| /security/integrity/evm/ |
| D | evm_main.c | 137 static int evm_find_protected_xattrs(struct dentry *dentry) in evm_find_protected_xattrs() argument
139 struct inode *inode = d_backing_inode(dentry); in evm_find_protected_xattrs()
148 error = __vfs_getxattr(dentry, inode, xattr->name, NULL, 0); in evm_find_protected_xattrs()
173 static enum integrity_status evm_verify_hmac(struct dentry *dentry, in evm_verify_hmac() argument
193 rc = vfs_getxattr_alloc(&init_user_ns, dentry, XATTR_NAME_EVM, in evm_verify_hmac()
198 rc = evm_find_protected_xattrs(dentry); in evm_verify_hmac()
220 rc = evm_calc_hmac(dentry, xattr_name, xattr_value, in evm_verify_hmac()
241 rc = evm_calc_hash(dentry, xattr_name, xattr_value, in evm_verify_hmac()
249 inode = d_backing_inode(dentry); in evm_verify_hmac()
258 evm_update_evmxattr(dentry, xattr_name, in evm_verify_hmac()
[all …]
|
| D | evm_crypto.c | 210 static int evm_calc_hmac_or_hash(struct dentry *dentry, in evm_calc_hmac_or_hash() argument
216 struct inode *inode = d_backing_inode(dentry); in evm_calc_hmac_or_hash()
268 size = vfs_getxattr_alloc(&init_user_ns, dentry, xattr->name, in evm_calc_hmac_or_hash()
277 user_space_size = vfs_getxattr(&init_user_ns, dentry, in evm_calc_hmac_or_hash()
281 dentry->d_name.name, xattr->name, size, in evm_calc_hmac_or_hash()
307 int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name, in evm_calc_hmac() argument
311 return evm_calc_hmac_or_hash(dentry, req_xattr_name, req_xattr_value, in evm_calc_hmac()
315 int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name, in evm_calc_hash() argument
319 return evm_calc_hmac_or_hash(dentry, req_xattr_name, req_xattr_value, in evm_calc_hash()
323 static int evm_is_immutable(struct dentry *dentry, struct inode *inode) in evm_is_immutable() argument
[all …]
|
| D | evm.h | 53 int evm_update_evmxattr(struct dentry *dentry,
57 int evm_calc_hmac(struct dentry *dentry, const char *req_xattr_name,
60 int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
|
| D | evm_secfs.c | 19 static struct dentry *evm_dir;
20 static struct dentry *evm_init_tpm;
21 static struct dentry *evm_symlink;
24 static struct dentry *evm_xattrs;
|
| /security/ |
| D | inode.c | 107 static struct dentry *securityfs_create_dentry(const char *name, umode_t mode, in securityfs_create_dentry()
108 struct dentry *parent, void *data, in securityfs_create_dentry()
112 struct dentry *dentry; in securityfs_create_dentry() local
131 dentry = lookup_one_len(name, parent, strlen(name)); in securityfs_create_dentry()
132 if (IS_ERR(dentry)) in securityfs_create_dentry()
135 if (d_really_is_positive(dentry)) { in securityfs_create_dentry()
161 d_instantiate(dentry, inode); in securityfs_create_dentry()
162 dget(dentry); in securityfs_create_dentry()
164 return dentry; in securityfs_create_dentry()
167 dput(dentry); in securityfs_create_dentry()
[all …]
|
| D | security.c | 816 int security_quota_on(struct dentry *dentry) in security_quota_on() argument
818 return call_int_hook(quota_on, 0, dentry); in security_quota_on()
970 int security_sb_statfs(struct dentry *dentry) in security_sb_statfs() argument
972 return call_int_hook(sb_statfs, 0, dentry); in security_sb_statfs()
1069 int security_dentry_init_security(struct dentry *dentry, int mode, in security_dentry_init_security() argument
1073 return call_int_hook(dentry_init_security, -EOPNOTSUPP, dentry, mode, in security_dentry_init_security()
1078 int security_dentry_create_files_as(struct dentry *dentry, int mode, in security_dentry_create_files_as() argument
1082 return call_int_hook(dentry_create_files_as, 0, dentry, mode, in security_dentry_create_files_as()
1142 int security_path_mknod(const struct path *dir, struct dentry *dentry, umode_t mode, in security_path_mknod() argument
1145 if (unlikely(IS_PRIVATE(d_backing_inode(dir->dentry)))) in security_path_mknod()
[all …]
|
| D | commoncap.c | 296 int cap_inode_need_killpriv(struct dentry *dentry) in cap_inode_need_killpriv() argument
298 struct inode *inode = d_backing_inode(dentry); in cap_inode_need_killpriv()
301 error = __vfs_getxattr(dentry, inode, XATTR_NAME_CAPS, NULL, 0); in cap_inode_need_killpriv()
321 int cap_inode_killpriv(struct user_namespace *mnt_userns, struct dentry *dentry) in cap_inode_killpriv() argument
325 error = __vfs_removexattr(mnt_userns, dentry, XATTR_NAME_CAPS); in cap_inode_killpriv()
389 struct dentry *dentry; in cap_inode_getsecurity() local
395 dentry = d_find_any_alias(inode); in cap_inode_getsecurity()
396 if (!dentry) in cap_inode_getsecurity()
400 ret = (int)vfs_getxattr_alloc(mnt_userns, dentry, XATTR_NAME_CAPS, in cap_inode_getsecurity()
402 dput(dentry); in cap_inode_getsecurity()
[all …]
|
| D | lsm_audit.c | 237 inode = d_backing_inode(a->u.path.dentry); in dump_common_audit_data()
263 inode = a->u.op->path.dentry->d_inode; in dump_common_audit_data()
277 spin_lock(&a->u.dentry->d_lock); in dump_common_audit_data()
278 audit_log_untrustedstring(ab, a->u.dentry->d_name.name); in dump_common_audit_data()
279 spin_unlock(&a->u.dentry->d_lock); in dump_common_audit_data()
281 inode = d_backing_inode(a->u.dentry); in dump_common_audit_data()
290 struct dentry *dentry; in dump_common_audit_data() local
295 dentry = d_find_alias_rcu(inode); in dump_common_audit_data()
296 if (dentry) { in dump_common_audit_data()
298 spin_lock(&dentry->d_lock); in dump_common_audit_data()
[all …]
|
| /security/landlock/ |
| D | fs.c | 162 if (!d_is_dir(path->dentry) && in landlock_append_fs_rule()
170 object = get_inode_object(d_backing_inode(path->dentry)); in landlock_append_fs_rule()
193 const struct dentry *const dentry) in find_rule() argument
199 if (d_is_negative(dentry)) in find_rule()
202 inode = d_backing_inode(dentry); in find_rule()
282 if ((path->dentry->d_sb->s_flags & SB_NOUSER) || in check_access_path()
283 (d_is_positive(path->dentry) && in check_access_path()
284 unlikely(IS_PRIVATE(d_backing_inode(path->dentry))))) in check_access_path()
313 struct dentry *parent_dentry; in check_access_path()
315 allowed = unmask_layers(find_rule(domain, walker_path.dentry), in check_access_path()
[all …]
|
| /security/tomoyo/ |
| D | realpath.c | 103 struct inode *inode = d_backing_inode(path->dentry); in tomoyo_get_absolute_path()
125 static char *tomoyo_get_dentry_path(struct dentry *dentry, char * const buffer, in tomoyo_get_dentry_path() argument
131 pos = dentry_path_raw(dentry, buffer, buflen - 1); in tomoyo_get_dentry_path()
133 struct inode *inode = d_backing_inode(dentry); in tomoyo_get_dentry_path()
153 static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer, in tomoyo_get_local_path() argument
156 struct super_block *sb = dentry->d_sb; in tomoyo_get_local_path()
157 char *pos = tomoyo_get_dentry_path(dentry, buffer, buflen); in tomoyo_get_local_path()
242 struct dentry *dentry = path->dentry; in tomoyo_realpath_from_path() local
245 if (!dentry) in tomoyo_realpath_from_path()
247 sb = dentry->d_sb; in tomoyo_realpath_from_path()
[all …]
|
| D | tomoyo.c | 145 static int tomoyo_path_unlink(const struct path *parent, struct dentry *dentry) in tomoyo_path_unlink() argument
147 struct path path = { .mnt = parent->mnt, .dentry = dentry }; in tomoyo_path_unlink()
161 static int tomoyo_path_mkdir(const struct path *parent, struct dentry *dentry, in tomoyo_path_mkdir() argument
164 struct path path = { .mnt = parent->mnt, .dentry = dentry }; in tomoyo_path_mkdir()
178 static int tomoyo_path_rmdir(const struct path *parent, struct dentry *dentry) in tomoyo_path_rmdir() argument
180 struct path path = { .mnt = parent->mnt, .dentry = dentry }; in tomoyo_path_rmdir()
194 static int tomoyo_path_symlink(const struct path *parent, struct dentry *dentry, in tomoyo_path_symlink() argument
197 struct path path = { .mnt = parent->mnt, .dentry = dentry }; in tomoyo_path_symlink()
212 static int tomoyo_path_mknod(const struct path *parent, struct dentry *dentry, in tomoyo_path_mknod() argument
215 struct path path = { .mnt = parent->mnt, .dentry = dentry }; in tomoyo_path_mknod()
[all …]
|
| D | file.c | 713 .path1 = { .mnt = path->mnt, .dentry = path->dentry }, in tomoyo_path_number_perm()
720 == TOMOYO_CONFIG_DISABLED || !path->dentry) in tomoyo_path_number_perm()
761 .path1 = { .mnt = path->mnt, .dentry = path->dentry }, in tomoyo_check_open_permission()
807 .path1 = { .mnt = path->mnt, .dentry = path->dentry }, in tomoyo_path_perm()
864 .path1 = { .mnt = path->mnt, .dentry = path->dentry }, in tomoyo_mkdev_perm()
911 .path1 = { .mnt = path1->mnt, .dentry = path1->dentry }, in tomoyo_path2_perm()
912 .path2 = { .mnt = path2->mnt, .dentry = path2->dentry } in tomoyo_path2_perm()
928 if (!d_is_dir(path1->dentry)) in tomoyo_path2_perm()
|
| D | condition.c | 716 struct dentry *dentry = NULL; in tomoyo_get_attributes() local
723 dentry = obj->path1.dentry; in tomoyo_get_attributes()
724 if (!dentry) in tomoyo_get_attributes()
728 dentry = obj->path2.dentry; in tomoyo_get_attributes()
729 if (!dentry) in tomoyo_get_attributes()
733 if (!dentry) in tomoyo_get_attributes()
735 dentry = dget_parent(dentry); in tomoyo_get_attributes()
738 inode = d_backing_inode(dentry); in tomoyo_get_attributes()
751 dput(dentry); in tomoyo_get_attributes()
|
| /security/integrity/ima/ |
| D | ima_appraise.c | 85 static int ima_fix_xattr(struct dentry *dentry, in ima_fix_xattr() argument
99 rc = __vfs_setxattr_noperm(&init_user_ns, dentry, XATTR_NAME_IMA, in ima_fix_xattr()
216 int ima_read_xattr(struct dentry *dentry, in ima_read_xattr() argument
221 ret = vfs_getxattr_alloc(&init_user_ns, dentry, XATTR_NAME_IMA, in ima_read_xattr()
384 struct dentry *dentry = file_dentry(file); in ima_appraise_measurement() local
385 struct inode *inode = d_backing_inode(dentry); in ima_appraise_measurement()
411 status = evm_verifyxattr(dentry, XATTR_NAME_IMA, xattr_value, in ima_appraise_measurement()
469 if (!ima_fix_xattr(dentry, iint)) in ima_appraise_measurement()
497 struct dentry *dentry = file_dentry(file); in ima_update_xattr() local
513 ima_fix_xattr(dentry, iint); in ima_update_xattr()
[all …]
|
| D | ima_fs.c | 359 static struct dentry *ima_dir;
360 static struct dentry *ima_symlink;
361 static struct dentry *binary_runtime_measurements;
362 static struct dentry *ascii_runtime_measurements;
363 static struct dentry *runtime_measurements_count;
364 static struct dentry *violations;
365 static struct dentry *ima_policy;
|
| /security/apparmor/ |
| D | apparmorfs.c | 147 static int aafs_show_path(struct seq_file *seq, struct dentry *dentry) in aafs_show_path() argument
149 seq_printf(seq, "%s:[%lu]", AAFS_NAME, d_inode(dentry)->i_ino); in aafs_show_path()
211 static int __aafs_setup_d_inode(struct inode *dir, struct dentry *dentry, in __aafs_setup_d_inode() argument
219 AA_BUG(!dentry); in __aafs_setup_d_inode()
239 d_instantiate(dentry, inode); in __aafs_setup_d_inode()
240 dget(dentry); in __aafs_setup_d_inode()
261 static struct dentry *aafs_create(const char *name, umode_t mode, in aafs_create()
262 struct dentry *parent, void *data, void *link, in aafs_create()
266 struct dentry *dentry; in aafs_create() local
283 dentry = lookup_one_len(name, parent, strlen(name)); in aafs_create()
[all …]
|
| D | lsm.c | 229 i_uid_into_mnt(mnt_userns, d_backing_inode(path->dentry)), in common_perm_cond()
230 d_backing_inode(path->dentry)->i_mode in common_perm_cond()
233 if (!path_mediated_fs(path->dentry)) in common_perm_cond()
250 struct dentry *dentry, u32 mask, in common_perm_dir_dentry() argument
253 struct path path = { .mnt = dir->mnt, .dentry = dentry }; in common_perm_dir_dentry()
268 struct dentry *dentry, u32 mask) in common_perm_rm() argument
270 struct inode *inode = d_backing_inode(dentry); in common_perm_rm()
274 if (!inode || !path_mediated_fs(dentry)) in common_perm_rm()
280 return common_perm_dir_dentry(op, dir, dentry, mask, &cond); in common_perm_rm()
294 struct dentry *dentry, u32 mask, umode_t mode) in common_perm_create() argument
[all …]
|
| D | path.c | 99 res = dentry_path(path->dentry, buf, buflen); in d_namespace_path()
105 if (path->dentry->d_sb->s_magic == PROC_SUPER_MAGIC && in d_namespace_path()
140 res = dentry_path_raw(path->dentry, buf, buflen); in d_namespace_path()
160 if (d_unlinked(path->dentry) && d_is_positive(path->dentry) && in d_namespace_path()
|
| D | file.c | 150 static inline bool is_deleted(struct dentry *dentry) in is_deleted() argument
152 if (d_unlinked(dentry) && d_backing_inode(dentry)->i_nlink == 0) in is_deleted()
457 int aa_path_link(struct aa_label *label, struct dentry *old_dentry, in aa_path_link()
458 const struct path *new_dir, struct dentry *new_dentry) in aa_path_link()
460 struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry }; in aa_path_link()
461 struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry }; in aa_path_link()
633 if (file->f_path.mnt && path_mediated_fs(file->f_path.dentry)) in aa_file_perm()
|
| /security/selinux/ |
| D | selinuxfs.c | 71 struct dentry *bool_dir;
75 struct dentry *class_dir;
78 struct dentry *policycap_dir;
355 static int sel_make_bools(struct selinux_policy *newpolicy, struct dentry *bool_dir,
359 struct dentry *class_dir,
363 static struct dentry *sel_make_dir(struct dentry *dir, const char *name,
367 static struct dentry *sel_make_disconnected_dir(struct super_block *sb,
371 static void sel_remove_entries(struct dentry *de);
543 struct dentry *tmp_parent, *tmp_bool_dir, *tmp_class_dir, *old_dentry; in sel_make_policy_nodes()
1273 const char *name = filep->f_path.dentry->d_name.name; in sel_read_bool()
[all …]
|
| D | hooks.c | 258 static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dentry);
267 struct dentry *dentry, in __inode_security_revalidate() argument
284 inode_doinit_with_dentry(inode, dentry); in __inode_security_revalidate()
313 static struct inode_security_struct *backing_inode_security_novalidate(struct dentry *dentry) in backing_inode_security_novalidate() argument
315 struct inode *inode = d_backing_inode(dentry); in backing_inode_security_novalidate()
323 static struct inode_security_struct *backing_inode_security(struct dentry *dentry) in backing_inode_security() argument
325 struct inode *inode = d_backing_inode(dentry); in backing_inode_security()
327 __inode_security_revalidate(inode, dentry, true); in backing_inode_security()
500 struct dentry *root = sb->s_root; in sb_check_xattr_support()
549 struct dentry *root = sb->s_root; in sb_finish_set_opts()
[all …]
|
| /security/apparmor/include/ |
| D | apparmorfs.h | 28 struct dentry *dentry; member
111 int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent);
113 int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name,
114 struct dentry *dent);
|
| D | lib.h | 92 static inline bool path_mediated_fs(struct dentry *dentry) in path_mediated_fs() argument
94 return !(dentry->d_sb->s_flags & SB_NOUSER); in path_mediated_fs()
|
| /security/lockdown/ |
| D | lockdown.c | 151 struct dentry *dentry; in lockdown_secfs_init() local
153 dentry = securityfs_create_file("lockdown", 0644, NULL, NULL, in lockdown_secfs_init()
155 return PTR_ERR_OR_ZERO(dentry); in lockdown_secfs_init()
|
| /security/smack/ |
| D | smack_lsm.c | 279 struct dentry *dp) in smk_fetch()
756 struct dentry *root = sb->s_root; in smack_set_mnt_opts()
855 static int smack_sb_statfs(struct dentry *dentry) in smack_sb_statfs() argument
857 struct superblock_smack *sbp = smack_superblock(dentry->d_sb); in smack_sb_statfs()
862 smk_ad_setfield_u_fs_path_dentry(&ad, dentry); in smack_sb_statfs()
1018 static int smack_inode_link(struct dentry *old_dentry, struct inode *dir, in smack_inode_link()
1019 struct dentry *new_dentry) in smack_inode_link()
1050 static int smack_inode_unlink(struct inode *dir, struct dentry *dentry) in smack_inode_unlink() argument
1052 struct inode *ip = d_backing_inode(dentry); in smack_inode_unlink()
1057 smk_ad_setfield_u_fs_path_dentry(&ad, dentry); in smack_inode_unlink()
[all …]
|