Home
last modified time | relevance | path

Searched refs:file (Results 1 – 25 of 53) sorted by relevance

123

/security/integrity/ima/
Dima_main.c86 static int mmap_violation_check(enum ima_hooks func, struct file *file, in mmap_violation_check() argument
93 if ((func == MMAP_CHECK) && mapping_writably_mapped(file->f_mapping)) { in mmap_violation_check()
95 inode = file_inode(file); in mmap_violation_check()
98 *pathname = ima_d_path(&file->f_path, pathbuf, in mmap_violation_check()
116 static void ima_rdwr_violation_check(struct file *file, in ima_rdwr_violation_check() argument
123 struct inode *inode = file_inode(file); in ima_rdwr_violation_check()
124 fmode_t mode = file->f_mode; in ima_rdwr_violation_check()
146 *pathname = ima_d_path(&file->f_path, pathbuf, filename); in ima_rdwr_violation_check()
149 ima_add_violation(file, *pathname, iint, in ima_rdwr_violation_check()
152 ima_add_violation(file, *pathname, iint, in ima_rdwr_violation_check()
[all …]
Dima_kexec.c22 struct seq_file file; in ima_dump_measurement_list() local
27 file.buf = vmalloc(segment_size); in ima_dump_measurement_list()
28 if (!file.buf) { in ima_dump_measurement_list()
33 file.size = segment_size; in ima_dump_measurement_list()
34 file.read_pos = 0; in ima_dump_measurement_list()
35 file.count = sizeof(khdr); /* reserved space */ in ima_dump_measurement_list()
40 if (file.count < file.size) { in ima_dump_measurement_list()
42 ima_measurements_show(&file, qe); in ima_dump_measurement_list()
56 khdr.buffer_size = file.count; in ima_dump_measurement_list()
62 memcpy(file.buf, &khdr, sizeof(khdr)); in ima_dump_measurement_list()
[all …]
Dima_api.c133 void ima_add_violation(struct file *file, const unsigned char *filename, in ima_add_violation() argument
138 struct inode *inode = file_inode(file); in ima_add_violation()
140 .file = file, in ima_add_violation()
214 struct file *file, void *buf, loff_t size, in ima_collect_measurement() argument
218 struct inode *inode = file_inode(file); in ima_collect_measurement()
219 struct inode *real_inode = d_real_inode(file_dentry(file)); in ima_collect_measurement()
220 const char *filename = file->f_path.dentry->d_name.name; in ima_collect_measurement()
255 result = ima_calc_file_hash(file, &hash.hdr); in ima_collect_measurement()
280 if (file->f_flags & O_DIRECT) in ima_collect_measurement()
306 struct file *file, const unsigned char *filename, in ima_store_measurement() argument
[all …]
Dima.h64 struct file *file; member
142 int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash);
148 void ima_add_violation(struct file *file, const unsigned char *filename,
191 hook(FILE_CHECK, file) \
264 struct file *file, void *buf, loff_t size,
266 void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file,
318 struct file *file, const unsigned char *filename,
323 void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file);
340 struct file *file, in ima_appraise_measurement() argument
357 struct file *file) in ima_update_xattr() argument
Dima_fs.c51 static ssize_t ima_show_htable_violations(struct file *filp, in ima_show_htable_violations()
63 static ssize_t ima_show_measurements_count(struct file *filp, in ima_show_measurements_count()
196 static int ima_measurements_open(struct inode *inode, struct file *file) in ima_measurements_open() argument
198 return seq_open(file, &ima_measurments_seqops); in ima_measurements_open()
262 static int ima_ascii_measurements_open(struct inode *inode, struct file *file) in ima_ascii_measurements_open() argument
264 return seq_open(file, &ima_ascii_measurements_seqops); in ima_ascii_measurements_open()
314 static ssize_t ima_write_policy(struct file *file, const char __user *buf, in ima_write_policy() argument
385 static int ima_open_policy(struct inode *inode, struct file *filp) in ima_open_policy()
410 static int ima_release_policy(struct inode *inode, struct file *file) in ima_release_policy() argument
414 if ((file->f_flags & O_ACCMODE) == O_RDONLY) in ima_release_policy()
[all …]
Dima_crypto.c329 static int ima_calc_file_hash_atfm(struct file *file, in ima_calc_file_hash_atfm() argument
356 i_size = i_size_read(file_inode(file)); in ima_calc_file_hash_atfm()
394 rc = integrity_kernel_read(file, offset, rbuf[active], in ima_calc_file_hash_atfm()
440 static int ima_calc_file_ahash(struct file *file, struct ima_digest_data *hash) in ima_calc_file_ahash() argument
449 rc = ima_calc_file_hash_atfm(file, hash, tfm); in ima_calc_file_ahash()
456 static int ima_calc_file_hash_tfm(struct file *file, in ima_calc_file_hash_tfm() argument
473 i_size = i_size_read(file_inode(file)); in ima_calc_file_hash_tfm()
485 rbuf_len = integrity_kernel_read(file, offset, rbuf, PAGE_SIZE); in ima_calc_file_hash_tfm()
507 static int ima_calc_file_shash(struct file *file, struct ima_digest_data *hash) in ima_calc_file_shash() argument
516 rc = ima_calc_file_hash_tfm(file, hash, tfm); in ima_calc_file_shash()
[all …]
Dima_template_lib.c348 if (!event_data->file) /* missing info to re-calculate the digest */ in ima_eventdigest_init()
351 inode = file_inode(event_data->file); in ima_eventdigest_init()
354 result = ima_calc_file_hash(event_data->file, &hash.hdr); in ima_eventdigest_init()
431 BUG_ON(event_data->filename == NULL && event_data->file == NULL); in ima_eventname_init_common()
441 if (event_data->file) { in ima_eventname_init_common()
442 cur_filename = event_data->file->f_path.dentry->d_name.name; in ima_eventname_init_common()
539 if (!event_data->file) in ima_eventevmsig_init()
542 rc = vfs_getxattr_alloc(&init_user_ns, file_dentry(event_data->file), in ima_eventevmsig_init()
565 if (!event_data->file) in ima_eventinodedac_init_common()
569 id = i_uid_read(file_inode(event_data->file)); in ima_eventinodedac_init_common()
[all …]
/security/tomoyo/
Dsecurityfs_if.c41 static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, in tomoyo_write_self() argument
100 static ssize_t tomoyo_read_self(struct file *file, char __user *buf, in tomoyo_read_self() argument
132 static int tomoyo_open(struct inode *inode, struct file *file) in tomoyo_open() argument
134 const u8 key = (uintptr_t) file_inode(file)->i_private; in tomoyo_open()
136 return tomoyo_open_control(key, file); in tomoyo_open()
146 static int tomoyo_release(struct inode *inode, struct file *file) in tomoyo_release() argument
148 tomoyo_close_control(file->private_data); in tomoyo_release()
161 static __poll_t tomoyo_poll(struct file *file, poll_table *wait) in tomoyo_poll() argument
163 return tomoyo_poll_control(file, wait); in tomoyo_poll()
176 static ssize_t tomoyo_read(struct file *file, char __user *buf, size_t count, in tomoyo_read() argument
[all …]
Dtomoyo.c110 &bprm->file->f_path, O_RDONLY); in tomoyo_bprm_check_security()
290 static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, in tomoyo_file_fcntl() argument
293 if (!(cmd == F_SETFL && ((arg ^ file->f_flags) & O_APPEND))) in tomoyo_file_fcntl()
295 return tomoyo_check_open_permission(tomoyo_domain(), &file->f_path, in tomoyo_file_fcntl()
306 static int tomoyo_file_open(struct file *f) in tomoyo_file_open()
324 static int tomoyo_file_ioctl(struct file *file, unsigned int cmd, in tomoyo_file_ioctl() argument
327 return tomoyo_path_number_perm(TOMOYO_TYPE_IOCTL, &file->f_path, cmd); in tomoyo_file_ioctl()
/security/safesetid/
Dsecurityfs.c31 static int parse_policy_line(struct file *file, char *buf, in parse_policy_line() argument
54 rule->src_id.uid = make_kuid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
55 rule->dst_id.uid = make_kuid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
59 rule->src_id.gid = make_kgid(file->f_cred->user_ns, parsed_parent); in parse_policy_line()
60 rule->dst_id.gid = make_kgid(file->f_cred->user_ns, parsed_child); in parse_policy_line()
139 static ssize_t handle_policy_update(struct file *file, in handle_policy_update() argument
182 err = parse_policy_line(file, p, rule); in handle_policy_update()
235 static ssize_t safesetid_uid_file_write(struct file *file, in safesetid_uid_file_write() argument
240 if (!file_ns_capable(file, &init_user_ns, CAP_MAC_ADMIN)) in safesetid_uid_file_write()
246 return handle_policy_update(file, buf, len, UID); in safesetid_uid_file_write()
[all …]
/security/apparmor/
Dfile.c276 aa_str_perms(profile->file.dfa, profile->file.start, name, cond, perms); in __aa_path_perm()
383 state = aa_str_perms(profile->file.dfa, profile->file.start, lname, in profile_path_link()
390 state = aa_dfa_null_transition(profile->file.dfa, state); in profile_path_link()
391 aa_str_perms(profile->file.dfa, state, tname, cond, &perms); in profile_path_link()
413 aa_str_perms(profile->file.dfa, profile->file.start, tname, cond, in profile_path_link()
508 struct aa_label *flabel, struct file *file, in __file_path_perm() argument
514 .uid = i_uid_into_mnt(file_mnt_user_ns(file), file_inode(file)), in __file_path_perm()
515 .mode = file_inode(file)->i_mode in __file_path_perm()
532 profile_path_perm(op, profile, &file->f_path, buffer, in __file_path_perm()
545 profile_path_perm(op, profile, &file->f_path, in __file_path_perm()
[all …]
Dapparmorfs.c440 static ssize_t profile_load(struct file *f, const char __user *buf, size_t size, in profile_load()
457 static ssize_t profile_replace(struct file *f, const char __user *buf, in profile_replace()
474 static ssize_t profile_remove(struct file *f, const char __user *buf, in profile_remove()
519 static int ns_revision_release(struct inode *inode, struct file *file) in ns_revision_release() argument
521 struct aa_revision *rev = file->private_data; in ns_revision_release()
531 static ssize_t ns_revision_read(struct file *file, char __user *buf, in ns_revision_read() argument
534 struct aa_revision *rev = file->private_data; in ns_revision_read()
543 if (file->f_flags & O_NONBLOCK) in ns_revision_read()
562 static int ns_revision_open(struct inode *inode, struct file *file) in ns_revision_open() argument
572 file->private_data = rev; in ns_revision_open()
[all …]
Dlsm.c407 static int apparmor_file_open(struct file *file) in apparmor_file_open() argument
409 struct aa_file_ctx *fctx = file_ctx(file); in apparmor_file_open()
413 if (!path_mediated_fs(file->f_path.dentry)) in apparmor_file_open()
426 label = aa_get_newest_cred_label(file->f_cred); in apparmor_file_open()
428 struct user_namespace *mnt_userns = file_mnt_user_ns(file); in apparmor_file_open()
429 struct inode *inode = file_inode(file); in apparmor_file_open()
435 error = aa_path_perm(OP_OPEN, label, &file->f_path, 0, in apparmor_file_open()
436 aa_map_file_to_perms(file), &cond); in apparmor_file_open()
438 fctx->allow = aa_map_file_to_perms(file); in apparmor_file_open()
445 static int apparmor_file_alloc_security(struct file *file) in apparmor_file_alloc_security() argument
[all …]
Ddomain.c106 state = aa_dfa_match(profile->file.dfa, state, "&"); in match_component()
108 return aa_dfa_match(profile->file.dfa, state, tp->base.hname); in match_component()
112 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); in match_component()
113 state = aa_dfa_match(profile->file.dfa, state, ns_name); in match_component()
114 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); in match_component()
115 return aa_dfa_match(profile->file.dfa, state, tp->base.hname); in match_component()
161 state = aa_dfa_match(profile->file.dfa, state, "//&"); in label_compound_match()
166 *perms = aa_compute_fperms(profile->file.dfa, state, &cond); in label_compound_match()
219 tmp = aa_compute_fperms(profile->file.dfa, state, &cond); in label_components_match()
228 tmp = aa_compute_fperms(profile->file.dfa, state, &cond); in label_components_match()
[all …]
/security/loadpin/
Dloadpin.c22 static void report_load(const char *origin, struct file *file, char *operation) in report_load() argument
26 pathname = kstrdup_quotable_file(file, GFP_KERNEL); in report_load()
121 static int loadpin_check(struct file *file, enum kernel_read_file_id id) in loadpin_check() argument
129 report_load(origin, file, "pinning-excluded"); in loadpin_check()
134 if (!file) { in loadpin_check()
144 load_root = file->f_path.mnt->mnt_sb; in loadpin_check()
162 report_load(origin, file, "pinned"); in loadpin_check()
169 report_load(origin, file, "pinning-ignored"); in loadpin_check()
173 report_load(origin, file, "denied"); in loadpin_check()
180 static int loadpin_read_file(struct file *file, enum kernel_read_file_id id, in loadpin_read_file() argument
[all …]
/security/keys/
Dbig_key.c59 struct file *file; in big_key_preparse() local
103 file = shmem_kernel_file_setup("", enclen, 0); in big_key_preparse()
104 if (IS_ERR(file)) { in big_key_preparse()
105 ret = PTR_ERR(file); in big_key_preparse()
109 written = kernel_write(file, buf, enclen, &pos); in big_key_preparse()
121 *path = file->f_path; in big_key_preparse()
123 fput(file); in big_key_preparse()
138 fput(file); in big_key_preparse()
238 struct file *file; in big_key_read() local
247 file = dentry_open(path, O_RDONLY, current_cred()); in big_key_read()
[all …]
/security/smack/
Dsmackfs.c443 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, in smk_write_rules_list() argument
644 static int smk_open_load(struct inode *inode, struct file *file) in smk_open_load() argument
646 return seq_open(file, &load_seq_ops); in smk_open_load()
657 static ssize_t smk_write_load(struct file *file, const char __user *buf, in smk_write_load() argument
668 return smk_write_rules_list(file, buf, count, ppos, NULL, NULL, in smk_write_load()
813 static int smk_open_cipso(struct inode *inode, struct file *file) in smk_open_cipso() argument
815 return seq_open(file, &cipso_seq_ops); in smk_open_cipso()
829 static ssize_t smk_set_cipso(struct file *file, const char __user *buf, in smk_set_cipso() argument
950 static ssize_t smk_write_cipso(struct file *file, const char __user *buf, in smk_write_cipso() argument
953 return smk_set_cipso(file, buf, count, ppos, SMK_FIXED24_FMT); in smk_write_cipso()
[all …]
Dsmack_lsm.c211 static int smk_bu_file(struct file *file, int mode, int rc) in smk_bu_file() argument
215 struct inode *inode = file_inode(file); in smk_bu_file()
231 inode->i_sb->s_id, inode->i_ino, file, in smk_bu_file()
236 #define smk_bu_file(file, mode, RC) (RC) argument
240 static int smk_bu_credfile(const struct cred *cred, struct file *file, in smk_bu_credfile() argument
245 struct inode *inode = file_inode(file); in smk_bu_credfile()
261 inode->i_sb->s_id, inode->i_ino, file, in smk_bu_credfile()
266 #define smk_bu_credfile(cred, file, mode, RC) (RC) argument
881 struct inode *inode = file_inode(bprm->file); in smack_bprm_creds_for_exec()
1537 static int smack_file_alloc_security(struct file *file) in smack_file_alloc_security() argument
[all …]
/security/landlock/
Dsyscalls.c97 struct file *const filp) in fop_ruleset_release()
105 static ssize_t fop_dummy_read(struct file *const filp, char __user *const buf, in fop_dummy_read()
112 static ssize_t fop_dummy_write(struct file *const filp, in fop_dummy_write()
215 if (!ruleset_f.file) in get_ruleset_from_fd()
219 if (ruleset_f.file->f_op != &ruleset_fops) { in get_ruleset_from_fd()
223 if (!(ruleset_f.file->f_mode & mode)) { in get_ruleset_from_fd()
227 ruleset = ruleset_f.file->private_data; in get_ruleset_from_fd()
254 if (!f.file) in get_path_from_fd()
261 if ((f.file->f_op == &ruleset_fops) || in get_path_from_fd()
262 (f.file->f_path.mnt->mnt_flags & MNT_INTERNAL) || in get_path_from_fd()
[all …]
Dfs.c679 static inline access_mask_t get_file_access(const struct file *const file) in get_file_access() argument
683 if (file->f_mode & FMODE_READ) { in get_file_access()
685 if (S_ISDIR(file_inode(file)->i_mode)) in get_file_access()
689 if (file->f_mode & FMODE_WRITE) in get_file_access()
692 if (file->f_flags & __FMODE_EXEC) in get_file_access()
697 static int hook_file_open(struct file *const file) in hook_file_open() argument
709 return check_access_path(dom, &file->f_path, get_file_access(file)); in hook_file_open()
/security/selinux/
Dselinuxfs.c125 static ssize_t sel_read_enforce(struct file *filp, char __user *buf, in sel_read_enforce()
138 static ssize_t sel_write_enforce(struct file *file, const char __user *buf, in sel_write_enforce() argument
142 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; in sel_write_enforce()
204 static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, in sel_read_handle_unknown()
225 static int sel_open_handle_status(struct inode *inode, struct file *filp) in sel_open_handle_status()
238 static ssize_t sel_read_handle_status(struct file *filp, char __user *buf, in sel_read_handle_status()
250 static int sel_mmap_handle_status(struct file *filp, in sel_mmap_handle_status()
280 static ssize_t sel_write_disable(struct file *file, const char __user *buf, in sel_write_disable() argument
284 struct selinux_fs_info *fsi = file_inode(file)->i_sb->s_fs_info; in sel_write_disable()
339 static ssize_t sel_read_policyvers(struct file *filp, char __user *buf, in sel_read_policyvers()
[all …]
Dhooks.c1742 struct file *file, in file_path_has_perm() argument
1748 ad.u.file = file; in file_path_has_perm()
1749 return inode_has_perm(cred, file_inode(file), av, &ad); in file_path_has_perm()
1753 static int bpf_fd_pass(struct file *file, u32 sid);
1765 struct file *file, in file_has_perm() argument
1768 struct file_security_struct *fsec = selinux_file(file); in file_has_perm()
1769 struct inode *inode = file_inode(file); in file_has_perm()
1775 ad.u.file = file; in file_has_perm()
1788 rc = bpf_fd_pass(file, cred_sid(cred)); in file_has_perm()
2026 static inline u32 file_to_av(struct file *file) in file_to_av() argument
[all …]
/security/apparmor/include/
Dfile.h31 static inline struct aa_file_ctx *file_ctx(struct file *file) in file_ctx() argument
33 return file->f_security + apparmor_blob_sizes.lbs_file; in file_ctx()
199 int aa_file_perm(const char *op, struct aa_label *label, struct file *file,
216 static inline u32 aa_map_file_to_perms(struct file *file) in aa_map_file_to_perms() argument
218 int flags = file->f_flags; in aa_map_file_to_perms()
221 if (file->f_mode & FMODE_WRITE) in aa_map_file_to_perms()
223 if (file->f_mode & FMODE_READ) in aa_map_file_to_perms()
/security/
Dsecurity.c567 static int lsm_file_alloc(struct file *file) in lsm_file_alloc() argument
570 file->f_security = NULL; in lsm_file_alloc()
574 file->f_security = kmem_cache_zalloc(lsm_file_cache, GFP_KERNEL); in lsm_file_alloc()
575 if (file->f_security == NULL) in lsm_file_alloc()
770 const struct cred *to, struct file *file) in security_binder_transfer_file() argument
772 return call_int_hook(binder_transfer_file, 0, from, to, file); in security_binder_transfer_file()
859 int security_bprm_creds_from_file(struct linux_binprm *bprm, struct file *file) in security_bprm_creds_from_file() argument
861 return call_int_hook(bprm_creds_from_file, 0, bprm, file); in security_bprm_creds_from_file()
1518 int security_file_permission(struct file *file, int mask) in security_file_permission() argument
1522 ret = call_int_hook(file_permission, 0, file, mask); in security_file_permission()
[all …]
/security/integrity/evm/
Devm_secfs.c39 static ssize_t evm_read_key(struct file *filp, char __user *buf, in evm_read_key()
66 static ssize_t evm_write_key(struct file *file, const char __user *buf, in evm_write_key() argument
127 static ssize_t evm_read_xattrs(struct file *filp, char __user *buf, in evm_read_xattrs()
180 static ssize_t evm_write_xattrs(struct file *file, const char __user *buf, in evm_write_xattrs() argument

123