Searched defs:mask (Results 1 - 20 of 20) sorted by relevance

/security/apparmor/include/
H A Dresource.h26 * @mask: which hard limits to set
30 * limits specified in @mask will be controlled by apparmor.
33 unsigned int mask; member in struct:aa_rlimit
H A Dfile.h79 * @allow: mask of permissions that are allowed
80 * @audit: mask of permissions to force an audit message for
81 * @quiet: mask of permissions to quiet audit messages for
82 * @kill: mask of permissions that when matched will kill the task
85 * The @audit and @queit mask should be mutually exclusive.
102 static inline u16 dfa_map_xindex(u16 mask) argument
104 u16 old_index = (mask >> 10) & 0xf;
107 if (mask & 0x100)
109 if (mask & 0x200)
111 if (mask
[all...]
/security/apparmor/
H A Dresource.c28 AA_FS_FILE_STRING("mask", AA_FS_RLIMIT_MASK),
107 (profile->rlimits.mask & (1 << resource) &&
123 unsigned int mask = 0; local
130 if (old->rlimits.mask) {
131 for (i = 0, mask = 1; i < RLIM_NLIMITS; i++, mask <<= 1) {
132 if (old->rlimits.mask & mask) {
142 if (!new->rlimits.mask)
144 for (i = 0, mask
[all...]
H A Dfile.c26 * audit_file_mask - convert mask to permission string
28 * @mask: permission mask to convert
30 static void audit_file_mask(struct audit_buffer *ab, u32 mask) argument
36 if (mask & AA_EXEC_MMAP)
38 if (mask & (MAY_READ | AA_MAY_META_READ))
40 if (mask & (MAY_WRITE | AA_MAY_META_WRITE | AA_MAY_CHMOD |
43 else if (mask & MAY_APPEND)
45 if (mask & AA_MAY_CREATE)
47 if (mask
124 u32 mask = perms->audit; local
[all...]
H A Dlsm.c157 * @mask: requested permissions mask
162 static int common_perm(int op, struct path *path, u32 mask, argument
170 error = aa_path_perm(op, profile, path, 0, mask, cond);
180 * @mask: requested permissions mask
186 struct dentry *dentry, u32 mask,
191 return common_perm(op, &path, mask, cond);
199 * @mask: requested permissions mask
185 common_perm_dir_dentry(int op, struct path *dir, struct dentry *dentry, u32 mask, struct path_cond *cond) argument
203 common_perm_mnt_dentry(int op, struct vfsmount *mnt, struct dentry *dentry, u32 mask) argument
223 common_perm_rm(int op, struct path *dir, struct dentry *dentry, u32 mask) argument
248 common_perm_create(int op, struct path *dir, struct dentry *dentry, u32 mask, umode_t mode) argument
426 common_file_perm(int op, struct file *file, u32 mask) argument
454 apparmor_file_permission(struct file *file, int mask) argument
461 u32 mask = AA_MAY_LOCK; local
472 int mask = 0; local
[all...]
/security/integrity/ima/
H A Dima_api.c159 * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXECUTE)
163 * subj=, obj=, type=, func=, mask=, fsmagic=
166 * mask: contains the permission mask
169 * Returns IMA_MEASURE, IMA_APPRAISE mask.
172 int ima_get_action(struct inode *inode, int mask, int function) argument
179 return ima_match_policy(inode, function, mask, flags);
H A Dima_appraise.c40 int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func) argument
45 return ima_match_policy(inode, func, mask, IMA_APPRAISE);
H A Dima_main.c156 static int process_measurement(struct file *file, int mask, int function, argument
176 action = ima_get_action(inode, mask, function);
245 if ((mask & MAY_WRITE) && (iint->flags & IMA_DIGSIG))
296 * @mask: contains MAY_READ, MAY_WRITE or MAY_EXECUTE
303 int ima_file_check(struct file *file, int mask, int opened) argument
306 mask & (MAY_READ | MAY_WRITE | MAY_EXEC),
H A Dima.h131 int ima_get_action(struct inode *inode, int mask, int function);
132 int ima_must_measure(struct inode *inode, int mask, int function);
155 int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask,
175 int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func);
195 static inline int ima_must_appraise(struct inode *inode, int mask, argument
H A Dima_policy.c50 int mask; member in struct:ima_rule_entry
64 * written in terms of .action, .func, .mask, .fsmagic, .uid, and .fowner
82 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
84 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
86 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ, .uid = GLOBAL_ROOT_UID,
162 * @mask: requested action (MAY_READ | MAY_WRITE | MAY_APPEND | MAY_EXEC)
167 struct inode *inode, enum ima_hooks func, int mask)
177 (rule->mask != mask && func != POST_SETATTR))
259 * @mask
166 ima_match_rules(struct ima_rule_entry *rule, struct inode *inode, enum ima_hooks func, int mask) argument
268 ima_match_policy(struct inode *inode, enum ima_hooks func, int mask, int flags) argument
[all...]
/security/selinux/ss/
H A Davtab.c29 static inline int avtab_hash(struct avtab_key *keyp, u16 mask) argument
32 (keyp->source_type << 9)) & mask);
80 hvalue = avtab_hash(key, h->mask);
111 * key/specified mask into the table, as needed by the conditional avtab.
123 hvalue = avtab_hash(key, h->mask);
154 hvalue = avtab_hash(key, h->mask);
189 hvalue = avtab_hash(key, h->mask);
262 h->mask = 0;
274 u16 mask = 0; local
291 mask
[all...]
H A Davtab.h80 u16 mask; /* mask to compute hash func */ member in struct:avtab
H A Dpolicydb.h184 u32 mask; member in struct:ocontext::__anon27::__anon29
188 u32 mask[4]; member in struct:ocontext::__anon27::__anon30
H A Dservices.c516 u32 mask = (1 << index); local
518 if ((mask & permissions) == 0)
610 /* mask violated permissions */
744 * constraint, lazy checks have to mask any violated
2239 static int match_ipv6_addrmask(u32 *input, u32 *addr, u32 *mask) argument
2244 if (addr[i] != (input[i] & mask[i])) {
2281 if (c->u.node.addr == (addr & c->u.node.mask))
2295 c->u.node6.mask))
/security/
H A Ddevice_cgroup.c314 * @access: permission mask (ACC_READ, ACC_WRITE, ACC_MKNOD)
349 * @access: permission mask (ACC_READ, ACC_WRITE, ACC_MKNOD)
836 int __devcgroup_inode_permission(struct inode *inode, int mask) argument
844 if (mask & MAY_WRITE)
846 if (mask & MAY_READ)
H A Dcapability.c159 umode_t mask)
182 umode_t mask)
215 static int cap_inode_permission(struct inode *inode, int mask) argument
329 static int cap_file_permission(struct file *file, int mask) argument
158 cap_inode_create(struct inode *inode, struct dentry *dentry, umode_t mask) argument
181 cap_inode_mkdir(struct inode *inode, struct dentry *dentry, umode_t mask) argument
H A Dsecurity.c588 int security_inode_permission(struct inode *inode, int mask) argument
592 return security_ops->inode_permission(inode, mask);
706 int security_file_permission(struct file *file, int mask) argument
710 ret = security_ops->file_permission(file, mask);
714 return fsnotify_perm(file, mask);
/security/smack/
H A Dsmackfs.c1169 struct in_addr mask; local
1180 * "<addr/mask, as a.b.c.d/e><space><label>"
1246 mask.s_addr = cpu_to_be32(temp_mask);
1248 newname.sin_addr.s_addr &= mask.s_addr;
1260 snp->smk_mask.s_addr == mask.s_addr) {
1274 snp->smk_mask.s_addr = mask.s_addr;
H A Dsmack_lsm.c967 * @mask: the access requested
973 static int smack_inode_permission(struct inode *inode, int mask) argument
976 int no_block = mask & MAY_NOT_BLOCK;
979 mask &= (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND);
983 if (mask == 0)
991 rc = smk_curacc(smk_of_inode(inode), mask, &ad);
992 rc = smk_bu_inode(inode, mask, rc);
1323 * @mask: unused
1334 static int smack_file_permission(struct file *file, int mask) argument
2113 * the list is sorted from longest to shortest mask
[all...]
/security/selinux/
H A Dhooks.c513 /* make sure we always check enough bits to cover the mask */
1863 /* Convert a Linux mode and permission mask to an access vector. */
1864 static inline u32 file_mask_to_av(int mode, int mask) argument
1869 if (mask & MAY_EXEC)
1871 if (mask & MAY_READ)
1874 if (mask & MAY_APPEND)
1876 else if (mask & MAY_WRITE)
1880 if (mask & MAY_EXEC)
1882 if (mask & MAY_WRITE)
1884 if (mask
2835 selinux_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mask) argument
2889 selinux_inode_permission(struct inode *inode, int mask) argument
3199 selinux_revalidate_file_permission(struct file *file, int mask) argument
3212 selinux_file_permission(struct file *file, int mask) argument
[all...]

Completed in 815 milliseconds