPRAISE, .func = MODULE_CHECK,
177 {.action = APPRAISE, .func = FIRMWARE_CHECK,
181 {.action = APPRAISE, .func = KEXEC_KERNEL_CHECK,
185 {.action = APPRAISE, .func = POLICY_CHECK,
191 {.action = APPRAISE, .func = MODULE_CHECK,
193 {.action = APPRAISE, .func = FIRMWARE_CHECK,
195 {.action = APPRAISE, .func = KEXEC_KERNEL_CHECK,
197 {.action = APPRAISE, .func = POLICY_CHECK,
372 enum ima_hooks func, int mask) in ima_match_rules() argument
376 if (func == KEXEC_CMDLINE) { in ima_match_rules()
377 if ((rule->flags & IMA_FUNC) && (rule->func == func)) in ima_match_rules()
382 (rule->func != func && func != POST_SETATTR)) in ima_match_rules()
385 (rule->mask != mask && func != POST_SETATTR)) in ima_match_rules()
388 (!(rule->mask & mask) && func != POST_SETATTR)) in ima_match_rules()
451 static int get_subaction(struct ima_rule_entry *rule, enum ima_hooks func) in get_subaction() argument
456 switch (func) { in get_subaction()
491 enum ima_hooks func, int mask, int flags, int *pcr, in ima_match_policy() argument
506 if (!ima_match_rules(entry, inode, cred, secid, func, mask)) in ima_match_policy()
513 action |= get_subaction(entry, func); in ima_match_policy()
559 static int ima_appraise_flag(enum ima_hooks func) in ima_appraise_flag() argument
561 if (func == MODULE_CHECK) in ima_appraise_flag()
563 else if (func == FIRMWARE_CHECK) in ima_appraise_flag()
565 else if (func == POLICY_CHECK) in ima_appraise_flag()
567 else if (func == KEXEC_KERNEL_CHECK) in ima_appraise_flag()
592 temp_ima_appraise |= ima_appraise_flag(entries[i].func); in add_rules()
593 if (entries[i].func == POLICY_CHECK) in add_rules()
970 if (entry->func) in ima_parse_rule()
974 entry->func = FILE_CHECK; in ima_parse_rule()
977 entry->func = FILE_CHECK; in ima_parse_rule()
979 entry->func = MODULE_CHECK; in ima_parse_rule()
981 entry->func = FIRMWARE_CHECK; in ima_parse_rule()
984 entry->func = MMAP_CHECK; in ima_parse_rule()
986 entry->func = BPRM_CHECK; in ima_parse_rule()
988 entry->func = CREDS_CHECK; in ima_parse_rule()
991 entry->func = KEXEC_KERNEL_CHECK; in ima_parse_rule()
994 entry->func = KEXEC_INITRAMFS_CHECK; in ima_parse_rule()
996 entry->func = POLICY_CHECK; in ima_parse_rule()
998 entry->func = KEXEC_CMDLINE; in ima_parse_rule()
1168 else if (ima_hook_supports_modsig(entry->func) && in ima_parse_rule()
1223 temp_ima_appraise |= ima_appraise_flag(entry->func); in ima_parse_rule()
1358 static void policy_func_show(struct seq_file *m, enum ima_hooks func) in policy_func_show() argument
1360 if (func > 0 && func < MAX_CHECK) in policy_func_show()
1361 seq_printf(m, "func=%s ", func_tokens[func]); in policy_func_show()
1363 seq_printf(m, "func=%d ", func); in policy_func_show()
1393 policy_func_show(m, entry->func); in ima_policy_show()
1522 enum ima_hooks func; in ima_appraise_signature() local
1527 func = read_idmap[id] ?: FILE_CHECK; in ima_appraise_signature()
1538 if (entry->func && entry->func != func) in ima_appraise_signature()