/security/apparmor/ |
H A D | ipc.c | 59 * @mode: whether PTRACE_MODE_READ || PTRACE_MODE_ATTACH 64 unsigned int mode) 68 * Test mode for PTRACE_MODE_READ || PTRACE_MODE_ATTACH 81 * @mode: ptrace mode either PTRACE_MODE_READ || PTRACE_MODE_ATTACH 86 unsigned int mode) 91 * - tracer is in complain mode 103 error = aa_may_ptrace(tracer_p, tracee_p, mode); 63 aa_may_ptrace(struct aa_profile *tracer, struct aa_profile *tracee, unsigned int mode) argument 85 aa_ptrace(struct task_struct *tracer, struct task_struct *tracee, unsigned int mode) argument
|
H A D | policy_unpack.c | 309 int mode = ACCEPT_TABLE(dfa)[i]; local 311 if (mode & ~DFA_VALID_PERM_MASK) 523 profile->mode = APPARMOR_COMPLAIN; 525 profile->mode = APPARMOR_KILL; 527 profile->mode = APPARMOR_UNCONFINED;
|
H A D | lsm.c | 97 unsigned int mode) 99 int error = cap_ptrace_access_check(child, mode); 103 return aa_ptrace(current, child, mode); 233 cond.mode = inode->i_mode; 244 * @mode: created file mode 249 u32 mask, umode_t mode) 251 struct path_cond cond = { current_fsuid(), mode }; 265 umode_t mode) 277 umode_t mode, unsigne 96 apparmor_ptrace_access_check(struct task_struct *child, unsigned int mode) argument 248 common_perm_create(int op, struct path *dir, struct dentry *dentry, u32 mask, umode_t mode) argument 264 apparmor_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) argument 276 apparmor_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, unsigned int dev) argument 347 apparmor_path_chmod(struct path *path, umode_t mode) argument [all...] |
/security/ |
H A D | inode.c | 58 * @mode: the permission that the file should have 82 struct dentry *securityfs_create_file(const char *name, umode_t mode, argument 87 int is_dir = S_ISDIR(mode); 93 mode = (mode & S_IALLUGO) | S_IFREG; 124 inode->i_mode = mode;
|
H A D | commoncap.c | 40 * !secure(SECURE_NOROOT) mode, then we raise capabilities. 141 * @mode: The mode of attachment. 152 int cap_ptrace_access_check(struct task_struct *child, unsigned int mode) argument 520 * executables under compatibility mode, we override the
|
H A D | device_cgroup.c | 853 int devcgroup_inode_mknod(int mode, dev_t dev) argument 857 if (!S_ISBLK(mode) && !S_ISCHR(mode)) 860 if (S_ISBLK(mode))
|
H A D | capability.c | 135 static int cap_dentry_init_security(struct dentry *dentry, int mode, argument 193 umode_t mode, dev_t dev) 269 static int cap_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, argument 275 static int cap_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) argument 313 static int cap_path_chmod(struct path *path, umode_t mode) argument 540 struct task_struct *target, long type, int mode) 192 cap_inode_mknod(struct inode *inode, struct dentry *dentry, umode_t mode, dev_t dev) argument 539 cap_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, struct task_struct *target, long type, int mode) argument
|
H A D | security.c | 158 int security_ptrace_access_check(struct task_struct *child, unsigned int mode) argument 162 rc = yama_ptrace_access_check(child, mode); 166 return security_ops->ptrace_access_check(child, mode); 351 int security_dentry_init_security(struct dentry *dentry, int mode, argument 355 return security_ops->dentry_init_security(dentry, mode, name, 407 int security_path_mknod(struct path *dir, struct dentry *dentry, umode_t mode, argument 412 return security_ops->path_mknod(dir, dentry, mode, dev); 416 int security_path_mkdir(struct path *dir, struct dentry *dentry, umode_t mode) argument 420 return security_ops->path_mkdir(dir, dentry, mode); 482 int security_path_chmod(struct path *path, umode_t mode) argument 502 security_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) argument 533 security_inode_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) argument 548 security_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) argument 1031 security_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, struct task_struct *target, long type, int mode) argument [all...] |
/security/tomoyo/ |
H A D | securityfs_if.c | 221 * @mode: The permission of the interface file. 227 static void __init tomoyo_create_entry(const char *name, const umode_t mode, argument 230 securityfs_create_file(name, mode, parent, ((u8 *) NULL) + key,
|
H A D | audit.c | 111 * @mode: Mode value for stat(). 115 static inline const char *tomoyo_filetype(const umode_t mode) argument 117 switch (mode & S_IFMT) { 162 "#%04u/%02u/%02u %02u:%02u:%02u# profile=%u mode=%s " 167 tomoyo_mode[r->mode], tomoyo_yesno(r->granted), gpid, 186 umode_t mode; local 191 mode = stat->mode; 200 stat->mode & S_IALLUGO); 210 mode 326 u8 mode; local [all...] |
H A D | file.c | 200 r->param.mkdev.mode, r->param.mkdev.major, 317 tomoyo_compare_number_union(r->param.mkdev.mode, 318 &acl->mode) && 410 tomoyo_same_number_union(&p1->mode, &p2->mode) && 460 !tomoyo_parse_number_union(param, &e.mode) || 469 tomoyo_put_number_union(&e.mode); 564 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); 565 if (r->mode == TOMOYO_CONFIG_DISABLED) 592 * profile mode setting 841 tomoyo_mkdev_perm(const u8 operation, struct path *path, const unsigned int mode, unsigned int dev) argument [all...] |
H A D | tomoyo.c | 184 * @mode: DAC permission mode. 189 umode_t mode) 193 mode & S_IALLUGO); 231 * @mode: DAC permission mode. 237 umode_t mode, unsigned int dev) 241 const unsigned int perm = mode & S_IALLUGO; 243 switch (mode & S_IFMT) { 255 switch (mode 188 tomoyo_path_mkdir(struct path *parent, struct dentry *dentry, umode_t mode) argument 236 tomoyo_path_mknod(struct path *parent, struct dentry *dentry, umode_t mode, unsigned int dev) argument 361 tomoyo_path_chmod(struct path *path, umode_t mode) argument [all...] |
H A D | util.c | 964 * tomoyo_get_mode - Get MAC mode. 970 * Returns mode. 975 u8 mode; local 981 mode = p->config[index]; 982 if (mode == TOMOYO_CONFIG_USE_DEFAULT) 983 mode = p->config[tomoyo_index2category[index] 985 if (mode == TOMOYO_CONFIG_USE_DEFAULT) 986 mode = p->default_config; 987 return mode & 3; 997 * Returns mode [all...] |
H A D | common.c | 12 /* String table for operation mode. */ 576 * tomoyo_set_mode - Set mode for specified profile. 619 u8 mode; local 620 for (mode = 0; mode < 4; mode++) 621 if (strstr(value, tomoyo_mode[mode])) 626 config = (config & ~7) | mode; 704 * tomoyo_print_config - Print mode for specified functionality. 715 tomoyo_io_printf(head, "={ mode [all...] |
H A D | common.h | 143 /* Index numbers for operation mode. */ 375 * occurred in enforcing mode and the userspace daemon decided to retry. 445 unsigned int mode; member in struct:tomoyo_request_info::__anon33::__anon36 495 u8 mode; /* One of tomoyo_mode_index . */ member in struct:tomoyo_request_info 567 umode_t mode; member in struct:tomoyo_mini_stat 727 struct tomoyo_number_union mode; member in struct:tomoyo_mkdev_acl 972 const unsigned int mode, unsigned int dev);
|
/security/apparmor/include/ |
H A D | apparmorfs.h | 31 umode_t mode; member in struct:aa_fs_entry 45 { .name = (_name), .mode = 0444, \ 49 { .name = (_name), .mode = 0444, \ 53 { .name = (_name), .mode = 0444, \ 58 .mode = (_mode), .file_ops = (_fops) }
|
H A D | file.h | 75 umode_t mode; member in struct:path_cond
|
H A D | policy.h | 37 ((_profile)->mode == (_mode))) 171 * @audit: the auditing mode of the profile 172 * @mode: the enforcement mode of the profile 212 long mode; member in struct:aa_profile 257 #define unconfined(X) ((X)->mode == APPARMOR_UNCONFINED)
|
/security/integrity/evm/ |
H A D | evm_crypto.c | 105 umode_t mode; member in struct:h_misc 113 hmac_misc.mode = inode->i_mode;
|
/security/integrity/ima/ |
H A D | ima_main.c | 87 fmode_t mode = file->f_mode; local 90 if (mode & FMODE_WRITE) { 118 fmode_t mode = file->f_mode; local 120 if (!(mode & FMODE_WRITE)) 266 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. 286 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. 301 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES. 318 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
|
/security/smack/ |
H A D | smack_access.c | 70 * access rule list and returns the access mode. If no 187 * Return a positive value if using bringup mode. 209 * @mode: the access requested, in "MAY" format 218 u32 mode, struct smk_audit_info *a) 227 rc = smk_access(sbj_known, obj_known, mode, NULL); 238 if ((mode & may) == mode) 253 mode, rc, a); 261 * @mode: the access requested, in "MAY" format 270 u32 mode, struc 217 smk_tskacc(struct task_smack *tsp, struct smack_known *obj_known, u32 mode, struct smk_audit_info *a) argument 269 smk_curacc(struct smack_known *obj_known, u32 mode, struct smk_audit_info *a) argument [all...] |
H A D | smack_lsm.c | 58 static void smk_bu_mode(int mode, char *s) argument 62 if (mode & MAY_READ) 64 if (mode & MAY_WRITE) 66 if (mode & MAY_EXEC) 68 if (mode & MAY_APPEND) 70 if (mode & MAY_TRANSMUTE) 72 if (mode & MAY_LOCK) 82 struct smack_known *oskp, int mode, int rc) 89 smk_bu_mode(mode, acc); 95 #define smk_bu_note(note, sskp, oskp, mode, R 81 smk_bu_note(char *note, struct smack_known *sskp, struct smack_known *oskp, int mode, int rc) argument 99 smk_bu_current(char *note, struct smack_known *oskp, int mode, int rc) argument 119 smk_bu_task(struct task_struct *otp, int mode, int rc) argument 139 smk_bu_inode(struct inode *inode, int mode, int rc) argument 158 smk_bu_file(struct file *file, int mode, int rc) argument 180 smk_bu_credfile(const struct cred *cred, struct file *file, int mode, int rc) argument 311 smk_ptrace_mode(unsigned int mode) argument 332 smk_ptrace_rule_check(struct task_struct *tracer, struct smack_known *tracee_known, unsigned int mode, const char *func) argument 389 smack_ptrace_access_check(struct task_struct *ctp, unsigned int mode) argument 2946 smack_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, struct task_struct *target, long type, int mode) argument [all...] |
/security/yama/ |
H A D | yama_lsm.c | 278 * @mode: ptrace attach mode 283 unsigned int mode) 290 rc = cap_ptrace_access_check(child, mode); 295 if (mode == PTRACE_MODE_ATTACH) { 412 .mode = 0644, 282 yama_ptrace_access_check(struct task_struct *child, unsigned int mode) argument
|
/security/selinux/ |
H A D | selinuxfs.c | 1037 static struct inode *sel_make_inode(struct super_block *sb, int mode) argument 1042 ret->i_mode = mode; 1482 inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
|
H A D | hooks.c | 1135 static inline u16 inode_mode_to_security_class(umode_t mode) argument 1137 switch (mode & S_IFMT) { 1863 /* Convert a Linux mode and permission mask to an access vector. */ 1864 static inline u32 file_mask_to_av(int mode, int mask) argument 1868 if (!S_ISDIR(mode)) { 1990 unsigned int mode) 1994 rc = cap_ptrace_access_check(child, mode); 1998 if (mode & PTRACE_MODE_READ) { 2314 /* Enable secure mode for SIDs transitions unless 2721 static int selinux_dentry_init_security(struct dentry *dentry, int mode, argument 1989 selinux_ptrace_access_check(struct task_struct *child, unsigned int mode) argument 2815 selinux_inode_create(struct inode *dir, struct dentry *dentry, umode_t mode) argument 2845 selinux_inode_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) argument 5358 selinux_msg_queue_msgrcv(struct msg_queue *msq, struct msg_msg *msg, struct task_struct *target, long type, int mode) argument [all...] |