| /security/apparmor/ |
| D | path.c | 48 static int disconnect(const struct path *path, char *buf, char **name, in disconnect() argument
60 if (**name == '/') in disconnect()
61 *name = *name + 1; in disconnect()
63 if (**name != '/') in disconnect()
65 error = prepend(name, *name - buf, "/", 1); in disconnect()
67 error = prepend(name, *name - buf, disconnected, in disconnect()
88 static int d_namespace_path(const struct path *path, char *buf, char **name, in d_namespace_path() argument
100 *name = res; in d_namespace_path()
102 *name = buf; in d_namespace_path()
106 strncmp(*name, "/sys/", 5) == 0) { in d_namespace_path()
[all …]
|
| D | lib.c | 44 char *name = strim(fqname); in aa_split_fqname() local
47 if (name[0] == ':') { in aa_split_fqname()
48 char *split = strchr(&name[1], ':'); in aa_split_fqname()
49 *ns_name = skip_spaces(&name[1]); in aa_split_fqname()
55 name = skip_spaces(split); in aa_split_fqname()
58 name = NULL; in aa_split_fqname()
60 if (name && *name == 0) in aa_split_fqname()
61 name = NULL; in aa_split_fqname()
63 return name; in aa_split_fqname()
87 const char *name = skipn_spaces(fqname, n); in aa_splitn_fqname() local
[all …]
|
| D | policy_ns.c | 87 static struct aa_ns *alloc_ns(const char *prefix, const char *name) in alloc_ns() argument
95 if (!aa_policy_init(&ns->base, prefix, name, GFP_KERNEL)) in alloc_ns()
162 struct aa_ns *aa_findn_ns(struct aa_ns *root, const char *name, size_t n) in aa_findn_ns() argument
167 ns = aa_get_ns(__aa_findn_ns(&root->sub_ns, name, n)); in aa_findn_ns()
183 struct aa_ns *aa_find_ns(struct aa_ns *root, const char *name) in aa_find_ns() argument
185 return aa_findn_ns(root, name, strlen(name)); in aa_find_ns()
231 struct aa_ns *aa_lookupn_ns(struct aa_ns *view, const char *name, size_t n) in aa_lookupn_ns() argument
236 ns = aa_get_ns(__aa_lookupn_ns(view, name, n)); in aa_lookupn_ns()
242 static struct aa_ns *__aa_create_ns(struct aa_ns *parent, const char *name, in __aa_create_ns() argument
249 AA_BUG(!name); in __aa_create_ns()
[all …]
|
| D | procattr.c | 80 char *name; in split_token_from_name() local
82 *token = simple_strtoull(args, &name, 16); in split_token_from_name()
83 if ((name == args) || *name != '^') { in split_token_from_name()
88 name++; /* skip ^ */ in split_token_from_name()
89 if (!*name) in split_token_from_name()
90 name = NULL; in split_token_from_name()
91 return name; in split_token_from_name()
|
| D | policy_unpack.c | 85 if (aad(sa)->name) { in audit_cb()
87 audit_log_untrustedstring(ab, aad(sa)->name); in audit_cb()
105 const char *name, const char *info, struct aa_ext *e, in audit_iface() argument
114 aad(&sa)->name = new->base.hname; in audit_iface()
116 aad(&sa)->name = name; in audit_iface()
164 kzfree(d->name); in do_loaddata_free()
266 static bool unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name) in unpack_nameX() argument
280 if (name && (!size || tag[size-1] != '\0' || strcmp(name, tag))) in unpack_nameX()
282 } else if (name) { in unpack_nameX()
296 static bool unpack_u8(struct aa_ext *e, u8 *data, const char *name) in unpack_u8() argument
[all …]
|
| D | policy.c | 307 const char *name, int len) in __strn_find_child() argument
309 return (struct aa_profile *)__policy_strn_find(head, name, len); in __strn_find_child()
321 static struct aa_profile *__find_child(struct list_head *head, const char *name) in __find_child() argument
323 return __strn_find_child(head, name, strlen(name)); in __find_child()
333 struct aa_profile *aa_find_child(struct aa_profile *parent, const char *name) in aa_find_child() argument
339 profile = __find_child(&parent->base.profiles, name); in aa_find_child()
461 const char *name, *ns_name; in aa_fqlookupn_profile() local
464 name = aa_splitn_fqname(fqname, n, &ns_name, &ns_len); in aa_fqlookupn_profile()
472 if (name) in aa_fqlookupn_profile()
473 profile = aa_lookupn_profile(ns, name, n - (name - fqname)); in aa_fqlookupn_profile()
[all …]
|
| D | domain.c | 383 const char *name, const char **info) in find_attach() argument
389 AA_BUG(!name); in find_attach()
415 name, &count); in find_attach()
467 } else if (!strcmp(profile->base.name, name)) { in find_attach()
491 static const char *next_name(int xtype, const char *name) in next_name() argument
505 const char **name) in x_table_lookup() argument
511 AA_BUG(!name); in x_table_lookup()
517 for (*name = profile->file.trans.table[index]; !label && *name; in x_table_lookup()
518 *name = next_name(xtype, *name)) { in x_table_lookup()
522 new_profile = aa_find_child(profile, *name); in x_table_lookup()
[all …]
|
| D | apparmorfs.c | 75 static int mangle_name(const char *name, char *target) in mangle_name() argument
79 while (*name == '/' || *name == '.') in mangle_name()
80 name++; in mangle_name()
83 for (; *name; name++) { in mangle_name()
84 if (*name == '/') in mangle_name()
86 else if (isspace(*name)) in mangle_name()
88 else if (isalnum(*name) || strchr("._-", *name)) in mangle_name()
89 *(t)++ = *name; in mangle_name()
95 for (; *name; name++) { in mangle_name()
96 if (isalnum(*name) || isspace(*name) || in mangle_name()
[all …]
|
| /security/apparmor/include/ |
| D | policy_ns.h | 90 struct aa_ns *aa_find_ns(struct aa_ns *root, const char *name);
91 struct aa_ns *aa_findn_ns(struct aa_ns *root, const char *name, size_t n);
93 struct aa_ns *aa_lookupn_ns(struct aa_ns *view, const char *name, size_t n);
94 struct aa_ns *__aa_find_or_create_ns(struct aa_ns *parent, const char *name,
96 struct aa_ns *aa_prepare_ns(struct aa_ns *root, const char *name);
142 const char *name, size_t n) in __aa_findn_ns() argument
144 return (struct aa_ns *)__policy_strn_find(head, name, n); in __aa_findn_ns()
148 const char *name) in __aa_find_ns() argument
150 return __aa_findn_ns(head, name, strlen(name)); in __aa_find_ns()
159 static inline struct aa_ns *aa_lookup_ns(struct aa_ns *view, const char *name) in aa_lookup_ns() argument
[all …]
|
| D | apparmorfs.h | 27 const char *name; member
43 { .name = (_name), .mode = 0444, \
47 { .name = (_name), .mode = 0444, \
51 { .name = (_name), .mode = 0444, \
55 { .name = (_name), .v_type = AA_SFS_TYPE_FOPS, \
58 { .name = (_name), .v_type = AA_SFS_TYPE_DIR, .v.files = (_value) }
113 int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name,
|
| D | lib.h | 95 char name[]; member
99 ((struct counted_str *)(str - offsetof(struct counted_str, name)))
129 const char *name; member
162 const char *name) in __policy_find() argument
167 if (!strcmp(policy->name, name)) in __policy_find()
192 if (aa_strneq(policy->name, str, len)) in __policy_strn_find()
200 const char *name, gfp_t gfp);
|
| /security/tomoyo/ |
| D | realpath.c | 189 char name[64]; in tomoyo_get_local_path() local
193 name[sizeof(name) - 1] = '\0'; in tomoyo_get_local_path()
194 snprintf(name, sizeof(name) - 1, "dev(%u,%u):", MAJOR(dev), in tomoyo_get_local_path()
196 name_len = strlen(name); in tomoyo_get_local_path()
200 memmove(pos, name, name_len); in tomoyo_get_local_path()
206 const char *name = sb->s_type->name; in tomoyo_get_local_path() local
207 const int name_len = strlen(name); in tomoyo_get_local_path()
212 memmove(pos, name, name_len); in tomoyo_get_local_path()
238 char *name = NULL; in tomoyo_realpath_from_path() local
286 name = tomoyo_encode(pos); in tomoyo_realpath_from_path()
[all …]
|
| D | file.c | 82 tomoyo_compare_name_union(const struct tomoyo_path_info *name, in tomoyo_compare_name_union() argument
86 return tomoyo_path_matches_group(name, ptr->group); in tomoyo_compare_name_union()
87 if (tomoyo_path_matches_pattern(name, ptr->filename)) in tomoyo_compare_name_union()
137 strcat((char *) buf->name, "/"); in tomoyo_add_slash()
151 buf->name = tomoyo_realpath_from_path(path); in tomoyo_get_realpath()
152 if (buf->name) { in tomoyo_get_realpath()
170 r->param.path.filename->name); in tomoyo_audit_path_log()
184 r->param.path2.filename1->name, in tomoyo_audit_path2_log()
185 r->param.path2.filename2->name); in tomoyo_audit_path2_log()
200 r->param.mkdev.filename->name, in tomoyo_audit_mkdev_log()
[all …]
|
| D | memory.c | 152 const struct tomoyo_path_info *tomoyo_get_name(const char *name) in tomoyo_get_name() argument
159 if (!name) in tomoyo_get_name()
161 len = strlen(name) + 1; in tomoyo_get_name()
162 hash = full_name_hash(NULL, (const unsigned char *) name, len - 1); in tomoyo_get_name()
167 if (hash != ptr->entry.hash || strcmp(name, ptr->entry.name) || in tomoyo_get_name()
175 ptr->entry.name = ((char *) ptr) + sizeof(*ptr); in tomoyo_get_name()
176 memmove((char *) ptr->entry.name, name, len); in tomoyo_get_name()
201 tomoyo_kernel_namespace.name = "<kernel>"; in tomoyo_mm_init()
|
| D | domain.c | 202 static const char *tomoyo_last_word(const char *name) in tomoyo_last_word() argument
204 const char *cp = strrchr(name, ' '); in tomoyo_last_word()
208 return name; in tomoyo_last_word()
317 if (strcmp(ptr->domainname->name, last_name)) in tomoyo_scan_transition()
348 const char *last_name = tomoyo_last_word(domainname->name); in tomoyo_transition_type()
439 (const char *name, const unsigned int len) in tomoyo_find_namespace() argument
444 if (strncmp(name, ns->name, len) || in tomoyo_find_namespace()
445 (name[len] && name[len] != ' ')) in tomoyo_find_namespace()
483 char *name = (char *) (entry + 1); in tomoyo_assign_namespace() local
486 memmove(name, domainname, len); in tomoyo_assign_namespace()
[all …]
|
| D | securityfs_if.c | 55 struct tomoyo_path_info name; in tomoyo_write_self() local
58 name.name = data; in tomoyo_write_self()
59 tomoyo_fill_path_info(&name); in tomoyo_write_self()
63 r.param.task.domainname = &name; in tomoyo_write_self()
103 const char *domain = tomoyo_domain()->domainname->name; in tomoyo_read_self()
223 static void __init tomoyo_create_entry(const char *name, const umode_t mode, in tomoyo_create_entry() argument
226 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, in tomoyo_create_entry()
|
| D | environ.c | 24 return tomoyo_path_matches_pattern(r->param.environ.name, acl->env); in tomoyo_check_env_acl()
37 r->param.environ.name->name); in tomoyo_audit_env_log()
57 environ.name = env; in tomoyo_env_perm()
60 r->param.environ.name = &environ; in tomoyo_env_perm()
|
| D | util.c | 593 struct tomoyo_path_info name; in tomoyo_find_domain() local
595 name.name = domainname; in tomoyo_find_domain()
596 tomoyo_fill_path_info(&name); in tomoyo_find_domain()
600 !tomoyo_pathcmp(&name, domain->domainname)) in tomoyo_find_domain()
657 const char *name = ptr->name; in tomoyo_fill_path_info() local
658 const int len = strlen(name); in tomoyo_fill_path_info()
660 ptr->const_len = tomoyo_const_part_length(name); in tomoyo_fill_path_info()
661 ptr->is_dir = len && (name[len - 1] == '/'); in tomoyo_fill_path_info()
663 ptr->hash = full_name_hash(NULL, name, len); in tomoyo_fill_path_info()
918 const char *f = filename->name; in tomoyo_path_matches_pattern()
[all …]
|
| D | common.c | 376 namespace_list)->name); in tomoyo_print_namespace()
392 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_name_union()
394 tomoyo_set_string(head, ptr->filename->name); in tomoyo_print_name_union()
411 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_name_union_quoted()
414 tomoyo_set_string(head, ptr->filename->name); in tomoyo_print_name_union_quoted()
432 tomoyo_set_string(head, ptr->group->group_name->name); in tomoyo_print_number_union_nospace()
594 static int tomoyo_set_mode(char *name, const char *value, in tomoyo_set_mode() argument
600 if (!strcmp(name, "CONFIG")) { in tomoyo_set_mode()
603 } else if (tomoyo_str_starts(&name, "CONFIG::")) { in tomoyo_set_mode()
615 if (strncmp(name, category, len) || in tomoyo_set_mode()
[all …]
|
| /security/integrity/evm/ |
| D | evm_secfs.c | 144 size += strlen(xattr->name) + 1; in evm_read_xattrs()
153 sprintf(temp + offset, "%s\n", xattr->name); in evm_read_xattrs()
154 offset += strlen(xattr->name) + 1; in evm_read_xattrs()
203 xattr->name = memdup_user_nul(buf, count); in evm_write_xattrs()
204 if (IS_ERR(xattr->name)) { in evm_write_xattrs()
205 err = PTR_ERR(xattr->name); in evm_write_xattrs()
206 xattr->name = NULL; in evm_write_xattrs()
211 len = strlen(xattr->name); in evm_write_xattrs()
212 if (len && xattr->name[len-1] == '\n') in evm_write_xattrs()
213 xattr->name[len-1] = '\0'; in evm_write_xattrs()
[all …]
|
| D | evm_main.c | 38 {.name = XATTR_NAME_SELINUX},
41 {.name = XATTR_NAME_SMACK},
43 {.name = XATTR_NAME_SMACKEXEC},
44 {.name = XATTR_NAME_SMACKTRANSMUTE},
45 {.name = XATTR_NAME_SMACKMMAP},
49 {.name = XATTR_NAME_APPARMOR},
52 {.name = XATTR_NAME_IMA},
54 {.name = XATTR_NAME_CAPS},
76 pr_info("%s\n", evm_config_default_xattrnames[i].name); in evm_init_config()
103 error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0, in evm_find_protected_xattrs()
[all …]
|
| /security/ |
| D | inode.c | 71 .name = "securityfs",
107 static struct dentry *securityfs_create_dentry(const char *name, umode_t mode, in securityfs_create_dentry() argument
119 pr_debug("securityfs: creating file '%s'\n",name); in securityfs_create_dentry()
131 dentry = lookup_one_len2(name, mount, parent, strlen(name)); in securityfs_create_dentry()
200 struct dentry *securityfs_create_file(const char *name, umode_t mode, in securityfs_create_file() argument
204 return securityfs_create_dentry(name, mode, parent, data, fops, NULL); in securityfs_create_file()
228 struct dentry *securityfs_create_dir(const char *name, struct dentry *parent) in securityfs_create_dir() argument
230 return securityfs_create_file(name, S_IFDIR | 0755, parent, NULL, NULL); in securityfs_create_dir()
260 struct dentry *securityfs_create_symlink(const char *name, in securityfs_create_symlink() argument
273 dent = securityfs_create_dentry(name, S_IFLNK | 0444, parent, in securityfs_create_symlink()
|
| D | security.c | 125 init_debug("%s ordering: %s (%sabled)\n", from, lsm->name, in append_ordered_lsm()
138 init_debug("exclusive disabled: %s\n", lsm->name); in lsm_allowed()
187 init_debug("exclusive chosen: %s\n", lsm->name); in prepare_lsm()
200 init_debug("initializing %s\n", lsm->name); in initialize_lsm()
202 WARN(ret, "%s failed to initialize: %d\n", lsm->name, ret); in initialize_lsm()
210 char *sep, *name, *next; in ordered_lsm_parse() local
231 strcmp(major->name, chosen_major_lsm) != 0) { in ordered_lsm_parse()
234 chosen_major_lsm, major->name); in ordered_lsm_parse()
242 while ((name = strsep(&next, ",")) != NULL) { in ordered_lsm_parse()
247 strcmp(lsm->name, name) == 0) { in ordered_lsm_parse()
[all …]
|
| /security/integrity/ |
| D | digsig_asymmetric.c | 27 char name[12]; in request_asymmetric_key() local
29 sprintf(name, "id:%08x", keyid); in request_asymmetric_key()
31 pr_debug("key search: \"%s\"\n", name); in request_asymmetric_key()
38 &key_type_asymmetric, name, true); in request_asymmetric_key()
40 pr_err("Key '%s' is in ima_blacklist_keyring\n", name); in request_asymmetric_key()
50 &key_type_asymmetric, name, true); in request_asymmetric_key()
56 key = request_key(&key_type_asymmetric, name, NULL); in request_asymmetric_key()
61 name, PTR_ERR(key)); in request_asymmetric_key()
|
| /security/integrity/ima/ |
| D | ima_template.c | 22 {.name = IMA_TEMPLATE_IMA_NAME, .fmt = IMA_TEMPLATE_IMA_FMT},
23 {.name = "ima-ng", .fmt = "d-ng|n-ng"},
24 {.name = "ima-sig", .fmt = "d-ng|n-ng|sig"},
25 {.name = "ima-buf", .fmt = "d-ng|n-ng|buf"},
26 {.name = "ima-modsig", .fmt = "d-ng|n-ng|sig|d-modsig|modsig"},
27 {.name = "", .fmt = ""}, /* placeholder for a custom format */
136 struct ima_template_desc *lookup_template_desc(const char *name) in lookup_template_desc() argument
143 if ((strcmp(template_desc->name, name) == 0) || in lookup_template_desc()
144 (strcmp(template_desc->fmt, name) == 0)) { in lookup_template_desc()
267 (strlen(template->name) ? in ima_init_template()
[all …]
|