/security/apparmor/ |
H A D | context.c | 16 * AppArmor sets confinement on every task, via the the aa_task_cxt and 23 * If a task uses change_hat it currently does not return to the old 24 * cred or task context but instead creates a new one. Ideally the task 59 * aa_dup_task_context - duplicate a task context, incrementing reference counts 60 * @new: a blank task context (NOT NULL) 61 * @old: the task context to copy (NOT NULL) 72 * aa_get_task_profile - Get another task's profile 73 * @task: task t 77 aa_get_task_profile(struct task_struct *task) argument [all...] |
H A D | resource.c | 82 * @profile - profile confining the task (NOT NULL) 83 * @task - task the resource is being set on 91 int aa_task_setrlimit(struct aa_profile *profile, struct task_struct *task, argument 98 task_profile = aa_get_profile(aa_cred_profile(__task_cred(task))); 103 * that the task is setting the resource of a task confined with 118 * @old: old profile on task (NOT NULL)
|
H A D | lsm.c | 440 /* revalidate access, if task is unconfined, or the cached cred 504 static int apparmor_getprocattr(struct task_struct *task, char *name, argument 509 const struct cred *cred = get_task_cred(task); 531 static int apparmor_setprocattr(struct task_struct *task, char *name, argument 552 /* task can only write its own attributes */ 553 if (current != task) 606 static int apparmor_task_setrlimit(struct task_struct *task, argument 613 error = aa_task_setrlimit(profile, task, resource, new_rlim); 878 * set_init_cxt - set a task context and profile on the first task [all...] |
/security/apparmor/include/ |
H A D | context.h | 63 * @previous: profile the task may return to (MAYBE NULL) 64 * @token: magic value the task must know for returning to @previous_profile 66 * Contains the task's current profile (which could change due to 69 * TODO: make so a task can be confined by a stack of contexts 86 struct aa_profile *aa_get_task_profile(struct task_struct *task); 105 * __aa_task_profile - retrieve another task's profile 106 * @task: task to query (NOT NULL) 108 * Returns: @task's profile without incrementing its ref count 110 * If @task ! 112 __aa_task_profile(struct task_struct *task) argument 123 __aa_task_is_confined(struct task_struct *task) argument [all...] |
/security/tomoyo/ |
H A D | gc.c | 649 struct task_struct *task = kthread_create(tomoyo_gc_thread, local 652 if (!IS_ERR(task)) 653 wake_up_process(task);
|
H A D | common.c | 73 [TOMOYO_TASK_UID] = "task.uid", 74 [TOMOYO_TASK_EUID] = "task.euid", 75 [TOMOYO_TASK_SUID] = "task.suid", 76 [TOMOYO_TASK_FSUID] = "task.fsuid", 77 [TOMOYO_TASK_GID] = "task.gid", 78 [TOMOYO_TASK_EGID] = "task.egid", 79 [TOMOYO_TASK_SGID] = "task.sgid", 80 [TOMOYO_TASK_FSGID] = "task.fsgid", 81 [TOMOYO_TASK_PID] = "task.pid", 82 [TOMOYO_TASK_PPID] = "task 922 const struct task_struct *task = current; local [all...] |
H A D | common.h | 488 } task; member in union:tomoyo_request_info::__anon33 691 * Structure for "task manual_domain_transition" directive. 1211 * @task: Pointer to "struct task_struct". 1216 *task) 1218 return task_cred_xxx(task, security); 1215 tomoyo_real_domain(struct task_struct *task) argument
|
/security/yama/ |
H A D | yama_lsm.c | 109 * @tracer: remove any relation where tracer task matches 110 * @tracee: remove any relation where tracee task matches 136 * @task: task being removed 138 void yama_task_free(struct task_struct *task) argument 140 yama_ptracer_del(task, task); 277 * @child: task that current task is attempting to ptrace 332 * @parent: task tha [all...] |
/security/ |
H A D | device_cgroup.c | 59 static inline struct dev_cgroup *task_devcgroup(struct task_struct *task) argument 61 return css_to_devcgroup(task_css(task, devices_cgrp_id));
|
H A D | capability.c | 392 static void cap_task_free(struct task_struct *task) argument
|
H A D | security.c | 830 void security_task_free(struct task_struct *task) argument 833 yama_task_free(task); 835 security_ops->task_free(task);
|
/security/smack/ |
H A D | smack_lsm.c | 46 #define task_security(task) (task_cred_xxx((task), security)) 255 * new_task_smack - allocate a task security blob 260 static struct task_smack *new_task_smack(struct smack_known *task, argument 269 tsp->smk_task = task; 382 * @ctp: child task pointer 406 * @ptp: parent task pointer 1582 * @tsk: The target task 1586 * Allow a privileged task to get signals even if it shouldn't 1589 * write to the task, a [all...] |
/security/selinux/ |
H A D | hooks.c | 176 * initialise the security for the init task 185 panic("SELinux: Failed to initialize initial task.\n"); 203 * get the objective security ID of a task 205 static inline u32 task_sid(const struct task_struct *task) argument 210 sid = cred_sid(__task_cred(task)); 216 * get the subjective security ID of the current task 332 "uses task SIDs", 1526 * Check permission between current and another task, e.g. signal checks, 1545 /* Check whether a task is allowed to use a capability. */ 1582 /* Check whether a task i 4054 sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) argument 5168 ipc_alloc_security(struct task_struct *task, struct kern_ipc_perm *perm, u16 sclass) argument [all...] |