/security/apparmor/ |
D | path.c | 120 struct path root; in d_namespace_path() local 121 get_fs_root(current->fs, &root); in d_namespace_path() 122 res = __d_path(path, &root, buf, buflen); in d_namespace_path() 123 path_put(&root); in d_namespace_path()
|
D | policy_ns.c | 162 struct aa_ns *aa_findn_ns(struct aa_ns *root, const char *name, size_t n) in aa_findn_ns() argument 167 ns = aa_get_ns(__aa_findn_ns(&root->sub_ns, name, n)); in aa_findn_ns() 183 struct aa_ns *aa_find_ns(struct aa_ns *root, const char *name) in aa_find_ns() argument 185 return aa_findn_ns(root, name, strlen(name)); in aa_find_ns()
|
D | apparmorfs.c | 2066 static struct aa_ns *__next_ns(struct aa_ns *root, struct aa_ns *ns) in __next_ns() argument 2070 AA_BUG(!root); in __next_ns() 2072 AA_BUG(ns != root && !mutex_is_locked(&ns->parent->lock)); in __next_ns() 2083 while (ns != root) { in __next_ns() 2105 static struct aa_profile *__first_profile(struct aa_ns *root, in __first_profile() argument 2108 AA_BUG(!root); in __first_profile() 2111 for (; ns; ns = __next_ns(root, ns)) { in __first_profile() 2167 static struct aa_profile *next_profile(struct aa_ns *root, in next_profile() argument 2175 return __first_profile(root, __next_ns(root, profile->ns)); in next_profile() 2190 struct aa_ns *root = aa_get_current_ns(); in p_start() local [all …]
|
D | domain.c | 988 struct aa_profile *root, *hat = NULL; in build_change_hat() local 993 root = aa_get_profile_rcu(&profile->parent); in build_change_hat() 995 root = aa_get_profile(profile); in build_change_hat() 1002 hat = aa_find_child(root, name); in build_change_hat() 1014 aa_put_profile(root); in build_change_hat() 1036 struct aa_profile *profile, *root, *hat = NULL; in change_hat() local 1055 root = aa_get_profile_rcu(&profile->parent); in change_hat() 1057 root = aa_get_profile(profile); in change_hat() 1063 hat = aa_find_child(root, name); in change_hat() 1064 aa_put_profile(root); in change_hat()
|
D | label.c | 606 rb_erase(&label->node, &ls->root); in __label_remove() 641 rb_replace_node(&old->node, &new->node, &ls->root); in __label_replace() 675 new = &ls->root.rb_node; in __label_insert() 702 rb_insert_color(&label->node, &ls->root); in __label_insert() 728 node = vec_labelset(vec, n)->root.rb_node; in __vec_find() 1153 node = ls->root.rb_node; in __label_find_merge() 1989 for (node = rb_first(&ls->root); node; node = rb_first(&ls->root)) { in aa_labelset_destroy() 2009 ls->root = RB_ROOT; in aa_labelset_init()
|
/security/apparmor/include/ |
D | policy_ns.h | 90 struct aa_ns *aa_find_ns(struct aa_ns *root, const char *name); 91 struct aa_ns *aa_findn_ns(struct aa_ns *root, const char *name, size_t n); 96 struct aa_ns *aa_prepare_ns(struct aa_ns *root, const char *name);
|
D | label.h | 74 struct rb_root root; member 78 for ((N) = rb_first(&(LS)->root); (N); (N) = rb_next(N))
|
/security/ |
D | commoncap.c | 376 uid_t root, mappedroot; in cap_inode_getsecurity() local 403 root = 0; in cap_inode_getsecurity() 406 root = le32_to_cpu(nscap->rootid); in cap_inode_getsecurity() 412 kroot = make_kuid(fs_ns, root); in cap_inode_getsecurity() 802 kuid_t root, bool has_fcap) in nonroot_raised_pE() argument 808 (__is_eff(root, new) || __is_real(root, new)) && in nonroot_raised_pE() 811 __is_suid(root, new) && in nonroot_raised_pE()
|
D | Kconfig | 102 correctly. This level of protection requires a root of trust outside
|
/security/loadpin/ |
D | Kconfig | 11 have a root filesystem backed by a read-only device such as
|
/security/integrity/evm/ |
D | Kconfig | 54 When this option is enabled, root can add additional xattrs to the
|
/security/selinux/ |
D | hooks.c | 490 struct dentry *root = sb->s_root; in sb_finish_set_opts() local 491 struct inode *root_inode = d_backing_inode(root); in sb_finish_set_opts() 507 rc = __vfs_getxattr(root, root_inode, XATTR_NAME_SELINUX, NULL, in sb_finish_set_opts() 535 rc = inode_doinit_with_dentry(root_inode, root); in sb_finish_set_opts() 604 struct dentry *root = sbsec->sb->s_root; in selinux_set_mnt_opts() local 647 root_isec = backing_inode_security_novalidate(root); in selinux_set_mnt_opts() 1092 struct dentry *root = sbsec->sb->s_root; in selinux_sb_show_options() local 1093 struct inode_security_struct *isec = backing_inode_security(root); in selinux_sb_show_options()
|
/security/integrity/ima/ |
D | Kconfig | 141 This option allows the root user to see the current policy rules.
|
/security/keys/ |
D | keyring.c | 732 ptr = READ_ONCE(keyring->keys.root); in search_nested_keyrings()
|
/security/smack/ |
D | smack_lsm.c | 774 struct dentry *root = sb->s_root; in smack_set_mnt_opts() local 775 struct inode *inode = d_backing_inode(root); in smack_set_mnt_opts()
|