/security/keys/ |
H A D | permission.c | 17 * key_task_permission - Check a key can be used 18 * @key_ref: The key to check. 22 * Check to see whether permission is granted to use a key in the desired way, 33 struct key *key; local 37 key = key_ref_to_ptr(key_ref); 40 if (uid_eq(key->uid, cred->fsuid)) { 41 kperm = key->perm >> 16; 47 if (gid_valid(key->gid) && key 89 key_validate(const struct key *key) argument [all...] |
H A D | big_key.c | 1 /* Large capacity key type 46 * Preparse a big key 69 * TODO: Encrypt the stored data with a temporary key. 85 /* Pin the mount and dentry to the key so that we can open it again 122 * - called with the key sem write-locked 124 void big_key_revoke(struct key *key) argument 126 struct path *path = (struct path *)&key->payload.data2; 129 key_payload_reserve(key, 0); 130 if (key_is_instantiated(key) 137 big_key_destroy(struct key *key) argument 153 big_key_describe(const struct key *key, struct seq_file *m) argument 169 big_key_read(const struct key *key, char __user *buffer, size_t buflen) argument [all...] |
H A D | user_defined.c | 1 /* user_defined.c: user defined key type 42 * This key type is essentially the same as key_type_user, but it does 61 * Preparse a user defined key payload 85 * Free a preparse of a user defined key payload 94 * update a user defined key 95 * - the key's semaphore is write-locked 97 int user_update(struct key *key, struct key_preparsed_payload *prep) argument 119 ret = key_payload_reserve(key, datalen); 123 zap = key 141 user_revoke(struct key *key) argument 159 user_destroy(struct key *key) argument 171 user_describe(const struct key *key, struct seq_file *m) argument 184 user_read(const struct key *key, char __user *buffer, size_t buflen) argument [all...] |
H A D | gc.c | 19 * Delay between key revocation/expiry in seconds 39 #define KEY_GC_KEY_EXPIRED 0 /* A key expired and needs unlinking */ 45 * Any key whose type gets unregistered will be re-typed to this if it can't be 84 * Some key's cleanup time was met after it expired, so we need to get the 130 struct key *key = local 131 list_entry(keys->next, struct key, graveyard_link); 132 list_del(&key->graveyard_link); 134 kdebug("- %u", key->serial); 135 key_check(key); 186 struct key *key; local [all...] |
H A D | request_key_auth.c | 1 /* Request key authorisation token key definition. 11 * See Documentation/security/keys-request-key.txt 25 static int request_key_auth_instantiate(struct key *, 27 static void request_key_auth_describe(const struct key *, struct seq_file *); 28 static void request_key_auth_revoke(struct key *); 29 static void request_key_auth_destroy(struct key *); 30 static long request_key_auth_read(const struct key *, char __user *, size_t); 33 * The request-key authorisation key typ 59 request_key_auth_instantiate(struct key *key, struct key_preparsed_payload *prep) argument 69 request_key_auth_describe(const struct key *key, struct seq_file *m) argument 84 request_key_auth_read(const struct key *key, char __user *buffer, size_t buflen) argument 111 request_key_auth_revoke(struct key *key) argument 126 request_key_auth_destroy(struct key *key) argument [all...] |
H A D | internal.h | 1 /* Authentication token and access key management internal defs 16 #include <linux/key-type.h> 91 extern int __key_link_begin(struct key *keyring, 94 extern int __key_link_check_live_key(struct key *keyring, struct key *key); 95 extern void __key_link(struct key *key, struct assoc_array_edit **_edit); 96 extern void __key_link_end(struct key *keyring, 103 extern struct key *keyring_search_instke 207 key_is_dead(const struct key *key, time_t limit) argument 265 key_check(const struct key *key) argument [all...] |
H A D | proc.c | 1 /* procfs files for key database enumeration 76 p = proc_create("key-users", 0, NULL, &proc_key_users_fops); 78 panic("Cannot create /proc/key-users\n"); 97 struct key *key = rb_entry(n, struct key, serial_node); local 98 if (kuid_has_mapping(user_ns, key->user->uid)) 110 static struct key *find_ge_key(struct seq_file *p, key_serial_t id) 114 struct key *minkey = NULL; 117 struct key *ke local 148 struct key *key; local 163 struct key *key = rb_entry(n, struct key, serial_node); local 186 struct key *key = rb_entry(_p, struct key, serial_node); local [all...] |
H A D | process_keys.c | 47 struct key *uid_keyring, *session_keyring; 133 struct key *keyring; 176 struct key *keyring; 219 int install_session_keyring_to_cred(struct cred *cred, struct key *keyring) 222 struct key *old; 255 static int install_session_keyring(struct key *keyring) 303 * matching key. 308 * parameter to the key's description. 315 * Returns a pointer to the key with the key usag 492 lookup_user_key_possessed(const struct key *key, const struct key_match_data *match_data) argument 525 struct key *key; local [all...] |
H A D | request_key.c | 1 /* Request a key from userspace 11 * See Documentation/security/keys-request-key.txt 22 #define key_negative_timeout 60 /* default timeout on a negative key's existence */ 25 * complete_request_key - Complete the construction of a key. 26 * @cons: The key construction record. 29 * Complete the attempt to construct a key. The key will be negated 30 * if an error is indicated. The authorisation key will be revoked 35 kenter("{%d,%d},%d", cons->key->serial, cons->authkey->serial, error); 38 key_negate_and_link(cons->key, key_negative_timeou 100 struct key *key = cons->key, *authkey = cons->authkey, *keyring, local 203 construct_key(struct key *key, const void *callout_info, size_t callout_len, void *aux, struct key *dest_keyring) argument 337 struct key *key; local 437 struct key *key; local 522 struct key *key; local 585 wait_for_key_construction(struct key *key, bool intr) argument 619 struct key *key; local 658 struct key *key; local [all...] |
H A D | key.c | 1 /* Basic authentication token and access key management 30 unsigned int key_quota_root_maxkeys = 1000000; /* root's key count quota */ 31 unsigned int key_quota_root_maxbytes = 25000000; /* root's key space quota */ 32 unsigned int key_quota_maxkeys = 200; /* general key count quota */ 33 unsigned int key_quota_maxbytes = 20000; /* general key space quota */ 38 /* We serialise key instantiation and link */ 42 void __key_check(const struct key *key) argument 44 printk("__key_check: key %p {%08x} should be {%08x}\n", 45 key, ke 137 key_alloc_serial(struct key *key) argument 229 struct key *key; local 364 key_payload_reserve(struct key *key, size_t datalen) argument 404 __key_instantiate_and_link(struct key *key, struct key_preparsed_payload *prep, struct key *keyring, struct key *authkey, struct assoc_array_edit **_edit) argument 473 key_instantiate_and_link(struct key *key, const void *data, size_t datalen, struct key *keyring, struct key *authkey) argument 534 key_reject_and_link(struct key *key, unsigned timeout, unsigned error, struct key *keyring, struct key *authkey) argument 602 key_put(struct key *key) argument 619 struct key *key; local 681 key_set_timeout(struct key *key, unsigned timeout) argument 718 struct key *key = key_ref_to_ptr(key_ref); local 789 struct key *keyring, *key = NULL; local 931 struct key *key = key_ref_to_ptr(key_ref); local 982 key_revoke(struct key *key) argument 1018 key_invalidate(struct key *key) argument 1043 generic_key_instantiate(struct key *key, struct key_preparsed_payload *prep) argument [all...] |
H A D | keyctl.c | 1 /* Userspace key control operations 17 #include <linux/key.h> 49 * Extract the description of a new key from userspace and either add it as a 50 * new key to the specified keyring or update a matching key in that keyring. 52 * If the description is NULL or an empty string, the key type is asked to 55 * The keyring must be writable so that we can attach the key to it. 57 * If successful, the new key's serial number is returned, otherwise an error 126 /* create or update the requested key and add it to the target 153 * matching key 170 struct key *key; local 565 struct key *key, *instkey; local 729 struct key *key; local 796 struct key *key; local 912 struct key *key; local 986 keyctl_change_reqkey_auth(struct key *key) argument 1326 struct key *key, *instkey; local 1429 struct key *key, *instkey; local [all...] |
H A D | keyring.c | 26 * When plumbing the depths of the key tree, this sets a hard limit 46 static inline struct key *keyring_ptr_to_key(const struct assoc_array_ptr *x) 49 return (struct key *)((unsigned long)object & ~KEYRING_PTR_SUBTYPE); 51 static inline void *keyring_key_to_ptr(struct key *key) argument 53 if (key->type == &key_type_keyring) 54 return (void *)((unsigned long)key | KEYRING_PTR_SUBTYPE); 55 return key; 72 * The keyring key type definition. Keyrings are simply keys of this type and 78 static int keyring_instantiate(struct key *keyrin 274 const struct key *key = keyring_ptr_to_key(object); local 281 const struct key *key = keyring_ptr_to_key(object); local 427 const struct key *key = keyring_ptr_to_key(object); local 516 key_default_cmp(const struct key *key, const struct key_match_data *match_data) argument 528 const struct key *key = keyring_ptr_to_key(object); local 624 struct key *key; local 902 key_ref_t key; local 936 struct key *keyring, *key; local 1029 const struct key *key = keyring_ptr_to_key(object); local 1142 __key_link_check_live_key(struct key *keyring, struct key *key) argument 1159 __key_link(struct key *key, struct assoc_array_edit **_edit) argument 1212 key_link(struct key *keyring, struct key *key) argument 1257 key_unlink(struct key *keyring, struct key *key) argument 1342 struct key *key = keyring_ptr_to_key(object); local 1353 const struct key *key = keyring_ptr_to_key(object); local [all...] |
H A D | trusted.c | 23 #include <linux/key-type.h> 76 static int TSS_rawhmac(unsigned char *digest, const unsigned char *key, argument 91 ret = crypto_shash_setkey(hmacalg, key, keylen); 123 static int TSS_authhmac(unsigned char *digest, const unsigned char *key, argument 163 ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE, 177 const unsigned char *key, 239 ret = TSS_rawhmac(testhmac, key, keylen, SHA1_DIGEST_SIZE, paramdigest, 354 * For key specific tpm requests, we will generate and send our 372 * Lock a trusted key, by extending a selected PCR. 374 * Prevents a trusted key tha 174 TSS_checkhmac1(unsigned char *buffer, const uint32_t command, const unsigned char *ononce, const unsigned char *key, unsigned int keylen, ...) argument 393 osap(struct tpm_buf *tb, struct osapsess *s, const unsigned char *key, uint16_t type, uint32_t handle) argument 875 trusted_payload_alloc(struct key *key) argument 898 trusted_instantiate(struct key *key, struct key_preparsed_payload *prep) argument 985 trusted_update(struct key *key, struct key_preparsed_payload *prep) argument 1054 trusted_read(const struct key *key, char __user *buffer, size_t buflen) argument 1085 trusted_destroy(struct key *key) argument [all...] |
/security/integrity/ |
H A D | digsig_asymmetric.c | 17 #include <linux/key-type.h> 24 * Request an asymmetric key. 26 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) 28 struct key *key; local 33 pr_debug("key search: \"%s\"\n", name); 41 key = ERR_CAST(kref); 43 key = key_ref_to_ptr(kref); 45 key 72 struct key *key; local [all...] |
/security/selinux/ss/ |
H A D | hashtab.h | 3 * key values and datum values. The type of the key values 5 * functions for hash computation and key comparison are 16 void *key; member in struct:hashtab_node 25 u32 (*hash_value)(struct hashtab *h, const void *key); 28 /* key comparison function */ 42 struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, const void *key), 47 * Inserts the specified (key, datum) pair into the specified hash table. 50 * -EEXIST if there is already an entry with the same key, 57 * Searches for the entry with the specified key i [all...] |
H A D | symtab.c | 11 static unsigned int symhash(struct hashtab *h, const void *key) argument 18 keyp = key;
|
H A D | hashtab.c | 12 struct hashtab *hashtab_create(u32 (*hash_value)(struct hashtab *h, const void *key), argument 39 int hashtab_insert(struct hashtab *h, void *key, void *datum) argument 49 hvalue = h->hash_value(h, key); 52 while (cur && h->keycmp(h, key, cur->key) > 0) { 57 if (cur && (h->keycmp(h, key, cur->key) == 0)) 63 newnode->key = key; 77 void *hashtab_search(struct hashtab *h, const void *key) argument [all...] |
H A D | avtab.c | 38 struct avtab_key *key, struct avtab_datum *datum) 45 newnode->key = *key; 47 if (key->specified & AVTAB_OP) { 71 static int avtab_insert(struct avtab *h, struct avtab_key *key, struct avtab_datum *datum) argument 75 u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); 80 hvalue = avtab_hash(key, h->mask); 84 if (key->source_type == cur->key.source_type && 85 key 36 avtab_insert_node(struct avtab *h, int hvalue, struct avtab_node *prev, struct avtab_node *cur, struct avtab_key *key, struct avtab_datum *datum) argument 115 avtab_insert_nonunique(struct avtab *h, struct avtab_key *key, struct avtab_datum *datum) argument 145 avtab_search(struct avtab *h, struct avtab_key *key) argument 180 avtab_search_node(struct avtab *h, struct avtab_key *key) argument 360 struct avtab_key key; local [all...] |
H A D | avtab.h | 71 struct avtab_key key; member in struct:avtab_node 100 struct avtab_node *avtab_insert_nonunique(struct avtab *h, struct avtab_key *key, 103 struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_key *key);
|
H A D | conditional.c | 103 cur->node->key.specified &= ~AVTAB_ENABLED; 105 cur->node->key.specified |= AVTAB_ENABLED; 111 cur->node->key.specified &= ~AVTAB_ENABLED; 113 cur->node->key.specified |= AVTAB_ENABLED; 186 int cond_destroy_bool(void *key, void *datum, void *p) argument 188 kfree(key); 193 int cond_index_bool(void *key, void *datum, void *datap) argument 206 if (flex_array_put_ptr(fa, booldatum->value - 1, key, 223 char *key = NULL; local 247 key 495 char *key = vkey; local 617 cond_compute_operation(struct avtab *ctab, struct avtab_key *key, struct operation_decision *od) argument 636 cond_compute_av(struct avtab *ctab, struct avtab_key *key, struct av_decision *avd, struct operation *ops) argument [all...] |
H A D | policydb.c | 177 char *key = NULL; local 192 key = kstrdup(OBJECT_R, GFP_KERNEL); 193 if (!key) 196 rc = hashtab_insert(p->p_roles.table, key, role); 202 kfree(key); 246 const struct range_trans *key = k; local 247 return (key->source_type + (key->target_type << 3) + 248 (key->target_class << 5)) & (h->size - 1); 327 static int common_index(void *key, voi argument 345 class_index(void *key, void *datum, void *datap) argument 363 role_index(void *key, void *datum, void *datap) argument 384 type_index(void *key, void *datum, void *datap) argument 412 user_index(void *key, void *datum, void *datap) argument 433 sens_index(void *key, void *datum, void *datap) argument 455 cat_index(void *key, void *datum, void *datap) argument 605 perm_destroy(void *key, void *datum, void *p) argument 612 common_destroy(void *key, void *datum, void *p) argument 639 cls_destroy(void *key, void *datum, void *p) argument 681 role_destroy(void *key, void *datum, void *p) argument 695 type_destroy(void *key, void *datum, void *p) argument 702 user_destroy(void *key, void *datum, void *p) argument 718 sens_destroy(void *key, void *datum, void *p) argument 732 cat_destroy(void *key, void *datum, void *p) argument 751 filenametr_destroy(void *key, void *datum, void *p) argument 761 range_tr_destroy(void *key, void *datum, void *p) argument 1110 char *key = NULL; local 1144 char *key = NULL; local 1310 char *key = NULL; local 1404 char *key = NULL; local 1461 char *key = NULL; local 1536 char *key = NULL; local 1587 char *key = NULL; local 1629 char *key = NULL; local 1673 user_bounds_sanity_check(void *key, void *datum, void *datap) argument 1710 role_bounds_sanity_check(void *key, void *datum, void *datap) argument 1747 type_bounds_sanity_check(void *key, void *datum, void *datap) argument 2577 char *key = vkey; local 2605 char *key = vkey; local 2718 char *key = vkey; local 2740 char *key = vkey; local 2835 char *key = vkey; local 2923 char *key = vkey; local 2962 char *key = vkey; local 3003 char *key = vkey; local 3204 hashtab_cnt(void *key, void *data, void *ptr) argument 3212 range_write_helper(void *key, void *data, void *ptr) argument 3268 filename_write_helper(void *key, void *data, void *ptr) argument [all...] |
/security/integrity/ima/ |
H A D | ima_queue.c | 33 /* key: inode (before secure-hashing a file) */ 50 unsigned int key; local 53 key = ima_hash_key(digest_value); 55 hlist_for_each_entry_rcu(qe, &ima_htable.queue[key], hnext) { 74 unsigned int key; local 87 key = ima_hash_key(entry->digest); 88 hlist_add_head_rcu(&qe->hnext, &ima_htable.queue[key]);
|
H A D | ima_policy.c | 433 static void ima_log_string(struct audit_buffer *ab, char *key, char *value) argument 435 audit_log_format(ab, "%s=", key);
|
/security/tomoyo/ |
H A D | securityfs_if.c | 138 const int key = ((u8 *) file_inode(file)->i_private) local 140 return tomoyo_open_control(key, file); 223 * @key: Type of interface. 228 struct dentry *parent, const u8 key) 230 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key, 227 tomoyo_create_entry(const char *name, const umode_t mode, struct dentry *parent, const u8 key) argument
|
/security/keys/encrypted-keys/ |
H A D | encrypted.c | 27 #include <linux/key-type.h> 103 * valid_ecryptfs_desc - verify the description of a new/loaded encrypted key 105 * The description of a encrypted key with format 'ecryptfs' must contain 114 pr_err("encrypted_key: key description must be %d hexadecimal " 121 pr_err("encrypted_key: key description must contain " 131 * valid_master_desc - verify the 'key-type:desc' of a new/updated master-key 133 * key-type:= "trusted:" | "user:" 134 * desc:= master-key description 136 * Verify that 'key 338 calc_hmac(u8 *digest, const u8 *key, unsigned int keylen, const u8 *buf, unsigned int buflen) argument 404 init_blkcipher_desc(struct blkcipher_desc *desc, const u8 *key, unsigned int key_len, const u8 *iv, unsigned int ivsize) argument 598 encrypted_key_alloc(struct key *key, const char *format, const char *master_desc, const char *datalen) argument 776 encrypted_instantiate(struct key *key, struct key_preparsed_payload *prep) argument 838 encrypted_update(struct key *key, struct key_preparsed_payload *prep) argument 894 encrypted_read(const struct key *key, char __user *buffer, size_t buflen) argument 958 encrypted_destroy(struct key *key) argument [all...] |