Home
last modified time | relevance | path

Searched refs:r (Results 1 – 19 of 19) sorted by relevance

/security/tomoyo/
Dfile.c166 static int tomoyo_audit_path_log(struct tomoyo_request_info *r) in tomoyo_audit_path_log() argument
168 return tomoyo_supervisor(r, "file %s %s\n", tomoyo_path_keyword in tomoyo_audit_path_log()
169 [r->param.path.operation], in tomoyo_audit_path_log()
170 r->param.path.filename->name); in tomoyo_audit_path_log()
180 static int tomoyo_audit_path2_log(struct tomoyo_request_info *r) in tomoyo_audit_path2_log() argument
182 return tomoyo_supervisor(r, "file %s %s %s\n", tomoyo_mac_keywords in tomoyo_audit_path2_log()
183 [tomoyo_pp2mac[r->param.path2.operation]], in tomoyo_audit_path2_log()
184 r->param.path2.filename1->name, in tomoyo_audit_path2_log()
185 r->param.path2.filename2->name); in tomoyo_audit_path2_log()
195 static int tomoyo_audit_mkdev_log(struct tomoyo_request_info *r) in tomoyo_audit_mkdev_log() argument
[all …]
Dmount.c30 static int tomoyo_audit_mount_log(struct tomoyo_request_info *r) in tomoyo_audit_mount_log() argument
32 return tomoyo_supervisor(r, "file mount %s %s %s 0x%lX\n", in tomoyo_audit_mount_log()
33 r->param.mount.dev->name, in tomoyo_audit_mount_log()
34 r->param.mount.dir->name, in tomoyo_audit_mount_log()
35 r->param.mount.type->name, in tomoyo_audit_mount_log()
36 r->param.mount.flags); in tomoyo_audit_mount_log()
47 static bool tomoyo_check_mount_acl(struct tomoyo_request_info *r, in tomoyo_check_mount_acl() argument
53 return tomoyo_compare_number_union(r->param.mount.flags, in tomoyo_check_mount_acl()
55 tomoyo_compare_name_union(r->param.mount.type, in tomoyo_check_mount_acl()
57 tomoyo_compare_name_union(r->param.mount.dir, in tomoyo_check_mount_acl()
[all …]
Dcommon.c215 while (head->r.w_pos) { in tomoyo_flush()
216 const char *w = head->r.w[0]; in tomoyo_flush()
230 head->r.w[0] = w; in tomoyo_flush()
241 head->r.w_pos--; in tomoyo_flush()
242 for (len = 0; len < head->r.w_pos; len++) in tomoyo_flush()
243 head->r.w[len] = head->r.w[len + 1]; in tomoyo_flush()
245 head->r.avail = 0; in tomoyo_flush()
261 if (head->r.w_pos < TOMOYO_MAX_IO_READ_QUEUE) { in tomoyo_set_string()
262 head->r.w[head->r.w_pos++] = string; in tomoyo_set_string()
282 size_t pos = head->r.avail; in tomoyo_io_printf()
[all …]
Dnetwork.c363 static int tomoyo_audit_net_log(struct tomoyo_request_info *r, in tomoyo_audit_net_log() argument
367 return tomoyo_supervisor(r, "network %s %s %s %s\n", family, in tomoyo_audit_net_log()
379 static int tomoyo_audit_inet_log(struct tomoyo_request_info *r) in tomoyo_audit_inet_log() argument
383 const __be32 *address = r->param.inet_network.address; in tomoyo_audit_inet_log()
385 if (r->param.inet_network.is_ipv6) in tomoyo_audit_inet_log()
392 r->param.inet_network.port); in tomoyo_audit_inet_log()
393 return tomoyo_audit_net_log(r, "inet", r->param.inet_network.protocol, in tomoyo_audit_inet_log()
394 r->param.inet_network.operation, buf); in tomoyo_audit_inet_log()
404 static int tomoyo_audit_unix_log(struct tomoyo_request_info *r) in tomoyo_audit_unix_log() argument
406 return tomoyo_audit_net_log(r, "unix", r->param.unix_network.protocol, in tomoyo_audit_unix_log()
[all …]
Daudit.c150 static char *tomoyo_print_header(struct tomoyo_request_info *r) in tomoyo_print_header() argument
154 struct tomoyo_obj_info *obj = r->obj; in tomoyo_print_header()
168 stamp.min, stamp.sec, r->profile, tomoyo_mode[r->mode], in tomoyo_print_header()
169 tomoyo_yesno(r->granted), gpid, tomoyo_sys_getpid(), in tomoyo_print_header()
244 char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt, in tomoyo_init_log() argument
253 const char *domainname = r->domain->domainname->name; in tomoyo_init_log()
255 header = tomoyo_print_header(r); in tomoyo_init_log()
260 if (r->ee) { in tomoyo_init_log()
261 struct file *file = r->ee->bprm->file; in tomoyo_init_log()
264 bprm_info = tomoyo_print_bprm(r->ee->bprm, &r->ee->dump); in tomoyo_init_log()
[all …]
Denviron.c18 static bool tomoyo_check_env_acl(struct tomoyo_request_info *r, in tomoyo_check_env_acl() argument
24 return tomoyo_path_matches_pattern(r->param.environ.name, acl->env); in tomoyo_check_env_acl()
34 static int tomoyo_audit_env_log(struct tomoyo_request_info *r) in tomoyo_audit_env_log() argument
36 return tomoyo_supervisor(r, "misc env %s\n", in tomoyo_audit_env_log()
37 r->param.environ.name->name); in tomoyo_audit_env_log()
50 int tomoyo_env_perm(struct tomoyo_request_info *r, const char *env) in tomoyo_env_perm() argument
59 r->param_type = TOMOYO_TYPE_ENV_ACL; in tomoyo_env_perm()
60 r->param.environ.name = &environ; in tomoyo_env_perm()
62 tomoyo_check_acl(r, tomoyo_check_env_acl); in tomoyo_env_perm()
63 error = tomoyo_audit_env_log(r); in tomoyo_env_perm()
Ddomain.c161 void tomoyo_check_acl(struct tomoyo_request_info *r, in tomoyo_check_acl() argument
165 const struct tomoyo_domain_info *domain = r->domain; in tomoyo_check_acl()
173 if (ptr->is_deleted || ptr->type != r->param_type) in tomoyo_check_acl()
175 if (!check_entry(r, ptr)) in tomoyo_check_acl()
177 if (!tomoyo_condition(r, ptr->cond)) in tomoyo_check_acl()
179 r->matched_acl = ptr; in tomoyo_check_acl()
180 r->granted = true; in tomoyo_check_acl()
189 r->granted = false; in tomoyo_check_acl()
590 struct tomoyo_request_info r; in tomoyo_assign_domain() local
593 tomoyo_init_request_info(&r, entry, in tomoyo_assign_domain()
[all …]
Dsecurityfs_if.c19 static bool tomoyo_check_task_acl(struct tomoyo_request_info *r, in tomoyo_check_task_acl() argument
25 return !tomoyo_pathcmp(r->param.task.domainname, acl->domainname); in tomoyo_check_task_acl()
56 struct tomoyo_request_info r; in tomoyo_write_self() local
61 tomoyo_init_request_info(&r, NULL, TOMOYO_MAC_FILE_EXECUTE); in tomoyo_write_self()
62 r.param_type = TOMOYO_TYPE_MANUAL_TASK_ACL; in tomoyo_write_self()
63 r.param.task.domainname = &name; in tomoyo_write_self()
64 tomoyo_check_acl(&r, tomoyo_check_task_acl); in tomoyo_write_self()
65 if (!r.granted) in tomoyo_write_self()
Dutil.c1014 int tomoyo_init_request_info(struct tomoyo_request_info *r, in tomoyo_init_request_info() argument
1019 memset(r, 0, sizeof(*r)); in tomoyo_init_request_info()
1022 r->domain = domain; in tomoyo_init_request_info()
1024 r->profile = profile; in tomoyo_init_request_info()
1025 r->type = index; in tomoyo_init_request_info()
1026 r->mode = tomoyo_get_mode(domain->ns, profile, index); in tomoyo_init_request_info()
1027 return r->mode; in tomoyo_init_request_info()
1039 bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r) in tomoyo_domain_quota_is_ok() argument
1042 struct tomoyo_domain_info *domain = r->domain; in tomoyo_domain_quota_is_ok()
1045 if (r->mode != TOMOYO_CONFIG_LEARNING) in tomoyo_domain_quota_is_ok()
[all …]
Dcommon.h622 struct tomoyo_request_info r; member
820 } r; member
931 bool tomoyo_condition(struct tomoyo_request_info *r,
937 bool tomoyo_domain_quota_is_ok(struct tomoyo_request_info *r);
956 char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt,
973 int tomoyo_env_perm(struct tomoyo_request_info *r, const char *env);
974 int tomoyo_execute_permission(struct tomoyo_request_info *r,
979 int tomoyo_init_request_info(struct tomoyo_request_info *r,
1003 int tomoyo_supervisor(struct tomoyo_request_info *r, const char *fmt, ...)
1047 void tomoyo_check_acl(struct tomoyo_request_info *r,
[all …]
Dcondition.c765 bool tomoyo_condition(struct tomoyo_request_info *r, in tomoyo_condition() argument
787 obj = r->obj; in tomoyo_condition()
788 if (r->ee) in tomoyo_condition()
789 bprm = r->ee->bprm; in tomoyo_condition()
825 ee = r->ee; in tomoyo_condition()
1119 if (r->ee && (argc || envc)) in tomoyo_condition()
1120 return tomoyo_scan_bprm(r->ee, argc, argv, envc, envp); in tomoyo_condition()
Dgc.c50 if (head->r.domain == element || head->r.group == element || in tomoyo_struct_used_by_io_buffer()
51 head->r.acl == element || &head->w.domain->list == element) in tomoyo_struct_used_by_io_buffer()
85 const char *w = head->r.w[i]; in tomoyo_name_used_by_io_buffer()
/security/selinux/ss/
Dmls.h35 int mls_range_isvalid(struct policydb *p, struct mls_range *r);
107 static inline u32 mls_range_hash(const struct mls_range *r, u32 hash) in mls_range_hash() argument
109 hash = jhash_2words(r->level[0].sens, r->level[1].sens, hash); in mls_range_hash()
110 hash = ebitmap_hash(&r->level[0].cat, hash); in mls_range_hash()
111 hash = ebitmap_hash(&r->level[1].cat, hash); in mls_range_hash()
Dmls.c182 int mls_range_isvalid(struct policydb *p, struct mls_range *r) in mls_range_isvalid() argument
184 return (mls_level_isvalid(p, &r->level[0]) && in mls_range_isvalid()
185 mls_level_isvalid(p, &r->level[1]) && in mls_range_isvalid()
186 mls_level_dom(&r->level[1], &r->level[0])); in mls_range_isvalid()
497 struct mls_range *r; in mls_compute_sid() local
510 r = policydb_rangetr_search(p, &rtr); in mls_compute_sid()
511 if (r) in mls_compute_sid()
512 return mls_range_set(newcontext, r); in mls_compute_sid()
Dpolicydb.c976 static int mls_read_range_helper(struct mls_range *r, void *fp) in mls_read_range_helper() argument
999 r->level[0].sens = le32_to_cpu(buf[0]); in mls_read_range_helper()
1001 r->level[1].sens = le32_to_cpu(buf[1]); in mls_read_range_helper()
1003 r->level[1].sens = r->level[0].sens; in mls_read_range_helper()
1005 rc = ebitmap_read(&r->level[0].cat, fp); in mls_read_range_helper()
1011 rc = ebitmap_read(&r->level[1].cat, fp); in mls_read_range_helper()
1017 rc = ebitmap_cpy(&r->level[1].cat, &r->level[0].cat); in mls_read_range_helper()
1026 ebitmap_destroy(&r->level[0].cat); in mls_read_range_helper()
1815 struct mls_range *r = NULL; in range_read() local
1860 r = kzalloc(sizeof(*r), GFP_KERNEL); in range_read()
[all …]
/security/apparmor/
Dpolicy_unpack.c139 bool aa_rawdata_eq(struct aa_loaddata *l, struct aa_loaddata *r) in aa_rawdata_eq() argument
141 if (l->size != r->size) in aa_rawdata_eq()
143 if (l->compressed_size != r->compressed_size) in aa_rawdata_eq()
145 if (aa_g_hash_policy && memcmp(l->hash, r->hash, aa_hash_size()) != 0) in aa_rawdata_eq()
147 return memcmp(l->data, r->data, r->compressed_size ?: r->size) == 0; in aa_rawdata_eq()
/security/apparmor/include/
Dpolicy_unpack.h118 bool aa_rawdata_eq(struct aa_loaddata *l, struct aa_loaddata *r);
/security/keys/
Dproc.c268 static struct rb_node *key_user_first(struct user_namespace *user_ns, struct rb_root *r) in key_user_first() argument
270 struct rb_node *n = rb_first(r); in key_user_first()
/security/selinux/
Dselinuxfs.c1003 char *r, *w; in sel_write_create() local
1006 r = w = namebuf; in sel_write_create()
1008 c1 = *r++; in sel_write_create()
1012 c1 = hex_to_bin(*r++); in sel_write_create()
1015 c2 = hex_to_bin(*r++); in sel_write_create()