| /security/integrity/platform_certs/ |
| D | keyring_handler.c | 22 size_t len, const char *type, in uefi_blacklist_hash() argument
27 hash = kmalloc(type_len + len * 2 + 1, GFP_KERNEL); in uefi_blacklist_hash()
32 bin2hex(p, data, len); in uefi_blacklist_hash()
33 p += len * 2; in uefi_blacklist_hash()
44 const void *data, size_t len) in uefi_blacklist_x509_tbs() argument
46 uefi_blacklist_hash(source, data, len, "tbs:", 4); in uefi_blacklist_x509_tbs()
53 const void *data, size_t len) in uefi_blacklist_binary() argument
55 uefi_blacklist_hash(source, data, len, "bin:", 4); in uefi_blacklist_binary()
62 const void *data, size_t len) in uefi_revocation_list_x509() argument
64 add_key_to_revocation_list(data, len); in uefi_revocation_list_x509()
|
| D | load_ipl_s390.c | 21 unsigned int len; in load_ipl_certs() local
29 len = *(unsigned int *) ptr; in load_ipl_certs()
31 add_to_platform_keyring("IPL:db", ptr, len); in load_ipl_certs()
32 ptr += len; in load_ipl_certs()
|
| D | keyring_handler.h | 9 size_t len, const char *type,
15 void blacklist_x509_tbs(const char *source, const void *data, size_t len);
20 void blacklist_binary(const char *source, const void *data, size_t len);
|
| /security/apparmor/ |
| D | procattr.c | 37 int len; in aa_getprocattr() local
44 len = aa_label_snxprint(NULL, 0, current_ns, label, in aa_getprocattr()
47 AA_BUG(len < 0); in aa_getprocattr()
49 *string = kmalloc(len + 2, GFP_KERNEL); in aa_getprocattr()
55 len = aa_label_snxprint(*string, len + 2, current_ns, label, in aa_getprocattr()
58 if (len < 0) { in aa_getprocattr()
60 return len; in aa_getprocattr()
63 (*string)[len] = '\n'; in aa_getprocattr()
64 (*string)[len + 1] = 0; in aa_getprocattr()
67 return len + 1; in aa_getprocattr()
|
| D | label.c | 854 int len, gfp_t gfp) in vec_create_and_insert_label() argument
864 if (len == 1) in vec_create_and_insert_label()
867 ls = labels_set(&vec[len - 1]->label); in vec_create_and_insert_label()
872 new = aa_label_alloc(len, NULL, gfp); in vec_create_and_insert_label()
876 for (i = 0; i < len; i++) in vec_create_and_insert_label()
887 struct aa_label *aa_vec_find_or_create_label(struct aa_profile **vec, int len, in aa_vec_find_or_create_label() argument
890 struct aa_label *label = vec_find(vec, len); in aa_vec_find_or_create_label()
895 return vec_create_and_insert_label(vec, len, gfp); in aa_vec_find_or_create_label()
1487 #define update_for_len(total, len, size, str) \ argument
1489 size_t ulen = len; \
[all …]
|
| D | secid.c | 74 int len; in apparmor_secid_to_secctx() local
82 len = aa_label_asxprint(secdata, root_ns, label, in apparmor_secid_to_secctx()
87 len = aa_label_snxprint(NULL, 0, root_ns, label, in apparmor_secid_to_secctx()
90 if (len < 0) in apparmor_secid_to_secctx()
93 *seclen = len; in apparmor_secid_to_secctx()
|
| D | crypto.c | 28 char *aa_calc_hash(void *data, size_t len) in aa_calc_hash() argument
46 error = crypto_shash_update(desc, (u8 *) data, len); in aa_calc_hash()
62 size_t len) in aa_calc_profile_hash() argument
86 error = crypto_shash_update(desc, (u8 *) start, len); in aa_calc_profile_hash()
|
| /security/selinux/ss/ |
| D | conditional.c | 30 if (expr->len == 0) in cond_evaluate_expr()
33 for (i = 0; i < expr->len; i++) { in cond_evaluate_expr()
104 for (i = 0; i < node->true_list.len; i++) { in evaluate_cond_node()
112 for (i = 0; i < node->false_list.len; i++) { in evaluate_cond_node()
213 u32 len; in cond_read_bool() local
231 len = le32_to_cpu(buf[2]); in cond_read_bool()
232 if (((len == 0) || (len == (u32)-1))) in cond_read_bool()
236 key = kmalloc(len + 1, GFP_KERNEL); in cond_read_bool()
239 rc = next_entry(key, fp, len); in cond_read_bool()
242 key[len] = '\0'; in cond_read_bool()
[all …]
|
| D | policydb.c | 1075 static int str_read(char **strp, gfp_t flags, void *fp, u32 len) in str_read() argument
1080 if ((len == 0) || (len == (u32)-1)) in str_read()
1083 str = kmalloc(len + 1, flags | __GFP_NOWARN); in str_read()
1087 rc = next_entry(str, fp, len); in str_read()
1093 str[len] = '\0'; in str_read()
1104 u32 len; in perm_read() local
1114 len = le32_to_cpu(buf[0]); in perm_read()
1117 rc = str_read(&key, GFP_KERNEL, fp, len); in perm_read()
1136 u32 len, nel; in common_read() local
1147 len = le32_to_cpu(buf[0]); in common_read()
[all …]
|
| D | policydb.h | 309 size_t len; member
354 size_t len; member
364 if (bytes > fp->len) in next_entry()
369 fp->len -= bytes; in next_entry()
375 size_t len = bytes * num; in put_entry() local
377 if (len > fp->len) in put_entry()
379 memcpy(fp->data, buf, len); in put_entry()
380 fp->data += len; in put_entry()
381 fp->len -= len; in put_entry()
|
| D | context.h | 31 u32 len; /* length of string in bytes */ member
161 dst->len = src->len; in context_cpy()
164 dst->len = 0; in context_cpy()
179 c->len = 0; in context_destroy()
185 if (c1->len && c2->len) in context_cmp()
186 return (c1->len == c2->len && !strcmp(c1->str, c2->str)); in context_cmp()
187 if (c1->len || c2->len) in context_cmp()
|
| /security/tomoyo/ |
| D | audit.c | 29 int len; in tomoyo_print_bprm() local
38 len = snprintf(buffer, tomoyo_buffer_len - 1, "argv[]={ "); in tomoyo_print_bprm()
39 cp = buffer + len; in tomoyo_print_bprm()
244 char *tomoyo_init_log(struct tomoyo_request_info *r, int len, const char *fmt, in tomoyo_init_log() argument
259 len += strlen(domainname) + strlen(header) + 10; in tomoyo_init_log()
268 len += strlen(realpath) + 80 + strlen(bprm_info); in tomoyo_init_log()
272 len += 18 + strlen(symlink); in tomoyo_init_log()
274 len = tomoyo_round2(len); in tomoyo_init_log()
275 buf = kzalloc(len, GFP_NOFS); in tomoyo_init_log()
278 len--; in tomoyo_init_log()
[all …]
|
| D | util.c | 146 static bool tomoyo_correct_path2(const char *filename, const size_t len);
386 const int len = strlen(find); in tomoyo_str_starts() local
389 if (strncmp(tmp, find, len)) in tomoyo_str_starts()
391 tmp += len; in tomoyo_str_starts()
435 static bool tomoyo_correct_word2(const char *string, size_t len) in tomoyo_correct_word2() argument
441 if (!len) in tomoyo_correct_word2()
443 while (len--) { in tomoyo_correct_word2()
447 if (!len--) in tomoyo_correct_word2()
454 if (!len-- || !len--) in tomoyo_correct_word2()
531 static bool tomoyo_correct_path2(const char *filename, const size_t len) in tomoyo_correct_path2() argument
[all …]
|
| D | securityfs_if.c | 104 loff_t len = strlen(domain); in tomoyo_read_self() local
107 if (pos >= len || !count) in tomoyo_read_self()
109 len -= pos; in tomoyo_read_self()
110 if (count < len) in tomoyo_read_self()
111 len = count; in tomoyo_read_self()
112 if (copy_to_user(buf, domain + pos, len)) in tomoyo_read_self()
114 *ppos += len; in tomoyo_read_self()
115 return len; in tomoyo_read_self()
|
| D | common.c | 196 static void tomoyo_addprintf(char *buffer, int len, const char *fmt, ...) in tomoyo_addprintf() argument
202 vsnprintf(buffer + pos, len - pos - 1, fmt, args); in tomoyo_addprintf()
217 size_t len = strlen(w); in tomoyo_flush() local
219 if (len) { in tomoyo_flush()
220 if (len > head->read_user_buf_avail) in tomoyo_flush()
221 len = head->read_user_buf_avail; in tomoyo_flush()
222 if (!len) in tomoyo_flush()
224 if (copy_to_user(head->read_user_buf, w, len)) in tomoyo_flush()
226 head->read_user_buf_avail -= len; in tomoyo_flush()
227 head->read_user_buf += len; in tomoyo_flush()
[all …]
|
| D | domain.c | 439 (const char *name, const unsigned int len) in tomoyo_find_namespace() argument
444 if (strncmp(name, ns->name, len) || in tomoyo_find_namespace()
445 (name[len] && name[len] != ' ')) in tomoyo_find_namespace()
467 unsigned int len = 0; in tomoyo_assign_namespace() local
470 len++; in tomoyo_assign_namespace()
471 ptr = tomoyo_find_namespace(domainname, len); in tomoyo_assign_namespace()
474 if (len >= TOMOYO_EXEC_TMPSIZE - 10 || !tomoyo_domain_def(domainname)) in tomoyo_assign_namespace()
476 entry = kzalloc(sizeof(*entry) + len + 1, GFP_NOFS | __GFP_NOWARN); in tomoyo_assign_namespace()
479 ptr = tomoyo_find_namespace(domainname, len); in tomoyo_assign_namespace()
484 memmove(name, domainname, len); in tomoyo_assign_namespace()
[all …]
|
| /security/selinux/ |
| D | netlink.c | 43 static void selnl_add_payload(struct nlmsghdr *nlh, int len, int msgtype, void *data) in selnl_add_payload() argument
49 memset(msg, 0, len); in selnl_add_payload()
57 memset(msg, 0, len); in selnl_add_payload()
69 int len; in selnl_notify() local
74 len = selnl_msglen(msgtype); in selnl_notify()
76 skb = nlmsg_new(len, GFP_USER); in selnl_notify()
81 nlh = nlmsg_put(skb, 0, 0, msgtype, len, 0); in selnl_notify()
84 selnl_add_payload(nlh, len, msgtype, data); in selnl_notify()
|
| D | selinuxfs.c | 391 size_t len; member
421 rc = security_read_policy(state, &plm->data, &plm->len); in sel_open_policy()
425 if ((size_t)i_size_read(inode) != plm->len) { in sel_open_policy()
427 i_size_write(inode, plm->len); in sel_open_policy()
474 return simple_read_from_buffer(buf, count, ppos, plm->data, plm->len); in sel_read_policy()
487 if (offset >= roundup(plm->len, PAGE_SIZE)) in sel_mmap_policy_fault()
681 u32 sid, len; in sel_write_context() local
694 length = security_sid_to_context(state, sid, &canon, &len); in sel_write_context()
699 if (len > SIMPLE_TRANSACTION_LIMIT) { in sel_write_context()
701 "payload max\n", __func__, len); in sel_write_context()
[all …]
|
| /security/integrity/ima/ |
| D | ima_template.c | 211 int i, len; in template_desc_init_fields() local
225 i++, template_fmt_ptr += len + 1) { in template_desc_init_fields()
228 len = strchrnul(template_fmt_ptr, '|') - template_fmt_ptr; in template_desc_init_fields()
229 if (len == 0 || len > IMA_TEMPLATE_FIELD_ID_MAX_LEN) { in template_desc_init_fields()
230 pr_err("Invalid field with length %d\n", len); in template_desc_init_fields()
234 memcpy(tmp_field_id, template_fmt_ptr, len); in template_desc_init_fields()
235 tmp_field_id[len] = '\0'; in template_desc_init_fields()
391 kzalloc(field_data->len + 1, GFP_KERNEL); in ima_restore_template_data()
396 memcpy((*entry)->template_data[i].data, data, field_data->len); in ima_restore_template_data()
397 (*entry)->template_data_len += sizeof(field_data->len); in ima_restore_template_data()
[all …]
|
| D | ima_crypto.c | 601 u32 datalen = field_data[i].len; in ima_calc_field_array_hash_tfm()
663 static int calc_buffer_ahash_atfm(const void *buf, loff_t len, in calc_buffer_ahash_atfm() argument
687 sg_init_one(&sg, buf, len); in calc_buffer_ahash_atfm()
688 ahash_request_set_crypt(req, &sg, NULL, len); in calc_buffer_ahash_atfm()
703 static int calc_buffer_ahash(const void *buf, loff_t len, in calc_buffer_ahash() argument
713 rc = calc_buffer_ahash_atfm(buf, len, hash, tfm); in calc_buffer_ahash()
725 unsigned int len; in calc_buffer_shash_tfm() local
737 len = size < PAGE_SIZE ? size : PAGE_SIZE; in calc_buffer_shash_tfm()
738 rc = crypto_shash_update(shash, buf, len); in calc_buffer_shash_tfm()
741 buf += len; in calc_buffer_shash_tfm()
[all …]
|
| D | ima_template_lib.c | 62 field_data->len = buflen; in ima_write_template_field_data()
72 u32 buflen = field_data->len; in ima_show_template_data_ascii()
94 switch (field_data->len) { in ima_show_template_data_ascii()
133 u32 len = (show == IMA_SHOW_BINARY_OLD_STRING_FMT) ? in ima_show_template_data_binary() local
134 strlen(field_data->data) : field_data->len; in ima_show_template_data_binary()
138 len : (__force u32)cpu_to_le32(len); in ima_show_template_data_binary()
143 if (!len) in ima_show_template_data_binary()
146 ima_putc(m, field_data->data, len); in ima_show_template_data_binary()
232 fields[i].len = le32_to_cpu(*(__le32 *)bufp); in ima_parse_buf()
234 fields[i].len = *(u32 *)bufp; in ima_parse_buf()
[all …]
|
| /security/safesetid/ |
| D | securityfs.c | 140 const char __user *ubuf, size_t len, enum setid_type policy_type) in handle_policy_update() argument
153 p = buf = memdup_user_nul(ubuf, len); in handle_policy_update()
225 err = len; in handle_policy_update()
237 size_t len, in safesetid_uid_file_write() argument
246 return handle_policy_update(file, buf, len, UID); in safesetid_uid_file_write()
251 size_t len, in safesetid_gid_file_write() argument
260 return handle_policy_update(file, buf, len, GID); in safesetid_gid_file_write()
264 … size_t len, loff_t *ppos, struct mutex *policy_update_lock, struct __rcu setid_ruleset* ruleset) in safesetid_file_read() argument
274 res = simple_read_from_buffer(buf, len, ppos, in safesetid_file_read()
283 size_t len, loff_t *ppos) in safesetid_uid_file_read() argument
[all …]
|
| /security/apparmor/include/ |
| D | crypto.h | 17 char *aa_calc_hash(void *data, size_t len);
19 size_t len);
21 static inline char *aa_calc_hash(void *data, size_t len) in aa_calc_hash() argument
26 void *start, size_t len) in aa_calc_profile_hash() argument
|
| D | match.h | 120 static inline size_t table_size(size_t len, size_t el_size) in table_size() argument
122 return ALIGN(sizeof(struct table_header) + len * el_size, 8); in table_size()
130 const char *str, int len);
148 unsigned int len; member
156 .len = 0, \
|
| /security/lockdown/ |
| D | lockdown.c | 120 int i, len, err = -EINVAL; in lockdown_write() local
126 len = strlen(state); in lockdown_write()
127 if (len && state[len-1] == '\n') { in lockdown_write()
128 state[len-1] = '\0'; in lockdown_write()
129 len--; in lockdown_write()
|