| /security/tomoyo/ |
| D | file.c | 258 if (acl->perm & (1 << r->param.path.operation)) { in tomoyo_check_path_acl()
281 return (acl->perm & (1 << r->param.path_number.operation)) && in tomoyo_check_path_number_acl()
302 return (acl->perm & (1 << r->param.path2.operation)) && in tomoyo_check_path2_acl()
322 return (acl->perm & (1 << r->param.mkdev.operation)) && in tomoyo_check_mkdev_acl()
364 ->perm; in tomoyo_merge_path_acl()
365 u16 perm = READ_ONCE(*a_perm); in tomoyo_merge_path_acl() local
366 const u16 b_perm = container_of(b, struct tomoyo_path_acl, head)->perm; in tomoyo_merge_path_acl()
369 perm &= ~b_perm; in tomoyo_merge_path_acl()
371 perm |= b_perm; in tomoyo_merge_path_acl()
372 WRITE_ONCE(*a_perm, perm); in tomoyo_merge_path_acl()
[all …]
|
| D | network.c | 235 &container_of(a, struct tomoyo_inet_acl, head)->perm; in tomoyo_merge_inet_acl()
236 u8 perm = READ_ONCE(*a_perm); in tomoyo_merge_inet_acl() local
237 const u8 b_perm = container_of(b, struct tomoyo_inet_acl, head)->perm; in tomoyo_merge_inet_acl()
240 perm &= ~b_perm; in tomoyo_merge_inet_acl()
242 perm |= b_perm; in tomoyo_merge_inet_acl()
243 WRITE_ONCE(*a_perm, perm); in tomoyo_merge_inet_acl()
244 return !perm; in tomoyo_merge_inet_acl()
261 &container_of(a, struct tomoyo_unix_acl, head)->perm; in tomoyo_merge_unix_acl()
262 u8 perm = READ_ONCE(*a_perm); in tomoyo_merge_unix_acl() local
263 const u8 b_perm = container_of(b, struct tomoyo_unix_acl, head)->perm; in tomoyo_merge_unix_acl()
[all …]
|
| D | util.c | 1058 u16 perm; in tomoyo_domain_quota_is_ok() local
1069 perm = data_race(container_of(ptr, struct tomoyo_path_acl, head)->perm); in tomoyo_domain_quota_is_ok()
1072 perm = data_race(container_of(ptr, struct tomoyo_path2_acl, head)->perm); in tomoyo_domain_quota_is_ok()
1075 perm = data_race(container_of(ptr, struct tomoyo_path_number_acl, head) in tomoyo_domain_quota_is_ok()
1076 ->perm); in tomoyo_domain_quota_is_ok()
1079 perm = data_race(container_of(ptr, struct tomoyo_mkdev_acl, head)->perm); in tomoyo_domain_quota_is_ok()
1082 perm = data_race(container_of(ptr, struct tomoyo_inet_acl, head)->perm); in tomoyo_domain_quota_is_ok()
1085 perm = data_race(container_of(ptr, struct tomoyo_unix_acl, head)->perm); in tomoyo_domain_quota_is_ok()
1088 perm = 0; in tomoyo_domain_quota_is_ok()
1091 perm = 1; in tomoyo_domain_quota_is_ok()
[all …]
|
| D | common.c | 1399 const u16 perm = ptr->perm; in tomoyo_print_entry() local
1402 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1430 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1433 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1451 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1454 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1472 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1475 if (!(perm & (1 << bit))) in tomoyo_print_entry()
1495 const u8 perm = ptr->perm; in tomoyo_print_entry() local
1498 if (!(perm & (1 << bit))) in tomoyo_print_entry()
[all …]
|
| D | common.h | 711 u16 perm; /* Bitmask of values in "enum tomoyo_path_acl_index". */ member
722 u8 perm; member
730 u8 perm; /* Bitmask of values in "enum tomoyo_mkdev_acl_index". */ member
742 u8 perm; /* Bitmask of values in "enum tomoyo_path2_acl_index". */ member
766 u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ member
775 u8 perm; /* Bitmask of values in "enum tomoyo_network_acl_index" */ member
|
| D | tomoyo.c | 217 const unsigned int perm = mode & S_IALLUGO; in tomoyo_path_mknod() local
229 return tomoyo_mkdev_perm(type, &path, perm, dev); in tomoyo_path_mknod()
239 return tomoyo_path_number_perm(type, &path, perm); in tomoyo_path_mknod()
|
| /security/integrity/ |
| D | digsig.c | 99 key_perm_t perm, in __integrity_init_keyring() argument
106 KGIDT_INIT(0), cred, perm, in __integrity_init_keyring()
128 key_perm_t perm; in integrity_init_keyring() local
131 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW in integrity_init_keyring()
155 perm |= KEY_USR_WRITE; in integrity_init_keyring()
158 ret = __integrity_init_keyring(id, perm, restriction); in integrity_init_keyring()
165 off_t size, key_perm_t perm) in integrity_add_key() argument
174 NULL, data, size, perm, in integrity_add_key()
194 key_perm_t perm; in integrity_load_x509() local
204 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW | KEY_USR_READ; in integrity_load_x509()
[all …]
|
| D | integrity.h | 205 const void *data, size_t len, key_perm_t perm);
229 key_perm_t perm) in integrity_load_cert() argument
|
| /security/selinux/ |
| D | nlmsgtab.c | 25 u32 perm; member
154 static int nlmsg_perm(u16 nlmsg_type, u32 *perm, const struct nlmsg_perm *tab, size_t tabsize) in nlmsg_perm() argument
160 *perm = tab[i].perm; in nlmsg_perm()
168 int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm) in selinux_nlmsg_lookup() argument
180 err = nlmsg_perm(nlmsg_type, perm, nlmsg_route_perms, in selinux_nlmsg_lookup()
185 err = nlmsg_perm(nlmsg_type, perm, nlmsg_tcpdiag_perms, in selinux_nlmsg_lookup()
195 err = nlmsg_perm(nlmsg_type, perm, nlmsg_xfrm_perms, in selinux_nlmsg_lookup()
204 *perm = NETLINK_AUDIT_SOCKET__NLMSG_RELAY; in selinux_nlmsg_lookup()
206 err = nlmsg_perm(nlmsg_type, perm, nlmsg_audit_perms, in selinux_nlmsg_lookup()
220 static void nlmsg_set_perm_for_type(u32 perm, u16 type) in nlmsg_set_perm_for_type() argument
[all …]
|
| D | avc.c | 204 u8 perm, u8 which) in avc_xperms_has_perm() argument
210 rc = security_xperm_test(xpd->allowed->p, perm); in avc_xperms_has_perm()
213 rc = security_xperm_test(xpd->auditallow->p, perm); in avc_xperms_has_perm()
216 rc = security_xperm_test(xpd->dontaudit->p, perm); in avc_xperms_has_perm()
221 u8 driver, u8 perm) in avc_xperms_allow_perm() argument
227 security_xperm_set(xpd->allowed->p, perm); in avc_xperms_allow_perm()
278 static inline void avc_quick_copy_xperms_decision(u8 perm, in avc_quick_copy_xperms_decision() argument
286 u8 i = perm >> 5; in avc_quick_copy_xperms_decision()
393 u8 perm, in avc_xperms_audit_required() argument
403 if (avc_xperms_has_perm(xpd, perm, XPERMS_DONTAUDIT)) in avc_xperms_audit_required()
[all …]
|
| D | netlabel.c | 438 u32 perm; in selinux_netlbl_sock_rcv_skb() local
457 perm = UDP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb()
460 perm = TCP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb()
463 perm = RAWIP_SOCKET__RECVFROM; in selinux_netlbl_sock_rcv_skb()
467 sksec->sid, nlbl_sid, sksec->sclass, perm, ad); in selinux_netlbl_sock_rcv_skb()
|
| D | hooks.c | 1547 u32 perm = 0; in signal_to_av() local
1552 perm = PROCESS__SIGCHLD; in signal_to_av()
1556 perm = PROCESS__SIGKILL; in signal_to_av()
1560 perm = PROCESS__SIGSTOP; in signal_to_av()
1564 perm = PROCESS__SIGNAL; in signal_to_av()
1568 return perm; in signal_to_av()
3349 u32 perm; in selinux_path_notify() local
3362 perm = FILE__WATCH_MOUNT; in selinux_path_notify()
3365 perm = FILE__WATCH_SB; in selinux_path_notify()
3372 perm = FILE__WATCH; in selinux_path_notify()
[all …]
|
| /security/keys/ |
| D | permission.c | 55 kperm = key->perm >> 16; in key_task_permission()
61 if (gid_valid(key->gid) && key->perm & KEY_GRP_ALL) { in key_task_permission()
63 kperm = key->perm >> 8; in key_task_permission()
69 kperm = key->perm >> 8; in key_task_permission()
75 kperm = key->perm; in key_task_permission()
83 kperm |= key->perm >> 24; in key_task_permission()
|
| D | key.c | 227 key_perm_t perm, unsigned long flags, in key_alloc() argument
296 key->perm = perm; in key_alloc()
816 key_perm_t perm, in key_create_or_update() argument
915 if (perm == KEY_PERM_UNDEF) { in key_create_or_update()
916 perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; in key_create_or_update()
917 perm |= KEY_USR_VIEW; in key_create_or_update()
920 perm |= KEY_POS_READ; in key_create_or_update()
924 perm |= KEY_POS_WRITE; in key_create_or_update()
929 cred->fsuid, cred->fsgid, cred, perm, flags, NULL); in key_create_or_update()
|
| D | request_key.c | 377 key_perm_t perm; in construct_alloc_key() local
387 perm = KEY_POS_VIEW | KEY_POS_SEARCH | KEY_POS_LINK | KEY_POS_SETATTR; in construct_alloc_key()
388 perm |= KEY_USR_VIEW; in construct_alloc_key()
390 perm |= KEY_POS_READ; in construct_alloc_key()
393 perm |= KEY_POS_WRITE; in construct_alloc_key()
397 perm, flags, NULL); in construct_alloc_key()
|
| D | proc.c | 180 if (key->perm & KEY_POS_VIEW) { in proc_keys_show()
237 key->perm, in proc_keys_show()
|
| D | keyctl.c | 685 key->perm); in keyctl_describe_key()
1072 long keyctl_setperm_key(key_serial_t id, key_perm_t perm) in keyctl_setperm_key() argument
1079 if (perm & ~(KEY_POS_ALL | KEY_USR_ALL | KEY_GRP_ALL | KEY_OTH_ALL)) in keyctl_setperm_key()
1097 key->perm = perm; in keyctl_setperm_key()
|
| D | gc.c | 236 key->perm = 0; in key_garbage_collector()
|
| /security/integrity/platform_certs/ |
| D | machine_keyring.c | 28 key_perm_t perm; in add_to_machine_keyring() local
31 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW; in add_to_machine_keyring()
32 rc = integrity_load_cert(INTEGRITY_KEYRING_MACHINE, source, data, len, perm); in add_to_machine_keyring()
41 data, len, perm); in add_to_machine_keyring()
|
| D | platform_keyring.c | 29 key_perm_t perm; in add_to_platform_keyring() local
32 perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW; in add_to_platform_keyring()
35 perm); in add_to_platform_keyring()
|
| /security/apparmor/ |
| D | lib.c | 205 unsigned int i, perm = 1; in aa_perm_mask_to_str() local
208 for (i = 0; i < num_chrs; perm <<= 1, i++) { in aa_perm_mask_to_str()
209 if (mask & perm) { in aa_perm_mask_to_str()
225 unsigned int i, perm = 1; in aa_audit_perm_names() local
228 for (i = 0; i < 32; perm <<= 1, i++) { in aa_audit_perm_names()
229 if (mask & perm) { in aa_audit_perm_names()
|
| D | domain.c | 331 u32 perm; in aa_xattrs_match() local
342 perm = dfa_user_allow(profile->xmatch, state); in aa_xattrs_match()
343 if (!(perm & MAY_EXEC)) { in aa_xattrs_match()
418 u32 perm; in find_attach() local
422 perm = dfa_user_allow(profile->xmatch, state); in find_attach()
424 if (perm & MAY_EXEC) { in find_attach()
|
| /security/selinux/include/ |
| D | avc.h | 156 u8 driver, u8 perm, struct common_audit_data *ad);
|
| D | security.h | 476 extern int selinux_nlmsg_lookup(u16 sclass, u16 nlmsg_type, u32 *perm);
|
| /security/smack/ |
| D | smackfs.c | 263 int perm = 0; in smk_perm_from_str() local
272 perm |= MAY_READ; in smk_perm_from_str()
276 perm |= MAY_WRITE; in smk_perm_from_str()
280 perm |= MAY_EXEC; in smk_perm_from_str()
284 perm |= MAY_APPEND; in smk_perm_from_str()
288 perm |= MAY_TRANSMUTE; in smk_perm_from_str()
292 perm |= MAY_LOCK; in smk_perm_from_str()
296 perm |= MAY_BRINGUP; in smk_perm_from_str()
299 return perm; in smk_perm_from_str()
|