| /security/apparmor/ |
| D | path.c | 120 struct path root; in d_namespace_path() local
121 get_fs_root(current->fs, &root); in d_namespace_path()
122 res = __d_path(path, &root, buf, buflen); in d_namespace_path()
123 path_put(&root); in d_namespace_path()
|
| D | policy_ns.c | 162 struct aa_ns *aa_findn_ns(struct aa_ns *root, const char *name, size_t n) in aa_findn_ns() argument
167 ns = aa_get_ns(__aa_findn_ns(&root->sub_ns, name, n)); in aa_findn_ns()
183 struct aa_ns *aa_find_ns(struct aa_ns *root, const char *name) in aa_find_ns() argument
185 return aa_findn_ns(root, name, strlen(name)); in aa_find_ns()
|
| D | apparmorfs.c | 1977 static struct aa_ns *__next_ns(struct aa_ns *root, struct aa_ns *ns) in __next_ns() argument
1981 AA_BUG(!root); in __next_ns()
1983 AA_BUG(ns != root && !mutex_is_locked(&ns->parent->lock)); in __next_ns()
1994 while (ns != root) { in __next_ns()
2016 static struct aa_profile *__first_profile(struct aa_ns *root, in __first_profile() argument
2019 AA_BUG(!root); in __first_profile()
2022 for (; ns; ns = __next_ns(root, ns)) { in __first_profile()
2078 static struct aa_profile *next_profile(struct aa_ns *root, in next_profile() argument
2086 return __first_profile(root, __next_ns(root, profile->ns)); in next_profile()
2101 struct aa_ns *root = aa_get_current_ns(); in p_start() local
[all …]
|
| D | domain.c | 1008 struct aa_profile *root, *hat = NULL; in build_change_hat() local
1013 root = aa_get_profile_rcu(&profile->parent); in build_change_hat()
1015 root = aa_get_profile(profile); in build_change_hat()
1022 hat = aa_find_child(root, name); in build_change_hat()
1034 aa_put_profile(root); in build_change_hat()
1056 struct aa_profile *profile, *root, *hat = NULL; in change_hat() local
1075 root = aa_get_profile_rcu(&profile->parent); in change_hat()
1077 root = aa_get_profile(profile); in change_hat()
1083 hat = aa_find_child(root, name); in change_hat()
1084 aa_put_profile(root); in change_hat()
|
| D | label.c | 578 rb_erase(&label->node, &ls->root); in __label_remove()
613 rb_replace_node(&old->node, &new->node, &ls->root); in __label_replace()
647 new = &ls->root.rb_node; in __label_insert()
674 rb_insert_color(&label->node, &ls->root); in __label_insert()
700 node = vec_labelset(vec, n)->root.rb_node; in __vec_find()
1125 node = ls->root.rb_node; in __label_find_merge()
1960 for (node = rb_first(&ls->root); node; node = rb_first(&ls->root)) { in aa_labelset_destroy()
1980 ls->root = RB_ROOT; in aa_labelset_init()
|
| /security/apparmor/include/ |
| D | policy_ns.h | 90 struct aa_ns *aa_find_ns(struct aa_ns *root, const char *name);
91 struct aa_ns *aa_findn_ns(struct aa_ns *root, const char *name, size_t n);
96 struct aa_ns *aa_prepare_ns(struct aa_ns *root, const char *name);
|
| D | label.h | 74 struct rb_root root; member
78 for ((N) = rb_first(&(LS)->root); (N); (N) = rb_next(N))
|
| /security/ |
| D | commoncap.c | 375 uid_t root, mappedroot; in cap_inode_getsecurity() local
413 root = le32_to_cpu(nscap->rootid); in cap_inode_getsecurity()
414 kroot = make_kuid(fs_ns, root); in cap_inode_getsecurity()
780 kuid_t root, bool has_fcap) in nonroot_raised_pE() argument
786 (__is_eff(root, new) || __is_real(root, new)) && in nonroot_raised_pE()
789 __is_suid(root, new) && in nonroot_raised_pE()
|
| D | Kconfig | 113 correctly. This level of protection requires a root of trust outside
|
| /security/loadpin/ |
| D | Kconfig | 11 have a root filesystem backed by a read-only device such as
|
| /security/integrity/evm/ |
| D | Kconfig | 54 When this option is enabled, root can add additional xattrs to the
|
| /security/selinux/ |
| D | hooks.c | 540 struct dentry *root = sb->s_root; in sb_finish_set_opts() local
541 struct inode *root_inode = d_backing_inode(root); in sb_finish_set_opts()
557 rc = __vfs_getxattr(root, root_inode, XATTR_NAME_SELINUX, NULL, in sb_finish_set_opts()
585 rc = inode_doinit_with_dentry(root_inode, root); in sb_finish_set_opts()
654 struct dentry *root = sbsec->sb->s_root; in selinux_set_mnt_opts() local
697 root_isec = backing_inode_security_novalidate(root); in selinux_set_mnt_opts()
1133 struct dentry *root = sbsec->sb->s_root; in selinux_sb_show_options() local
1134 struct inode_security_struct *isec = backing_inode_security(root); in selinux_sb_show_options()
|
| /security/integrity/ima/ |
| D | Kconfig | 144 This option allows the root user to see the current policy rules.
|
| /security/keys/ |
| D | keyring.c | 736 ptr = READ_ONCE(keyring->keys.root); in search_nested_keyrings()
|
| /security/smack/ |
| D | smack_lsm.c | 783 struct dentry *root = sb->s_root; in smack_set_mnt_opts() local
784 struct inode *inode = d_backing_inode(root); in smack_set_mnt_opts()
|