Searched refs:dfa (Results 1 - 9 of 9) sorted by relevance

/security/apparmor/
H A Dmatch.c4 * This file contains AppArmor dfa based regular expression matching engine
29 * unpack_table - unpack a dfa table (one of accept, default, base, next check)
92 * @dfa: dfa to test (NOT NULL)
95 * Assumes dfa has gone through the first pass verification done by unpacking
100 static int verify_dfa(struct aa_dfa *dfa, int flags) argument
106 if (!(dfa->tables[YYTD_ID_DEF] &&
107 dfa->tables[YYTD_ID_BASE] &&
108 dfa->tables[YYTD_ID_NXT] && dfa
168 dfa_free(struct aa_dfa *dfa) argument
187 struct aa_dfa *dfa = container_of(kref, struct aa_dfa, count); local
209 struct aa_dfa *dfa = kzalloc(sizeof(struct aa_dfa), GFP_KERNEL); local
300 aa_dfa_match_len(struct aa_dfa *dfa, unsigned int start, const char *str, int len) argument
350 aa_dfa_match(struct aa_dfa *dfa, unsigned int start, const char *str) argument
398 aa_dfa_next(struct aa_dfa *dfa, unsigned int state, const char c) argument
[all...]
H A Dfile.c184 * compute_perms - convert dfa compressed perms to internal perms
185 * @dfa: dfa to compute perms for (NOT NULL)
186 * @state: state in dfa
189 * TODO: convert from dfa + state to permission entry, do computation conversion
194 static struct file_perms compute_perms(struct aa_dfa *dfa, unsigned int state, argument
199 /* FIXME: change over to new dfa format
200 * currently file perms are encoded in the dfa, new format
201 * splits the permissions from the dfa. This mapping can be
207 perms.allow = map_old_perms(dfa_user_allow(dfa, stat
238 aa_str_perms(struct aa_dfa *dfa, unsigned int start, const char *name, struct path_cond *cond, struct file_perms *perms) argument
[all...]
H A Dpolicy_unpack.c297 * verify_accept - verify the accept tables of a dfa
298 * @dfa: dfa to verify accept tables of (NOT NULL)
299 * @flags: flags governing dfa
303 static bool verify_accept(struct aa_dfa *dfa, int flags) argument
308 for (i = 0; i < dfa->tables[YYTD_ID_ACCEPT]->td_lolen; i++) {
309 int mode = ACCEPT_TABLE(dfa)[i];
314 if (ACCEPT_TABLE2(dfa)[i] & ~DFA_VALID_PERM2_MASK)
321 * unpack_dfa - unpack a file rule dfa
324 * returns dfa o
330 struct aa_dfa *dfa = NULL; local
685 verify_dfa_xindex(struct aa_dfa *dfa, int table_size) argument
[all...]
H A Ddomain.c108 } else if (!profile->file.dfa) {
112 aa_str_perms(profile->file.dfa, start, name, &cond, &perms);
118 state = aa_dfa_match(profile->file.dfa, start, ns->base.name);
119 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1);
120 aa_str_perms(profile->file.dfa, state, name, &cond, &perms);
400 state = aa_str_perms(profile->file.dfa, state, name, &cond, &perms);
411 state = aa_dfa_null_transition(profile->file.dfa, state);
H A Dpolicy.c610 aa_put_dfa(profile->policy.dfa);
/security/apparmor/include/
H A Dfile.h99 /* FIXME: split perms from dfa and match this to description
129 * map old dfa inline permissions to new format
131 #define dfa_user_allow(dfa, state) (((ACCEPT_TABLE(dfa)[state]) & 0x7f) | \
132 ((ACCEPT_TABLE(dfa)[state]) & 0x80000000))
133 #define dfa_user_audit(dfa, state) ((ACCEPT_TABLE2(dfa)[state]) & 0x7f)
134 #define dfa_user_quiet(dfa, state) (((ACCEPT_TABLE2(dfa)[state]) >> 7) & 0x7f)
135 #define dfa_user_xindex(dfa, stat
164 struct aa_dfa *dfa; member in struct:aa_file_rules
[all...]
H A Dmatch.h4 * This file contains AppArmor policy dfa matching engine definitions.
34 * The data in the packed dfa is stored in network byte order, and the tables
38 * The dfa begins with a table set header, and is followed by the actual
120 unsigned int aa_dfa_match_len(struct aa_dfa *dfa, unsigned int start,
122 unsigned int aa_dfa_match(struct aa_dfa *dfa, unsigned int start,
124 unsigned int aa_dfa_next(struct aa_dfa *dfa, unsigned int state,
130 * aa_put_dfa - put a dfa refcount
131 * @dfa: dfa to put refcount (MAYBE NULL)
133 * Requires: if @dfa !
135 aa_put_dfa(struct aa_dfa *dfa) argument
[all...]
H A Dapparmor.h101 * @dfa: the dfa to match against
102 * @start: the state of the dfa to start matching in
108 static inline unsigned int aa_dfa_null_transition(struct aa_dfa *dfa, argument
112 return aa_dfa_next(dfa, start, 0);
H A Dpolicy.h144 * dfa: dfa pattern match
149 struct aa_dfa *dfa; member in struct:aa_policydb

Completed in 55 milliseconds