| /security/tomoyo/ |
| D | condition.c | 40 result = tomoyo_path_matches_pattern(&arg, argv->value); in tomoyo_argv()
66 struct tomoyo_path_info value; in tomoyo_envp() local
70 value.name = env_value; in tomoyo_envp()
71 tomoyo_fill_path_info(&value); in tomoyo_envp()
78 if (envp->value) { in tomoyo_envp()
79 result = tomoyo_path_matches_pattern(&value, in tomoyo_envp()
80 envp->value); in tomoyo_envp()
213 if ((!envp->value && !envp->is_not) || in tomoyo_scan_bprm()
214 (envp->value && envp->is_not)) in tomoyo_scan_bprm()
305 argv->value = tomoyo_get_dqword(right); in tomoyo_parse_argv()
[all …]
|
| D | Kconfig | 24 This is the default value for maximal ACL entries
37 This is the default value for maximal entries for
40 If you don't need audit logs, you may set this value to 0.
|
| D | util.c | 225 const unsigned long value, const u8 type) in tomoyo_print_ulong() argument
228 snprintf(buffer, buffer_len, "%lu", value); in tomoyo_print_ulong()
230 snprintf(buffer, buffer_len, "0%lo", value); in tomoyo_print_ulong()
232 snprintf(buffer, buffer_len, "0x%lX", value); in tomoyo_print_ulong()
|
| D | common.h | 609 const struct tomoyo_path_info *value; member
616 const struct tomoyo_path_info *value; member
929 bool tomoyo_compare_number_union(const unsigned long value,
962 const char *tomoyo_yesno(const unsigned int value);
1062 const unsigned long value, const u8 type);
|
| D | file.c | 112 bool tomoyo_compare_number_union(const unsigned long value, in tomoyo_compare_number_union() argument
116 return tomoyo_number_matches_group(value, value, ptr->group); in tomoyo_compare_number_union()
117 return value >= ptr->values[0] && value <= ptr->values[1]; in tomoyo_compare_number_union()
|
| D | common.c | 182 const char *tomoyo_yesno(const unsigned int value) in tomoyo_yesno() argument
184 return value ? "yes" : "no"; in tomoyo_yesno()
594 static int tomoyo_set_mode(char *name, const char *value, in tomoyo_set_mode() argument
629 if (strstr(value, "use_default")) { in tomoyo_set_mode()
635 if (strstr(value, tomoyo_mode[mode])) in tomoyo_set_mode()
642 switch (tomoyo_find_yesno(value, "grant_log")) { in tomoyo_set_mode()
650 switch (tomoyo_find_yesno(value, "reject_log")) { in tomoyo_set_mode()
1301 argv->value->name); in tomoyo_print_condition()
1311 if (envp->value) { in tomoyo_print_condition()
1313 tomoyo_set_string(head, envp->value->name); in tomoyo_print_condition()
|
| D | gc.c | 303 tomoyo_put_name(argv->value); in tomoyo_del_condition()
306 tomoyo_put_name(envp->value); in tomoyo_del_condition()
|
| /security/selinux/ss/ |
| D | policydb.h | 42 u32 value; /* permission bit + 1 */ member
47 u32 value; /* internal common value */ member
53 u32 value; /* class value */ member
77 u32 value; /* internal role value */ member
110 u32 value; /* internal type value */ member
118 u32 value; /* internal user value */ member
134 u32 value; /* internal category bit + 1 */ member
146 __u32 value; /* internal type value */ member
|
| D | policydb.c | 382 role->value = ++p->p_roles.nprim; in roles_init()
383 if (role->value != OBJECT_R_VAL) in roles_init()
537 if (!comdatum->value || comdatum->value > p->p_commons.nprim) in common_index()
540 p->sym_val_to_name[SYM_COMMONS][comdatum->value - 1] = key; in common_index()
552 if (!cladatum->value || cladatum->value > p->p_classes.nprim) in class_index()
555 p->sym_val_to_name[SYM_CLASSES][cladatum->value - 1] = key; in class_index()
556 p->class_val_to_struct[cladatum->value - 1] = cladatum; in class_index()
567 if (!role->value in role_index()
568 || role->value > p->p_roles.nprim in role_index()
572 p->sym_val_to_name[SYM_ROLES][role->value - 1] = key; in role_index()
[all …]
|
| D | mls.c | 320 catdatum->value - 1, 1); in mls_context_to_sid()
332 if (catdatum->value >= rngdatum->value) in mls_context_to_sid()
335 for (i = catdatum->value; i < rngdatum->value; i++) { in mls_context_to_sid()
478 catdatum->value - 1, 1); in mls_convert_context()
|
| D | conditional.c | 200 if (!booldatum->value || booldatum->value > p->p_bools.nprim) in cond_index_bool()
203 p->sym_val_to_name[SYM_BOOLS][booldatum->value - 1] = key; in cond_index_bool()
204 p->bool_val_to_struct[booldatum->value - 1] = booldatum; in cond_index_bool()
232 booldatum->value = le32_to_cpu(buf[0]); in cond_read_bool()
500 buf[0] = cpu_to_le32(booldatum->value); in cond_write_bool()
|
| D | services.c | 133 p_out->value = string_to_security_class(pol, p_in->name); in selinux_set_mapping()
134 if (!p_out->value) { in selinux_set_mapping()
151 p_out->perms[k] = string_to_av_perm(pol, p_out->value, in selinux_set_mapping()
185 return map->mapping[tclass].value; in unmap_class()
198 if (map->mapping[i].value == pol_value) in map_class()
446 BUG_ON(pdatum->value < 1 || pdatum->value > 32); in dump_masked_av_helper()
448 permission_names[pdatum->value - 1] = (char *)k; in dump_masked_av_helper()
1418 ctx->user = usrdatum->value; in string_to_context_struct()
1433 ctx->role = role->value; in string_to_context_struct()
1446 ctx->type = typdatum->value; in string_to_context_struct()
[all …]
|
| D | services.h | 15 u16 value; /* policy value for class */ member
|
| D | ebitmap.c | 259 int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) in ebitmap_set_bit() argument
267 if (value) { in ebitmap_set_bit()
302 if (!value) in ebitmap_set_bit()
|
| D | ebitmap.h | 129 int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value);
|
| /security/ |
| D | security.c | 987 &lsm_xattr->value, in security_inode_init_security()
998 for (xattr = new_xattrs; xattr->value != NULL; xattr++) in security_inode_init_security()
999 kfree(xattr->value); in security_inode_init_security()
1006 void **value, size_t *len) in security_old_inode_init_security() argument
1011 qstr, name, value, len); in security_old_inode_init_security()
1227 const void *value, size_t size, int flags) in security_inode_setxattr() argument
1237 ret = call_int_hook(inode_setxattr, 1, dentry, name, value, size, in security_inode_setxattr()
1241 ret = cap_inode_setxattr(dentry, name, value, size, flags); in security_inode_setxattr()
1244 ret = ima_inode_setxattr(dentry, name, value, size); in security_inode_setxattr()
1247 return evm_inode_setxattr(dentry, name, value, size); in security_inode_setxattr()
[all …]
|
| /security/apparmor/ |
| D | lsm.c | 576 char **value) in apparmor_getprocattr() argument
594 error = aa_getprocattr(label, value); in apparmor_getprocattr()
602 static int apparmor_setprocattr(const char *name, void *value, in apparmor_setprocattr() argument
605 char *command, *largs = NULL, *args = value; in apparmor_setprocattr()
619 memcpy(args, value, size); in apparmor_setprocattr()
632 arg_size = size - (args - (largs ? largs : (char *) value)); in apparmor_setprocattr()
1423 bool value; in param_set_aaintbool() local
1430 value = !!*((int *)kp->arg); in param_set_aaintbool()
1432 kp_local.arg = &value; in param_set_aaintbool()
1449 bool value; in param_get_aaintbool() local
[all …]
|
| D | resource.c | 53 unsigned long value, struct aa_label *peer, in audit_resource() argument
59 aad(&sa)->rlim.max = value; in audit_resource()
|
| D | Kconfig | 66 Set the default value of the apparmor.debug kernel parameter.
|
| D | domain.c | 315 char *value = NULL; in aa_xattrs_match() local
328 size = vfs_getxattr_alloc(d, profile->xattrs[i], &value, in aa_xattrs_match()
334 state = aa_dfa_match_len(profile->xmatch, state, value, in aa_xattrs_match()
360 kfree(value); in aa_xattrs_match()
|
| /security/selinux/ |
| D | Kconfig | 70 int "NSA SELinux checkreqprot default value"
75 This option sets the default value for the 'checkreqprot' flag
98 chain lengths are high (e.g. > 20) then selecting a higher value here
|
| D | hooks.c | 2905 void **value, size_t *len) in selinux_inode_init_security() argument
2938 if (value && len) { in selinux_inode_init_security()
2943 *value = context; in selinux_inode_init_security()
3132 const void *value, size_t size, int flags) in selinux_inode_setxattr() argument
3142 rc = cap_inode_setxattr(dentry, name, value, size, flags); in selinux_inode_setxattr()
3168 rc = security_context_to_sid(&selinux_state, value, size, &newsid, in selinux_inode_setxattr()
3177 if (value) { in selinux_inode_setxattr()
3178 const char *str = value; in selinux_inode_setxattr()
3190 audit_log_n_untrustedstring(ab, value, audit_size); in selinux_inode_setxattr()
3195 rc = security_context_to_sid_force(&selinux_state, value, in selinux_inode_setxattr()
[all …]
|
| /security/selinux/include/ |
| D | security.h | 124 static inline void enforcing_set(struct selinux_state *state, bool value) in enforcing_set() argument
126 state->enforcing = value; in enforcing_set()
134 static inline void enforcing_set(struct selinux_state *state, bool value) in enforcing_set() argument
|
| /security/smack/ |
| D | smack_lsm.c | 986 void **value, size_t *len) in smack_inode_init_security() argument
997 if (value && len) { in smack_inode_init_security()
1015 *value = kstrdup(isp->smk_known, GFP_NOFS); in smack_inode_init_security()
1016 if (*value == NULL) in smack_inode_init_security()
1257 const void *value, size_t size, int flags) in smack_inode_setxattr() argument
1282 strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0) in smack_inode_setxattr()
1285 rc = cap_inode_setxattr(dentry, name, value, size, flags); in smack_inode_setxattr()
1291 skp = size ? smk_import_entry(value, size) : NULL; in smack_inode_setxattr()
1322 const void *value, size_t size, int flags) in smack_inode_post_setxattr() argument
1333 skp = smk_import_entry(value, size); in smack_inode_post_setxattr()
[all …]
|
| /security/integrity/evm/ |
| D | Kconfig | 23 Default value is 'selected', which is former version 2.
|