| /security/yama/ |
| D | yama_lsm.c | 47 struct task_struct *target; member
57 target_cmd = kstrdup_quotable_cmdline(info->target, GFP_KERNEL); in __report_access()
62 info->access, target_cmd, info->target->pid, agent_cmd, in __report_access()
69 put_task_struct(info->target); in __report_access()
74 static void report_access(const char *access, struct task_struct *target, in report_access() argument
80 assert_spin_locked(&target->alloc_lock); /* for target->comm */ in report_access()
88 access, target->comm, target->pid, in report_access()
97 get_task_struct(target); in report_access()
100 info->target = target; in report_access()
106 put_task_struct(target); in report_access()
|
| /security/apparmor/ |
| D | domain.c | 287 struct aa_label *target, bool stack, in change_profile_perms() argument
298 return label_match(profile, target, stack, start, true, request, perms); in change_profile_perms()
625 const char *info = NULL, *name = NULL, *target = NULL; in profile_transition() local
663 new = x_to_label(profile, bprm, name, perms.xindex, &target, in profile_transition()
733 aa_audit_file(profile, &perms, OP_EXEC, MAY_EXEC, name, target, new, in profile_transition()
1170 struct aa_label *label, *previous, *new = NULL, *target = NULL; in aa_change_hat() local
1226 target = new; in aa_change_hat()
1247 target = previous; in aa_change_hat()
1271 AA_MAY_CHANGEHAT, NULL, NULL, target, in aa_change_hat()
1280 struct aa_label *target, bool stack, in change_profile_perms_wrapper() argument
[all …]
|
| D | file.c | 80 } else if (aad(sa)->fs.target) { in file_audit_cb()
82 audit_log_untrustedstring(ab, aad(sa)->fs.target); in file_audit_cb()
103 const char *target, struct aa_label *tlabel, in aa_audit_file() argument
112 aad(&sa)->fs.target = target; in aa_audit_file()
356 static inline bool xindex_is_subset(u32 link, u32 target) in xindex_is_subset() argument
358 if (((link & ~AA_X_UNSAFE) != (target & ~AA_X_UNSAFE)) || in xindex_is_subset()
359 ((link & AA_X_UNSAFE) && !(target & AA_X_UNSAFE))) in xindex_is_subset()
367 const struct path *target, char *buffer2, in profile_path_link() argument
383 error = path_name(OP_LINK, &profile->label, target, profile->path_flags, in profile_path_link()
468 struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry }; in aa_path_link() local
[all …]
|
| D | mount.c | 662 struct aa_label *target = NULL; in aa_pivotroot() local
671 target = fn_label_build(label, profile, GFP_ATOMIC, in aa_pivotroot()
674 if (!target) { in aa_pivotroot()
678 } else if (!IS_ERR(target)) { in aa_pivotroot()
679 error = aa_replace_current_label(target); in aa_pivotroot()
682 aa_put_label(target); in aa_pivotroot()
687 error = PTR_ERR(target); in aa_pivotroot()
|
| D | ipc.c | 208 int aa_may_signal(struct aa_label *sender, struct aa_label *target, int sig) in aa_may_signal() argument
215 return xcheck_labels(sender, target, profile, in aa_may_signal()
216 profile_signal_perm(profile, target, MAY_WRITE, &sa), in aa_may_signal()
|
| D | lib.c | 395 int aa_profile_label_perm(struct aa_profile *profile, struct aa_profile *target, in aa_profile_label_perm() argument
402 aad(sa)->peer = &target->label; in aa_profile_label_perm()
405 aa_profile_match_label(profile, &target->label, type, request, &perms); in aa_profile_label_perm()
|
| D | apparmorfs.c | 75 static int mangle_name(const char *name, char *target) in mangle_name() argument
77 char *t = target; in mangle_name()
82 if (target) { in mangle_name()
104 return t - target; in mangle_name()
326 const char *target, in aafs_create_symlink() argument
333 if (target) { in aafs_create_symlink()
1524 char *target; in rawdata_get_link_base() local
1533 target = gen_symlink_name(depth, profile->rawdata->name, name); in rawdata_get_link_base()
1536 if (IS_ERR(target)) in rawdata_get_link_base()
1537 return target; in rawdata_get_link_base()
[all …]
|
| D | lsm.c | 137 static int apparmor_capget(struct task_struct *target, kernel_cap_t *effective, in apparmor_capget() argument
144 cred = __task_cred(target); in apparmor_capget()
729 static int apparmor_task_kill(struct task_struct *target, struct kernel_siginfo *info, in apparmor_task_kill() argument
740 tl = aa_get_task_label(target); in apparmor_task_kill()
748 tl = aa_get_task_label(target); in apparmor_task_kill()
|
| /security/selinux/ss/ |
| D | sidtab.c | 285 dst_convert = sidtab_do_lookup(convert->target, count, 1); in sidtab_context_to_sid()
298 convert->target->count = count + 1; in sidtab_context_to_sid()
300 hash_add_rcu(convert->target->context_to_sid, in sidtab_context_to_sid()
403 rc = sidtab_do_lookup(params->target, count - 1, 1) ? 0 : -ENOMEM; in sidtab_convert()
410 params->target->count = count; in sidtab_convert()
422 rc = sidtab_convert_tree(¶ms->target->roots[level], in sidtab_convert()
436 sidtab_convert_hashtable(params->target, count); in sidtab_convert()
|
| D | sidtab.h | 69 struct sidtab *target; member
|
| D | services.c | 542 struct type_datum *target; in type_attribute_bounds_av() local
551 target = policydb->type_val_to_struct[tcontext->type - 1]; in type_attribute_bounds_av()
552 BUG_ON(!target); in type_attribute_bounds_av()
559 if (target->bounds) { in type_attribute_bounds_av()
561 lo_tcontext.type = target->bounds; in type_attribute_bounds_av()
2247 convert_params.target = newsidtab; in security_load_policy()
|
| /security/keys/ |
| D | request_key_auth.c | 162 struct key *request_key_auth_new(struct key *target, const char *op, in request_key_auth_new() argument
172 kenter("%d,", target->serial); in request_key_auth_new()
211 rka->target_key = key_get(target); in request_key_auth_new()
215 sprintf(desc, "%x", target->serial); in request_key_auth_new()
|
| D | internal.h | 193 extern struct key *request_key_auth_new(struct key *target,
|
| /security/ |
| D | inode.c | 262 const char *target, in securityfs_create_symlink() argument
268 if (target) { in securityfs_create_symlink()
269 link = kstrdup(target, GFP_KERNEL); in securityfs_create_symlink()
|
| D | commoncap.c | 199 int cap_capget(struct task_struct *target, kernel_cap_t *effective, in cap_capget() argument
206 cred = __task_cred(target); in cap_capget()
749 #define __cap_gained(field, target, source) \ argument
750 !cap_issubset(target->cap_##field, source->cap_##field)
751 #define __cap_grew(target, source, cred) \ argument
752 !cap_issubset(cred->cap_##target, cred->cap_##source)
|
| D | security.c | 706 int security_capget(struct task_struct *target, in security_capget() argument
711 return call_int_hook(capget, 0, target, in security_capget()
1797 struct task_struct *target, long type, int mode) in security_msg_queue_msgrcv() argument
1799 return call_int_hook(msg_queue_msgrcv, 0, msq, msg, target, type, mode); in security_msg_queue_msgrcv()
|
| /security/apparmor/include/ |
| D | ipc.h | 34 int aa_may_signal(struct aa_label *sender, struct aa_label *target, int sig);
|
| D | audit.h | 122 const char *target; member
|
| D | perms.h | 150 int aa_profile_label_perm(struct aa_profile *profile, struct aa_profile *target,
|
| D | file.h | 161 const char *target, struct aa_label *tlabel, kuid_t ouid,
|
| /security/tomoyo/ |
| D | file.c | 803 int tomoyo_path_perm(const u8 operation, const struct path *path, const char *target) in tomoyo_path_perm() argument
831 symlink_target.name = tomoyo_encode(target); in tomoyo_path_perm()
|
| D | common.h | 993 const char *target);
|
| /security/selinux/ |
| D | hooks.c | 2151 static int selinux_capget(struct task_struct *target, kernel_cap_t *effective, in selinux_capget() argument
2155 current_sid(), task_sid(target), SECCLASS_PROCESS, in selinux_capget()
6034 struct task_struct *target, in selinux_msg_queue_msgrcv() argument
6040 u32 sid = task_sid(target); in selinux_msg_queue_msgrcv()
|
| /security/smack/ |
| D | smack_lsm.c | 3219 struct task_struct *target, long type, int mode) in smack_msg_queue_msgrcv() argument
|