| /security/tomoyo/ |
| D | file.c | 258 if (acl->perm & (1 << r->param.path.operation)) { in tomoyo_check_path_acl()
281 return (acl->perm & (1 << r->param.path_number.operation)) && in tomoyo_check_path_number_acl()
302 return (acl->perm & (1 << r->param.path2.operation)) && in tomoyo_check_path2_acl()
322 return (acl->perm & (1 << r->param.mkdev.operation)) && in tomoyo_check_mkdev_acl()
364 ->perm; in tomoyo_merge_path_acl()
365 u16 perm = *a_perm; in tomoyo_merge_path_acl() local
366 const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm; in tomoyo_merge_path_acl()
369 perm &= ~b_perm; in tomoyo_merge_path_acl()
371 perm |= b_perm; in tomoyo_merge_path_acl()
372 *a_perm = perm; in tomoyo_merge_path_acl()
[all …]
|
| D | network.c | 235 &container_of(a, struct tomoyo_inet_acl, head)->perm; in tomoyo_merge_inet_acl()
236 u8 perm = *a_perm; in tomoyo_merge_inet_acl() local
237 const u8 b_perm = container_of(b, struct tomoyo_inet_acl, head)->perm; in tomoyo_merge_inet_acl()
240 perm &= ~b_perm; in tomoyo_merge_inet_acl()
242 perm |= b_perm; in tomoyo_merge_inet_acl()
243 *a_perm = perm; in tomoyo_merge_inet_acl()
244 return !perm; in tomoyo_merge_inet_acl()
261 &container_of(a, struct tomoyo_unix_acl, head)->perm; in tomoyo_merge_unix_acl()
262 u8 perm = *a_perm; in tomoyo_merge_unix_acl() local
263 const u8 b_perm = container_of(b, struct tomoyo_unix_acl, head)->perm; in tomoyo_merge_unix_acl()
[all …]
|
| D | util.c | 1034 u16 perm; in tomoyo_domain_quota_is_ok() local
1041 perm = container_of(ptr, struct tomoyo_path_acl, head) in tomoyo_domain_quota_is_ok()
1042 ->perm; in tomoyo_domain_quota_is_ok()
1045 perm = container_of(ptr, struct tomoyo_path2_acl, head) in tomoyo_domain_quota_is_ok()
1046 ->perm; in tomoyo_domain_quota_is_ok()
1049 perm = container_of(ptr, struct tomoyo_path_number_acl, in tomoyo_domain_quota_is_ok()
1050 head)->perm; in tomoyo_domain_quota_is_ok()
1053 perm = container_of(ptr, struct tomoyo_mkdev_acl, in tomoyo_domain_quota_is_ok()
1054 head)->perm; in tomoyo_domain_quota_is_ok()
1057 perm = container_of(ptr, struct tomoyo_inet_acl, in tomoyo_domain_quota_is_ok()
[all …]
|
| D | common.c | 1408 const u16 perm = ptr->perm; in tomoyo_print_entry() local
1411 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1439 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1442 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1460 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1463 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1481 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1484 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1504 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1507 if (!(perm & (1 << bit))) in tomoyo_print_entry()
[all …]
|
| D | common.h | 711 u16 perm; /* Bitmask of values in "enum tomoyo_path_acl_index". */ member
722 u8 perm; member
730 u8 perm; /* Bitmask of values in "enum tomoyo_mkdev_acl_index". */ member
742 u8 perm; /* Bitmask of values in "enum tomoyo_path2_acl_index". */ member
766 u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ member
775 u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ member
|
| D | tomoyo.c | 224 const unsigned int perm = mode & S_IALLUGO; in tomoyo_path_mknod() local
236 return tomoyo_mkdev_perm(type, &path, perm, dev); in tomoyo_path_mknod()
246 return tomoyo_path_number_perm(type, &path, perm); in tomoyo_path_mknod()
|
| /security/keys/ |
| D | permission.c | 27 unsigned perm) in key_task_permission() argument
37 kperm = key->perm >> 16; in key_task_permission()
43 if (gid_valid(key->gid) && key->perm & KEY_GRP_ALL) { in key_task_permission()
45 kperm = key->perm >> 8; in key_task_permission()
51 kperm = key->perm >> 8; in key_task_permission()
57 kperm = key->perm; in key_task_permission()
65 kperm |= key->perm >> 24; in key_task_permission()
67 kperm = kperm & perm & KEY_NEED_ALL; in key_task_permission()
69 if (kperm != perm) in key_task_permission()
73 return security_key_permission(key_ref, cred, perm); in key_task_permission()
|
| D | key.c | 226 key_perm_t perm, unsigned long flags, in key_alloc() argument
295 key->perm = perm; in key_alloc()
813 key_perm_t perm, in key_create_or_update() argument
911 if (perm == KEY_PERM_UNDEF) { in key_create_or_update()
912 perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; in key_create_or_update()
913 perm |= KEY_USR_VIEW; in key_create_or_update()
916 perm |= KEY_POS_READ; in key_create_or_update()
920 perm |= KEY_POS_WRITE; in key_create_or_update()
925 cred->fsuid, cred->fsgid, cred, perm, flags, NULL); in key_create_or_update()
|
| D | request_key.c | 374 key_perm_t perm; in construct_alloc_key() local
384 perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; in construct_alloc_key()
385 perm |= KEY_USR_VIEW; in construct_alloc_key()
387 perm |= KEY_POS_READ; in construct_alloc_key()
390 perm |= KEY_POS_WRITE; in construct_alloc_key()
394 perm, flags, NULL); in construct_alloc_key()
|
| D | internal.h | 182 key_perm_t perm);
187 static inline int key_permission(const key_ref_t key_ref, unsigned perm) in key_permission() argument
189 return key_task_permission(key_ref, current_cred(), perm); in key_permission()
|
| D | process_keys.c | 612 key_perm_t perm) in lookup_user_key() argument
787 if (perm) in lookup_user_key()
792 } else if (perm) { in lookup_user_key()
804 ret = key_task_permission(key_ref, ctx.cred, perm); in lookup_user_key()
|
| D | proc.c | 178 if (key->perm & KEY_POS_VIEW) { in proc_keys_show()
235 key->perm, in proc_keys_show()
|
| D | keyctl.c | 685 key->perm); in keyctl_describe_key()
997 long keyctl_setperm_key(key_serial_t id, key_perm_t perm) in keyctl_setperm_key() argument
1004 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) in keyctl_setperm_key()
1022 key->perm = perm; in keyctl_setperm_key()
|
| D | gc.c | 223 key->perm = 0; in key_garbage_collector()
|
| /security/integrity/ |
| D | digsig.c | 98 key_perm_t perm, in __integrity_init_keyring() argument
105 KGIDT_INIT(0), cred, perm, in __integrity_init_keyring()
123 key_perm_t perm; in integrity_init_keyring() local
125 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW in integrity_init_keyring()
141 perm |= KEY_USR_WRITE; in integrity_init_keyring()
144 return __integrity_init_keyring(id, perm, restriction); in integrity_init_keyring()
148 off_t size, key_perm_t perm) in integrity_add_key() argument
157 NULL, data, size, perm, in integrity_add_key()
177 key_perm_t perm; in integrity_load_x509() local
186 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW | KEY_USR_READ; in integrity_load_x509()
[all …]
|
| D | integrity.h | 162 const void *data, size_t len, key_perm_t perm);
186 key_perm_t perm) in integrity_load_cert() argument
|
| /security/selinux/ |
| D | nlmsgtab.c | 25 u32 perm; member
144 static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize) in nlmsg_perm() argument
150 *perm = tab[i].perm; in nlmsg_perm()
158 int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) in selinux_nlmsg_lookup() argument
170 err = nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms, in selinux_nlmsg_lookup()
175 err = nlmsg_perm(nlmsg_type, perm, nlmsg_tcpdiag_perms, in selinux_nlmsg_lookup()
185 err = nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms, in selinux_nlmsg_lookup()
194 *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; in selinux_nlmsg_lookup()
196 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, in selinux_nlmsg_lookup()
210 static void nlmsg_set_getlink_perm(u32 perm) in nlmsg_set_getlink_perm() argument
[all …]
|
| D | avc.c | 198 u8 perm, u8 which) in avc_xperms_has_perm() argument
204 rc = security_xperm_test(xpd->allowed->p, perm); in avc_xperms_has_perm()
207 rc = security_xperm_test(xpd->auditallow->p, perm); in avc_xperms_has_perm()
210 rc = security_xperm_test(xpd->dontaudit->p, perm); in avc_xperms_has_perm()
215 u8 driver, u8 perm) in avc_xperms_allow_perm() argument
221 security_xperm_set(xpd->allowed->p, perm); in avc_xperms_allow_perm()
272 static inline void avc_quick_copy_xperms_decision(u8 perm, in avc_quick_copy_xperms_decision() argument
280 u8 i = perm >> 5; in avc_quick_copy_xperms_decision()
386 u8 perm, in avc_xperms_audit_required() argument
396 if (avc_xperms_has_perm(xpd, perm, XPERMS_DONTAUDIT)) in avc_xperms_audit_required()
[all …]
|
| D | netlabel.c | 435 u32 perm; in selinux_netlbl_sock_rcv_skb() local
454 perm = UDP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb()
457 perm = TCP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb()
460 perm = RAWIP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb()
464 sksec->sid, nlbl_sid, sksec->sclass, perm, ad); in selinux_netlbl_sock_rcv_skb()
|
| D | hooks.c | 1603 u32 perm = 0; in signal_to_av() local
1608 perm = PROCESS__SIGCHLD; in signal_to_av()
1612 perm = PROCESS__SIGKILL; in signal_to_av()
1616 perm = PROCESS__SIGSTOP; in signal_to_av()
1620 perm = PROCESS__SIGNAL; in signal_to_av()
1624 return perm; in signal_to_av()
3288 u32 perm; in selinux_path_notify() local
3301 perm = FILE__WATCH_MOUNT; in selinux_path_notify()
3304 perm = FILE__WATCH_SB; in selinux_path_notify()
3311 perm = FILE__WATCH; in selinux_path_notify()
[all …]
|
| /security/integrity/platform_certs/ |
| D | platform_keyring.c | 29 key_perm_t perm; in add_to_platform_keyring() local
32 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW; in add_to_platform_keyring()
35 perm); in add_to_platform_keyring()
|
| /security/apparmor/ |
| D | lib.c | 205 unsigned int i, perm = 1; in aa_perm_mask_to_str() local
208 for (i = 0; i < num_chrs; perm <<= 1, i++) { in aa_perm_mask_to_str()
209 if (mask & perm) { in aa_perm_mask_to_str()
225 unsigned int i, perm = 1; in aa_audit_perm_names() local
228 for (i = 0; i < 32; perm <<= 1, i++) { in aa_audit_perm_names()
229 if (mask & perm) { in aa_audit_perm_names()
|
| D | domain.c | 331 u32 perm; in aa_xattrs_match() local
336 perm = dfa_user_allow(profile->xmatch, state); in aa_xattrs_match()
337 if (!(perm & MAY_EXEC)) { in aa_xattrs_match()
412 u32 perm; in find_attach() local
416 perm = dfa_user_allow(profile->xmatch, state); in find_attach()
418 if (perm & MAY_EXEC) { in find_attach()
|
| /security/smack/ |
| D | smackfs.c | 262 int perm = 0; in smk_perm_from_str() local
271 perm |= MAY_READ; in smk_perm_from_str()
275 perm |= MAY_WRITE; in smk_perm_from_str()
279 perm |= MAY_EXEC; in smk_perm_from_str()
283 perm |= MAY_APPEND; in smk_perm_from_str()
287 perm |= MAY_TRANSMUTE; in smk_perm_from_str()
291 perm |= MAY_LOCK; in smk_perm_from_str()
295 perm |= MAY_BRINGUP; in smk_perm_from_str()
298 return perm; in smk_perm_from_str()
|
| /security/selinux/include/ |
| D | avc.h | 159 u8 driver, u8 perm, struct common_audit_data *ad);
|