| /security/apparmor/ |
| D | policy_unpack.c | 105 const char *name, const char *info, struct aa_ext *e, in audit_iface() argument
110 if (e) in audit_iface()
111 aad(&sa)->iface.pos = e->pos - e->start; in audit_iface()
198 static bool inbounds(struct aa_ext *e, size_t size) in inbounds() argument
200 return (size <= e->end - e->pos); in inbounds()
219 static size_t unpack_u16_chunk(struct aa_ext *e, char **chunk) in unpack_u16_chunk() argument
222 void *pos = e->pos; in unpack_u16_chunk()
224 if (!inbounds(e, sizeof(u16))) in unpack_u16_chunk()
226 size = le16_to_cpu(get_unaligned((__le16 *) e->pos)); in unpack_u16_chunk()
227 e->pos += sizeof(__le16); in unpack_u16_chunk()
[all …]
|
| D | resource.c | 84 int e = 0; in profile_setrlimit() local
88 e = -EACCES; in profile_setrlimit()
90 e); in profile_setrlimit()
|
| D | file.c | 281 int e = 0; in __aa_path_perm() local
287 e = -EACCES; in __aa_path_perm()
289 cond->uid, NULL, e); in __aa_path_perm()
|
| /security/selinux/ss/ |
| D | ebitmap.h | 45 #define ebitmap_length(e) ((e)->highbit) argument
47 static inline unsigned int ebitmap_start_positive(struct ebitmap *e, in ebitmap_start_positive() argument
52 for (*n = e->node; *n; *n = (*n)->next) { in ebitmap_start_positive()
57 return ebitmap_length(e); in ebitmap_start_positive()
60 static inline void ebitmap_init(struct ebitmap *e) in ebitmap_init() argument
62 memset(e, 0, sizeof(*e)); in ebitmap_init()
65 static inline unsigned int ebitmap_next_positive(struct ebitmap *e, in ebitmap_next_positive() argument
80 return ebitmap_length(e); in ebitmap_next_positive()
120 #define ebitmap_for_each_positive_bit(e, n, bit) \ argument
121 for (bit = ebitmap_start_positive(e, &n); \
[all …]
|
| D | ebitmap.c | 242 int ebitmap_get_bit(struct ebitmap *e, unsigned long bit) in ebitmap_get_bit() argument
246 if (e->highbit < bit) in ebitmap_get_bit()
249 n = e->node; in ebitmap_get_bit()
259 int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) in ebitmap_set_bit() argument
264 n = e->node; in ebitmap_set_bit()
285 e->highbit = prev->startbit in ebitmap_set_bit()
288 e->highbit = 0; in ebitmap_set_bit()
293 e->node = n->next; in ebitmap_set_bit()
314 e->highbit = new->startbit + EBITMAP_SIZE; in ebitmap_set_bit()
320 new->next = e->node; in ebitmap_set_bit()
[all …]
|
| D | policydb.c | 223 struct constraint_expr *e, *etmp; in cls_destroy() local
232 e = constraint->expr; in cls_destroy()
233 while (e) { in cls_destroy()
234 etmp = e; in cls_destroy()
235 e = e->next; in cls_destroy()
245 e = constraint->expr; in cls_destroy()
246 while (e) { in cls_destroy()
247 etmp = e; in cls_destroy()
248 e = e->next; in cls_destroy()
1194 struct constraint_expr *e, *le; in read_cons_helper() local
[all …]
|
| D | mls.c | 40 struct ebitmap *e; in mls_compute_context_len() local
54 e = &context->range.level[l].cat; in mls_compute_context_len()
55 ebitmap_for_each_positive_bit(e, node, i) { in mls_compute_context_len()
95 struct ebitmap *e; in mls_sid_to_context() local
114 e = &context->range.level[l].cat; in mls_sid_to_context()
115 ebitmap_for_each_positive_bit(e, node, i) { in mls_sid_to_context()
|
| D | services.c | 272 struct constraint_expr *e; in constraint_expr_eval() local
276 for (e = cexpr; e; e = e->next) { in constraint_expr_eval()
277 switch (e->expr_type) { in constraint_expr_eval()
295 switch (e->attr) { in constraint_expr_eval()
309 switch (e->op) { in constraint_expr_eval()
353 switch (e->op) { in constraint_expr_eval()
379 switch (e->op) { in constraint_expr_eval()
395 if (e->attr & CEXPR_TARGET) in constraint_expr_eval()
397 else if (e->attr & CEXPR_XTARGET) { in constraint_expr_eval()
404 if (e->attr & CEXPR_USER) in constraint_expr_eval()
[all …]
|
| /security/integrity/ima/ |
| D | ima_fs.c | 132 struct ima_template_entry *e; in ima_measurements_show() local
139 e = qe->entry; in ima_measurements_show()
140 if (e == NULL) in ima_measurements_show()
143 template_name = (e->template_desc->name[0] != '\0') ? in ima_measurements_show()
144 e->template_desc->name : e->template_desc->fmt; in ima_measurements_show()
151 pcr = !ima_canonical_fmt ? e->pcr : cpu_to_le32(e->pcr); in ima_measurements_show()
152 ima_putc(m, &pcr, sizeof(e->pcr)); in ima_measurements_show()
155 ima_putc(m, e->digest, TPM_DIGEST_SIZE); in ima_measurements_show()
170 template_data_len = !ima_canonical_fmt ? e->template_data_len : in ima_measurements_show()
171 cpu_to_le32(e->template_data_len); in ima_measurements_show()
[all …]
|
| D | ima_policy.c | 326 struct ima_rule_entry *entry, *e; in ima_lsm_update_rules() local
329 list_for_each_entry_safe(entry, e, &ima_policy_rules, list) { in ima_lsm_update_rules()
|
| /security/tomoyo/ |
| D | group.c | 83 struct tomoyo_path_group e = { }; in tomoyo_write_group() local
85 e.member_name = tomoyo_get_name(tomoyo_read_token(param)); in tomoyo_write_group()
86 if (!e.member_name) { in tomoyo_write_group()
90 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_group()
92 tomoyo_put_name(e.member_name); in tomoyo_write_group()
94 struct tomoyo_number_group e = { }; in tomoyo_write_group() local
97 !tomoyo_parse_number_union(param, &e.number)) in tomoyo_write_group()
99 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_group()
106 struct tomoyo_address_group e = { }; in tomoyo_write_group() local
109 !tomoyo_parse_ipaddr_union(param, &e.address)) in tomoyo_write_group()
[all …]
|
| D | condition.c | 455 struct tomoyo_condition *e) in tomoyo_get_transit_preference() argument
461 e->transit = tomoyo_get_domainname(param); in tomoyo_get_transit_preference()
477 e->transit = tomoyo_get_name(tomoyo_read_token(param)); in tomoyo_get_transit_preference()
479 if (e->transit) in tomoyo_get_transit_preference()
503 struct tomoyo_condition e = { }; in tomoyo_get_condition() local
505 tomoyo_get_transit_preference(param, &e); in tomoyo_get_condition()
566 e.argc++; in tomoyo_get_condition()
567 e.condc++; in tomoyo_get_condition()
569 e.argc--; in tomoyo_get_condition()
570 e.condc--; in tomoyo_get_condition()
[all …]
|
| D | file.c | 389 struct tomoyo_path_acl e = { in tomoyo_update_path_acl() local
395 if (!tomoyo_parse_name_union(param, &e.name)) in tomoyo_update_path_acl()
398 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_update_path_acl()
401 tomoyo_put_name_union(&e.name); in tomoyo_update_path_acl()
465 struct tomoyo_mkdev_acl e = { in tomoyo_update_mkdev_acl() local
471 if (!tomoyo_parse_name_union(param, &e.name) || in tomoyo_update_mkdev_acl()
472 !tomoyo_parse_number_union(param, &e.mode) || in tomoyo_update_mkdev_acl()
473 !tomoyo_parse_number_union(param, &e.major) || in tomoyo_update_mkdev_acl()
474 !tomoyo_parse_number_union(param, &e.minor)) in tomoyo_update_mkdev_acl()
477 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_update_mkdev_acl()
[all …]
|
| D | network.c | 284 struct tomoyo_inet_acl e = { .head.type = TOMOYO_TYPE_INET_ACL }; in tomoyo_write_inet_network() local
290 for (e.protocol = 0; e.protocol < TOMOYO_SOCK_MAX; e.protocol++) in tomoyo_write_inet_network()
291 if (!strcmp(protocol, tomoyo_proto_keyword[e.protocol])) in tomoyo_write_inet_network()
295 e.perm |= 1 << type; in tomoyo_write_inet_network()
296 if (e.protocol == TOMOYO_SOCK_MAX || !e.perm) in tomoyo_write_inet_network()
300 e.address.group = in tomoyo_write_inet_network()
302 if (!e.address.group) in tomoyo_write_inet_network()
305 if (!tomoyo_parse_ipaddr_union(param, &e.address)) in tomoyo_write_inet_network()
308 if (!tomoyo_parse_number_union(param, &e.port) || in tomoyo_write_inet_network()
309 e.port.values[1] > 65535) in tomoyo_write_inet_network()
[all …]
|
| D | domain.c | 245 struct tomoyo_transition_control e = { .type = type }; in tomoyo_write_transition_control() local
261 e.program = tomoyo_get_name(program); in tomoyo_write_transition_control()
262 if (!e.program) in tomoyo_write_transition_control()
269 e.is_last_name = true; in tomoyo_write_transition_control()
271 e.domainname = tomoyo_get_name(domainname); in tomoyo_write_transition_control()
272 if (!e.domainname) in tomoyo_write_transition_control()
276 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_transition_control()
279 tomoyo_put_name(e.domainname); in tomoyo_write_transition_control()
280 tomoyo_put_name(e.program); in tomoyo_write_transition_control()
405 struct tomoyo_aggregator e = { }; in tomoyo_write_aggregator() local
[all …]
|
| D | environ.c | 96 struct tomoyo_env_acl e = { .head.type = TOMOYO_TYPE_ENV_ACL }; in tomoyo_write_env() local
102 e.env = tomoyo_get_name(data); in tomoyo_write_env()
103 if (!e.env) in tomoyo_write_env()
105 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_write_env()
107 tomoyo_put_name(e.env); in tomoyo_write_env()
|
| D | memory.c | 98 struct tomoyo_group e = { }; in tomoyo_get_group() local
106 e.group_name = tomoyo_get_name(group_name); in tomoyo_get_group()
107 if (!e.group_name) in tomoyo_get_group()
113 if (e.group_name != group->group_name || in tomoyo_get_group()
121 struct tomoyo_group *entry = tomoyo_commit_ok(&e, sizeof(e)); in tomoyo_get_group()
133 tomoyo_put_name(e.group_name); in tomoyo_get_group()
|
| D | util.c | 439 unsigned char e; in tomoyo_correct_word2() local
482 e = *string++; in tomoyo_correct_word2()
483 if (d < '0' || d > '7' || e < '0' || e > '7') in tomoyo_correct_word2()
485 c = tomoyo_make_byte(c, d, e); in tomoyo_correct_word2()
|
| D | common.c | 864 struct tomoyo_manager e = { }; in tomoyo_update_manager_entry() local
875 e.manager = tomoyo_get_name(manager); in tomoyo_update_manager_entry()
876 if (e.manager) { in tomoyo_update_manager_entry()
877 error = tomoyo_update_policy(&e.head, sizeof(e), ¶m, in tomoyo_update_manager_entry()
879 tomoyo_put_name(e.manager); in tomoyo_update_manager_entry()
1066 struct tomoyo_task_acl e = { in tomoyo_write_task() local
1071 if (e.domainname) in tomoyo_write_task()
1072 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_write_task()
1075 tomoyo_put_name(e.domainname); in tomoyo_write_task()
|
| D | Kconfig | 53 variant part of policy and verifying (e.g. running GPG check) and
|
| /security/apparmor/include/ |
| D | perms.h | 94 int e, error = FN1; \
95 e = FN2; \
96 if (e) \
97 error = e; \
|
| /security/selinux/ |
| D | Kconfig | 36 support runtime disabling of SELinux, e.g. from /sbin/init, for
98 chain lengths are high (e.g. > 20) then selecting a higher value here
|
| /security/ |
| D | Kconfig | 231 specify an empty string here (i.e. "").
|