| /security/tomoyo/ |
| D | condition.c | 40 result = tomoyo_path_matches_pattern(&arg, argv->value); in tomoyo_argv()
66 struct tomoyo_path_info value; in tomoyo_envp() local
70 value.name = env_value; in tomoyo_envp()
71 tomoyo_fill_path_info(&value); in tomoyo_envp()
78 if (envp->value) { in tomoyo_envp()
79 result = tomoyo_path_matches_pattern(&value, in tomoyo_envp()
80 envp->value); in tomoyo_envp()
213 if ((!envp->value && !envp->is_not) || in tomoyo_scan_bprm()
214 (envp->value && envp->is_not)) in tomoyo_scan_bprm()
305 argv->value = tomoyo_get_dqword(right); in tomoyo_parse_argv()
[all …]
|
| D | Kconfig | 24 This is the default value for maximal ACL entries
37 This is the default value for maximal entries for
40 If you don't need audit logs, you may set this value to 0.
|
| D | common.h | 609 const struct tomoyo_path_info *value; member
616 const struct tomoyo_path_info *value; member
929 bool tomoyo_compare_number_union(const unsigned long value,
962 const char *tomoyo_yesno(const unsigned int value);
1062 const unsigned long value, const u8 type);
|
| D | util.c | 227 const unsigned long value, const u8 type) in tomoyo_print_ulong() argument
230 snprintf(buffer, buffer_len, "%lu", value); in tomoyo_print_ulong()
232 snprintf(buffer, buffer_len, "0%lo", value); in tomoyo_print_ulong()
234 snprintf(buffer, buffer_len, "0x%lX", value); in tomoyo_print_ulong()
|
| D | file.c | 112 bool tomoyo_compare_number_union(const unsigned long value, in tomoyo_compare_number_union() argument
116 return tomoyo_number_matches_group(value, value, ptr->group); in tomoyo_compare_number_union()
117 return value >= ptr->values[0] && value <= ptr->values[1]; in tomoyo_compare_number_union()
|
| D | common.c | 182 const char *tomoyo_yesno(const unsigned int value) in tomoyo_yesno() argument
184 return value ? "yes" : "no"; in tomoyo_yesno()
594 static int tomoyo_set_mode(char *name, const char *value, in tomoyo_set_mode() argument
629 if (strstr(value, "use_default")) { in tomoyo_set_mode()
635 if (strstr(value, tomoyo_mode[mode])) in tomoyo_set_mode()
642 switch (tomoyo_find_yesno(value, "grant_log")) { in tomoyo_set_mode()
650 switch (tomoyo_find_yesno(value, "reject_log")) { in tomoyo_set_mode()
1301 argv->value->name); in tomoyo_print_condition()
1311 if (envp->value) { in tomoyo_print_condition()
1313 tomoyo_set_string(head, envp->value->name); in tomoyo_print_condition()
|
| D | gc.c | 303 tomoyo_put_name(argv->value); in tomoyo_del_condition()
306 tomoyo_put_name(envp->value); in tomoyo_del_condition()
|
| /security/selinux/ss/ |
| D | policydb.h | 42 u32 value; /* permission bit + 1 */ member
47 u32 value; /* internal common value */ member
53 u32 value; /* class value */ member
78 u32 value; /* internal role value */ member
114 u32 value; /* internal type value */ member
122 u32 value; /* internal user value */ member
138 u32 value; /* internal category bit + 1 */ member
150 __u32 value; /* internal type value */ member
|
| D | policydb.c | 394 role->value = ++p->p_roles.nprim; in roles_init()
395 if (role->value != OBJECT_R_VAL) in roles_init()
561 if (!comdatum->value || comdatum->value > p->p_commons.nprim) in common_index()
564 p->sym_val_to_name[SYM_COMMONS][comdatum->value - 1] = key; in common_index()
576 if (!cladatum->value || cladatum->value > p->p_classes.nprim) in class_index()
579 p->sym_val_to_name[SYM_CLASSES][cladatum->value - 1] = key; in class_index()
580 p->class_val_to_struct[cladatum->value - 1] = cladatum; in class_index()
591 if (!role->value in role_index()
592 || role->value > p->p_roles.nprim in role_index()
596 p->sym_val_to_name[SYM_ROLES][role->value - 1] = key; in role_index()
[all …]
|
| D | mls.c | 320 catdatum->value - 1, 1); in mls_context_to_sid()
332 if (catdatum->value >= rngdatum->value) in mls_context_to_sid()
335 for (i = catdatum->value; i < rngdatum->value; i++) { in mls_context_to_sid()
479 catdatum->value - 1, 1); in mls_convert_context()
|
| D | services.c | 135 p_out->value = string_to_security_class(pol, p_in->name); in selinux_set_mapping()
136 if (!p_out->value) { in selinux_set_mapping()
153 p_out->perms[k] = string_to_av_perm(pol, p_out->value, in selinux_set_mapping()
187 return map->mapping[tclass].value; in unmap_class()
200 if (map->mapping[i].value == pol_value) in map_class()
456 BUG_ON(pdatum->value < 1 || pdatum->value > 32); in dump_masked_av_helper()
458 permission_names[pdatum->value - 1] = (char *)k; in dump_masked_av_helper()
1473 ctx->user = usrdatum->value; in string_to_context_struct()
1488 ctx->role = role->value; in string_to_context_struct()
1501 ctx->type = typdatum->value; in string_to_context_struct()
[all …]
|
| D | conditional.c | 192 if (!booldatum->value || booldatum->value > p->p_bools.nprim) in cond_index_bool()
195 p->sym_val_to_name[SYM_BOOLS][booldatum->value - 1] = key; in cond_index_bool()
196 p->bool_val_to_struct[booldatum->value - 1] = booldatum; in cond_index_bool()
224 booldatum->value = le32_to_cpu(buf[0]); in cond_read_bool()
460 buf[0] = cpu_to_le32(booldatum->value); in cond_write_bool()
708 cond_bool_array[booldatum->value - 1] = booldatum; in cond_bools_index()
|
| D | services.h | 14 u16 value; /* policy value for class */ member
|
| D | ebitmap.c | 278 int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value) in ebitmap_set_bit() argument
286 if (value) { in ebitmap_set_bit()
321 if (!value) in ebitmap_set_bit()
|
| D | ebitmap.h | 130 int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value);
|
| /security/keys/trusted-keys/ |
| D | trusted_tpm2.c | 131 const void *value, size_t vlen) in tpm2_key_parent() argument
134 const u8 *v = value; in tpm2_key_parent()
148 const void *value, size_t vlen) in tpm2_key_type() argument
150 enum OID oid = look_up_OID(value, vlen); in tpm2_key_type()
155 sprint_oid(value, vlen, buffer, sizeof(buffer)); in tpm2_key_type()
166 const void *value, size_t vlen) in tpm2_key_pub() argument
170 ctx->pub = value; in tpm2_key_pub()
178 const void *value, size_t vlen) in tpm2_key_priv() argument
182 ctx->priv = value; in tpm2_key_priv()
|
| /security/selinux/include/ |
| D | security.h | 133 static inline void enforcing_set(struct selinux_state *state, bool value) in enforcing_set() argument
135 WRITE_ONCE(state->enforcing, value); in enforcing_set()
143 static inline void enforcing_set(struct selinux_state *state, bool value) in enforcing_set() argument
153 static inline void checkreqprot_set(struct selinux_state *state, bool value) in checkreqprot_set() argument
155 WRITE_ONCE(state->checkreqprot, value); in checkreqprot_set()
|
| /security/selinux/ |
| D | Kconfig | 74 int "NSA SELinux checkreqprot default value"
79 This option sets the default value for the 'checkreqprot' flag
105 chain lengths are high (e.g. > 20) then selecting a higher value here
117 If unsure, keep the default value.
|
| /security/ |
| D | security.c | 1106 &lsm_xattr->value, in security_inode_init_security()
1117 for (xattr = new_xattrs; xattr->value != NULL; xattr++) in security_inode_init_security()
1118 kfree(xattr->value); in security_inode_init_security()
1133 void **value, size_t *len) in security_old_inode_init_security() argument
1138 qstr, name, value, len); in security_old_inode_init_security()
1354 const void *value, size_t size, int flags) in security_inode_setxattr() argument
1364 ret = call_int_hook(inode_setxattr, 1, mnt_userns, dentry, name, value, in security_inode_setxattr()
1368 ret = cap_inode_setxattr(dentry, name, value, size, flags); in security_inode_setxattr()
1371 ret = ima_inode_setxattr(dentry, name, value, size); in security_inode_setxattr()
1374 return evm_inode_setxattr(mnt_userns, dentry, name, value, size); in security_inode_setxattr()
[all …]
|
| D | Kconfig.hardening | 114 with a specific debug value. This is intended to eliminate
132 with a zero value. This is intended to eliminate all
162 the stack initialized to the poison value, which both reduces
190 If unsure, leave the default value 100.
|
| /security/apparmor/ |
| D | resource.c | 53 unsigned long value, struct aa_label *peer, in audit_resource() argument
59 aad(&sa)->rlim.max = value; in audit_resource()
|
| D | lsm.c | 598 char **value) in apparmor_getprocattr() argument
616 error = aa_getprocattr(label, value); in apparmor_getprocattr()
624 static int apparmor_setprocattr(const char *name, void *value, in apparmor_setprocattr() argument
627 char *command, *largs = NULL, *args = value; in apparmor_setprocattr()
641 memcpy(args, value, size); in apparmor_setprocattr()
654 arg_size = size - (args - (largs ? largs : (char *) value)); in apparmor_setprocattr()
1467 bool value; in param_set_aaintbool() local
1474 value = !!*((int *)kp->arg); in param_set_aaintbool()
1476 kp_local.arg = &value; in param_set_aaintbool()
1493 bool value; in param_get_aaintbool() local
[all …]
|
| D | domain.c | 317 char *value = NULL; in aa_xattrs_match() local
330 &value, value_size, GFP_KERNEL); in aa_xattrs_match()
341 state = aa_dfa_match_len(profile->xmatch, state, value, in aa_xattrs_match()
367 kfree(value); in aa_xattrs_match()
|
| /security/smack/ |
| D | smack_lsm.c | 956 void **value, size_t *len) in smack_inode_init_security() argument
968 if (value && len) { in smack_inode_init_security()
1000 *value = kstrdup(isp->smk_known, GFP_NOFS); in smack_inode_init_security()
1001 if (*value == NULL) in smack_inode_init_security()
1243 const void *value, size_t size, int flags) in smack_inode_setxattr() argument
1268 strncmp(value, TRANS_TRUE, TRANS_TRUE_SIZE) != 0) in smack_inode_setxattr()
1271 rc = cap_inode_setxattr(dentry, name, value, size, flags); in smack_inode_setxattr()
1277 skp = size ? smk_import_entry(value, size) : NULL; in smack_inode_setxattr()
1308 const void *value, size_t size, int flags) in smack_inode_post_setxattr() argument
1319 skp = smk_import_entry(value, size); in smack_inode_post_setxattr()
[all …]
|
| /security/integrity/evm/ |
| D | Kconfig | 23 Default value is 'selected', which is former version 2.
|