Home
last modified time | relevance | path

Searched refs:mask (Results 1 – 25 of 27) sorted by relevance

12

/security/apparmor/
Dresource.c86 if (profile->rlimits.mask & (1 << resource) && new_rlim->rlim_max > in profile_setrlimit()
143 unsigned int mask = 0; in __aa_transition_rlimits() local
155 if (old->rlimits.mask) { in __aa_transition_rlimits()
158 for (j = 0, mask = 1; j < RLIM_NLIMITS; j++, in __aa_transition_rlimits()
159 mask <<= 1) { in __aa_transition_rlimits()
160 if (old->rlimits.mask & mask) { in __aa_transition_rlimits()
174 if (!new->rlimits.mask) in __aa_transition_rlimits()
176 for (j = 0, mask = 1; j < RLIM_NLIMITS; j++, mask <<= 1) { in __aa_transition_rlimits()
177 if (!(new->rlimits.mask & mask)) in __aa_transition_rlimits()
Dlib.c203 void aa_perm_mask_to_str(char *str, size_t str_size, const char *chrs, u32 mask) in aa_perm_mask_to_str() argument
209 if (mask & perm) { in aa_perm_mask_to_str()
222 u32 mask) in aa_audit_perm_names() argument
229 if (mask & perm) { in aa_audit_perm_names()
239 void aa_audit_perm_mask(struct audit_buffer *ab, u32 mask, const char *chrs, in aa_audit_perm_mask() argument
245 if ((mask & chrsmask) && chrs) { in aa_audit_perm_mask()
246 aa_perm_mask_to_str(str, sizeof(str), chrs, mask & chrsmask); in aa_audit_perm_mask()
247 mask &= ~chrsmask; in aa_audit_perm_mask()
249 if (mask & namesmask) in aa_audit_perm_mask()
252 if ((mask & namesmask) && names) in aa_audit_perm_mask()
[all …]
Dipc.c26 static void audit_ptrace_mask(struct audit_buffer *ab, u32 mask) in audit_ptrace_mask() argument
28 switch (mask) { in audit_ptrace_mask()
149 static void audit_signal_mask(struct audit_buffer *ab, u32 mask) in audit_signal_mask() argument
151 if (mask & MAY_READ) in audit_signal_mask()
153 if (mask & MAY_WRITE) in audit_signal_mask()
Dlsm.c193 static int common_perm(const char *op, const struct path *path, u32 mask, in common_perm() argument
201 error = aa_path_perm(op, label, path, 0, mask, cond); in common_perm()
215 static int common_perm_cond(const char *op, const struct path *path, u32 mask) in common_perm_cond() argument
224 return common_perm(op, path, mask, &cond); in common_perm_cond()
238 struct dentry *dentry, u32 mask, in common_perm_dir_dentry() argument
243 return common_perm(op, &path, mask, cond); in common_perm_dir_dentry()
256 struct dentry *dentry, u32 mask) in common_perm_rm() argument
267 return common_perm_dir_dentry(op, dir, dentry, mask, &cond); in common_perm_rm()
281 struct dentry *dentry, u32 mask, umode_t mode) in common_perm_create() argument
288 return common_perm_dir_dentry(op, dir, dentry, mask, &cond); in common_perm_create()
[all …]
Dfile.c25 static u32 map_mask_to_chr_mask(u32 mask) in map_mask_to_chr_mask() argument
27 u32 m = mask & PERMS_CHRS_MASK; in map_mask_to_chr_mask()
29 if (mask & AA_MAY_GETATTR) in map_mask_to_chr_mask()
31 if (mask & (AA_MAY_SETATTR | AA_MAY_CHMOD | AA_MAY_CHOWN)) in map_mask_to_chr_mask()
42 static void audit_file_mask(struct audit_buffer *ab, u32 mask) in audit_file_mask() argument
47 map_mask_to_chr_mask(mask)); in audit_file_mask()
120 u32 mask = perms->audit; in aa_audit_file() local
123 mask = 0xffff; in aa_audit_file()
126 aad(&sa)->request &= mask; in aa_audit_file()
Dpolicy.c680 int aa_may_manage_policy(struct aa_label *label, struct aa_ns *ns, u32 mask) in aa_may_manage_policy() argument
684 if (mask & AA_MAY_REMOVE_POLICY) in aa_may_manage_policy()
686 else if (mask & AA_MAY_REPLACE_POLICY) in aa_may_manage_policy()
857 u32 mask, struct aa_loaddata *udata) in aa_replace_profiles() argument
867 op = mask & AA_MAY_REPLACE_POLICY ? OP_PROF_REPL : OP_PROF_LOAD; in aa_replace_profiles()
933 !(mask & AA_MAY_REPLACE_POLICY), in aa_replace_profiles()
940 !(mask & AA_MAY_REPLACE_POLICY), in aa_replace_profiles()
Dmount.c140 u32 mask = perms->audit; in audit_mount() local
143 mask = 0xffff; in audit_mount()
146 request &= mask; in audit_mount()
Dapparmorfs.c413 static ssize_t policy_update(u32 mask, const char __user *buf, size_t size, in policy_update() argument
425 error = aa_may_manage_policy(label, ns, mask); in policy_update()
432 error = aa_replace_profiles(ns, label, mask, data); in policy_update()
581 __poll_t mask = 0; in ns_revision_poll() local
587 mask |= EPOLLIN | EPOLLRDNORM; in ns_revision_poll()
591 return mask; in ns_revision_poll()
/security/apparmor/include/
Dfile.h114 static inline u16 dfa_map_xindex(u16 mask) in dfa_map_xindex() argument
116 u16 old_index = (mask >> 10) & 0xf; in dfa_map_xindex()
119 if (mask & 0x100) in dfa_map_xindex()
121 if (mask & 0x200) in dfa_map_xindex()
123 if (mask & 0x80) in dfa_map_xindex()
Dperms.h137 u32 mask);
139 u32 mask);
140 void aa_audit_perm_mask(struct audit_buffer *ab, u32 mask, const char *chrs,
Dresource.h29 unsigned int mask; member
Dpolicy.h193 u32 mask, struct aa_loaddata *udata);
307 u32 mask);
/security/integrity/ima/
Dima_policy.c68 int mask; member
115 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
117 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
119 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
127 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
129 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
131 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
134 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
372 enum ima_hooks func, int mask) in ima_match_rules() argument
385 (rule->mask != mask && func != POST_SETATTR)) in ima_match_rules()
[all …]
Dima.h209 int mask, enum ima_hooks func, int *pcr,
211 int ima_must_measure(struct inode *inode, int mask, enum ima_hooks func);
233 enum ima_hooks func, int mask, int flags, int *pcr,
261 int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func);
282 static inline int ima_must_appraise(struct inode *inode, int mask, in ima_must_appraise() argument
Dima_main.c193 u32 secid, char *buf, loff_t size, int mask, in process_measurement() argument
217 action = ima_get_action(inode, cred, secid, mask, func, &pcr, in process_measurement()
352 if ((mask & MAY_WRITE) && test_bit(IMA_DIGSIG, &iint->atomic_flags) && in process_measurement()
433 int ima_file_check(struct file *file, int mask) in ima_file_check() argument
439 mask & (MAY_READ | MAY_WRITE | MAY_EXEC | in ima_file_check()
Dima_api.c185 int mask, enum ima_hooks func, int *pcr, in ima_get_action() argument
192 return ima_match_policy(inode, cred, secid, func, mask, flags, pcr, in ima_get_action()
Dima_appraise.c48 int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func) in ima_must_appraise() argument
56 return ima_match_policy(inode, current_cred(), secid, func, mask, in ima_must_appraise()
/security/selinux/ss/
Davtab.c32 static inline int avtab_hash(struct avtab_key *keyp, u32 mask) in avtab_hash() argument
65 return hash & mask; in avtab_hash()
115 hvalue = avtab_hash(key, h->mask); in avtab_insert()
159 hvalue = avtab_hash(key, h->mask); in avtab_insert_nonunique()
190 hvalue = avtab_hash(key, h->mask); in avtab_search()
226 hvalue = avtab_hash(key, h->mask); in avtab_search_node()
299 h->mask = 0; in avtab_destroy()
312 u32 mask = 0; in avtab_alloc() local
329 mask = nslot - 1; in avtab_alloc()
338 h->mask = mask; in avtab_alloc()
Dpolicydb.h180 u32 mask; member
184 u32 mask[4]; member
Davtab.h87 u32 mask; /* mask to compute hash func */ member
Dservices.c508 u32 mask = (1 << index); in security_dump_masked_av() local
510 if ((mask & permissions) == 0) in security_dump_masked_av()
2489 static int match_ipv6_addrmask(u32 *input, u32 *addr, u32 *mask) in match_ipv6_addrmask() argument
2494 if (addr[i] != (input[i] & mask[i])) { in match_ipv6_addrmask()
2535 if (c->u.node.addr == (addr & c->u.node.mask)) in security_node_sid()
2549 c->u.node6.mask)) in security_node_sid()
/security/smack/
Dsmackfs.c1133 struct in_addr mask; in smk_write_net4addr() local
1205 mask.s_addr = cpu_to_be32(temp_mask); in smk_write_net4addr()
1207 newname.sin_addr.s_addr &= mask.s_addr; in smk_write_net4addr()
1232 snp->smk_mask.s_addr = mask.s_addr; in smk_write_net4addr()
1399 unsigned int mask = 128; in smk_write_net6addr() local
1428 &mask, smack); in smk_write_net6addr()
1439 if (mask > 128) { in smk_write_net6addr()
1470 for (i = 0, m = mask; i < 8; i++) { in smk_write_net6addr()
1491 if (mask != snp->smk_masks) in smk_write_net6addr()
1510 snp->smk_masks = mask; in smk_write_net6addr()
Dsmack_lsm.c1171 static int smack_inode_permission(struct inode *inode, int mask) in smack_inode_permission() argument
1175 int no_block = mask & MAY_NOT_BLOCK; in smack_inode_permission()
1178 mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND); in smack_inode_permission()
1182 if (mask == 0) in smack_inode_permission()
1195 rc = smk_curacc(smk_of_inode(inode), mask, &ad); in smack_inode_permission()
1196 rc = smk_bu_inode(inode, mask, rc); in smack_inode_permission()
/security/selinux/
Dhooks.c1981 static inline u32 file_mask_to_av(int mode, int mask) in file_mask_to_av() argument
1986 if (mask & MAY_EXEC) in file_mask_to_av()
1988 if (mask & MAY_READ) in file_mask_to_av()
1991 if (mask & MAY_APPEND) in file_mask_to_av()
1993 else if (mask & MAY_WRITE) in file_mask_to_av()
1997 if (mask & MAY_EXEC) in file_mask_to_av()
1999 if (mask & MAY_WRITE) in file_mask_to_av()
2001 if (mask & MAY_READ) in file_mask_to_av()
2970 static int selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mask) in selinux_inode_mkdir() argument
3039 static int selinux_inode_permission(struct inode *inode, int mask) in selinux_inode_permission() argument
[all …]
/security/
Dsecurity.c907 int security_path_notify(const struct path *path, u64 mask, in security_path_notify() argument
910 return call_int_hook(path_notify, 0, path, mask, obj_type); in security_path_notify()
1199 int security_inode_permission(struct inode *inode, int mask) in security_inode_permission() argument
1203 return call_int_hook(inode_permission, 0, inode, mask); in security_inode_permission()
1372 int security_file_permission(struct file *file, int mask) in security_file_permission() argument
1376 ret = call_int_hook(file_permission, 0, file, mask); in security_file_permission()
1380 return fsnotify_perm(file, mask); in security_file_permission()

12