/security/integrity/ima/ |
H A D | ima_main.c | 20 #include <linux/file.h> 74 * - Opening a file for write when already open for read, 76 * - Opening a file for read when already open for write, 77 * could result in a file measurement error. 80 static void ima_rdwr_violation_check(struct file *file, argument 86 struct inode *inode = file_inode(file); 87 fmode_t mode = file->f_mode; 106 *pathname = ima_d_path(&file->f_path, pathbuf); 109 ima_add_violation(file, *pathnam 115 ima_check_last_writer(struct integrity_iint_cache *iint, struct inode *inode, struct file *file) argument 141 ima_file_free(struct file *file) argument 156 process_measurement(struct file *file, int mask, int function, int opened) argument 268 ima_file_mmap(struct file *file, unsigned long prot) argument 303 ima_file_check(struct file *file, int mask, int opened) argument 320 ima_module_check(struct file *file) argument 333 ima_fw_from_file(struct file *file, char *buf, size_t size) argument [all...] |
H A D | ima_template_lib.h | 29 int ima_eventdigest_init(struct integrity_iint_cache *iint, struct file *file, 33 int ima_eventname_init(struct integrity_iint_cache *iint, struct file *file, 38 struct file *file, const unsigned char *filename, 41 int ima_eventname_ng_init(struct integrity_iint_cache *iint, struct file *file, 45 int ima_eventsig_init(struct integrity_iint_cache *iint, struct file *file, [all...] |
H A D | ima_crypto.c | 13 * Calculates md5/sha1 file hash, template hash, boot-aggreate hash 21 #include <linux/file.h> 35 /* minimum file size for ahash use */ 38 MODULE_PARM_DESC(ahash_minsize, "Minimum file size for ahash use"); 71 * ima_kernel_read - read file content 73 * This is a function for reading file content instead of kernel_read(). 78 static int ima_kernel_read(struct file *file, loff_t offset, argument 85 if (!(file->f_mode & FMODE_READ)) 90 if (file 257 ima_calc_file_hash_atfm(struct file *file, struct ima_digest_data *hash, struct crypto_ahash *tfm) argument 366 ima_calc_file_ahash(struct file *file, struct ima_digest_data *hash) argument 382 ima_calc_file_hash_tfm(struct file *file, struct ima_digest_data *hash, struct crypto_shash *tfm) argument 439 ima_calc_file_shash(struct file *file, struct ima_digest_data *hash) argument 468 ima_calc_file_hash(struct file *file, struct ima_digest_data *hash) argument [all...] |
H A D | ima.h | 64 int (*field_init) (struct integrity_iint_cache *iint, struct file *file, 100 int ima_calc_file_hash(struct file *file, struct ima_digest_data *hash); 105 void ima_add_violation(struct file *file, const unsigned char *filename, 134 struct file *file, 137 void ima_store_measurement(struct integrity_iint_cache *iint, struct file *file, 185 ima_appraise_measurement(int func, struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, int opened) argument 201 ima_update_xattr(struct integrity_iint_cache *iint, struct file *file) argument [all...] |
H A D | ima_api.c | 17 #include <linux/file.h> 41 struct file *file, const unsigned char *filename, 58 result = field->field_init(iint, file, filename, 131 void ima_add_violation(struct file *file, const unsigned char *filename, argument 135 struct inode *inode = file_inode(file); 142 result = ima_alloc_init_template(NULL, file, filename, 183 * ima_collect_measurement - collect file measurement 185 * Calculate the file has 40 ima_alloc_init_template(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, struct ima_template_entry **entry) argument 192 ima_collect_measurement(struct integrity_iint_cache *iint, struct file *file, struct evm_ima_xattr_data **xattr_value, int *xattr_len) argument 261 ima_store_measurement(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len) argument [all...] |
H A D | ima_template_lib.c | 198 int ima_eventdigest_init(struct integrity_iint_cache *iint, struct file *file, argument 223 if (!file) /* missing info to re-calculate the digest */ 226 inode = file_inode(file); 229 result = ima_calc_file_hash(file, &hash.hdr); 247 struct file *file, const unsigned char *filename, 268 struct file *file, 276 BUG_ON(filename == NULL && file 246 ima_eventdigest_ng_init(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, struct ima_field_data *field_data) argument 267 ima_eventname_init_common(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct ima_field_data *field_data, bool size_limit) argument 303 ima_eventname_init(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, struct ima_field_data *field_data) argument 315 ima_eventname_ng_init(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, struct ima_field_data *field_data) argument 327 ima_eventsig_init(struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, struct ima_field_data *field_data) argument [all...] |
H A D | ima_fs.c | 15 * implemenents security file system for reporting 40 static ssize_t ima_show_htable_violations(struct file *filp, 52 static ssize_t ima_show_measurements_count(struct file *filp, 177 static int ima_measurements_open(struct inode *inode, struct file *file) argument 179 return seq_open(file, &ima_measurments_seqops); 239 static int ima_ascii_measurements_open(struct inode *inode, struct file *file) argument 241 return seq_open(file, &ima_ascii_measurements_seqops); 251 static ssize_t ima_write_policy(struct file *fil argument 312 ima_release_policy(struct inode *inode, struct file *file) argument [all...] |
H A D | ima_appraise.c | 12 #include <linux/file.h> 178 * ima_appraise_measurement - appraise file measurement 186 struct file *file, const unsigned char *filename, 192 struct dentry *dentry = file->f_dentry; 290 void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file) argument 292 struct dentry *dentry = file->f_dentry; 299 rc = ima_collect_measurement(iint, file, NULL, NULL); 307 * ima_inode_post_setattr - reflect file metadat 185 ima_appraise_measurement(int func, struct integrity_iint_cache *iint, struct file *file, const unsigned char *filename, struct evm_ima_xattr_data *xattr_value, int xattr_len, int opened) argument [all...] |
/security/tomoyo/ |
H A D | securityfs_if.c | 29 * @file: Pointer to "struct file". 39 static ssize_t tomoyo_write_self(struct file *file, const char __user *buf, argument 98 * @file: Pointer to "struct file". 105 static ssize_t tomoyo_read_self(struct file *file, char __user *buf, argument 132 * @file: Pointer to "struct file" 136 tomoyo_open(struct inode *inode, struct file *file) argument 149 tomoyo_release(struct inode *inode, struct file *file) argument 164 tomoyo_poll(struct file *file, poll_table *wait) argument 179 tomoyo_read(struct file *file, char __user *buf, size_t count, loff_t *ppos) argument 195 tomoyo_write(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument [all...] |
H A D | tomoyo.c | 135 return tomoyo_check_open_permission(domain, &bprm->file->f_path, 306 * @file: Pointer to "struct file". 312 static int tomoyo_file_fcntl(struct file *file, unsigned int cmd, argument 315 if (!(cmd == F_SETFL && ((arg ^ file->f_flags) & O_APPEND))) 317 return tomoyo_check_open_permission(tomoyo_domain(), &file->f_path, 324 * @f: Pointer to "struct file". 329 static int tomoyo_file_open(struct file *f, const struct cred *cred) 341 * @file 347 tomoyo_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg) argument [all...] |
/security/keys/ |
H A D | big_key.c | 15 #include <linux/file.h> 24 * If the data is under this limit, there's no point creating a shm file to 51 struct file *file; local 66 /* Create a shmem file to store the data in. This will permit the data 71 file = shmem_kernel_file_setup("", datalen, 0); 72 if (IS_ERR(file)) { 73 ret = PTR_ERR(file); 77 written = kernel_write(file, prep->data, prep->datalen, 0); 88 *path = file 179 struct file *file; local [all...] |
H A D | proc.c | 22 static int proc_keys_open(struct inode *inode, struct file *file); 43 static int proc_key_users_open(struct inode *inode, struct file *file); 105 static int proc_keys_open(struct inode *inode, struct file *file) argument 107 return seq_open(file, &proc_keys_ops); 306 static int proc_key_users_open(struct inode *inode, struct file *file) argument 308 return seq_open(file, [all...] |
/security/integrity/evm/ |
H A D | evm_secfs.c | 27 * @filp: file pointer, not actually used 34 static ssize_t evm_read_key(struct file *filp, char __user *buf, 51 * @file: file pointer, not actually used 61 static ssize_t evm_write_key(struct file *file, const char __user *buf, argument
|
/security/smack/ |
H A D | smackfs.c | 443 * smk_write_rules_list - write() for any /smack rule file 444 * @file: file pointer, not actually used 461 static ssize_t smk_write_rules_list(struct file *file, const char __user *buf, argument 599 * interface file (/smack/load or /smack/load2) 668 * @inode: inode structure representing file 669 * @file: "load" file pointer 673 static int smk_open_load(struct inode *inode, struct file *fil argument 686 smk_write_load(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 844 smk_open_cipso(struct inode *inode, struct file *file) argument 860 smk_set_cipso(struct file *file, const char __user *buf, size_t count, loff_t *ppos, int format) argument 963 smk_write_cipso(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1022 smk_open_cipso2(struct inode *inode, struct file *file) argument 1037 smk_write_cipso2(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1101 smk_open_netlbladdr(struct inode *inode, struct file *file) argument 1158 smk_write_netlbladdr(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1354 smk_write_doi(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1420 smk_write_direct(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1498 smk_write_mapped(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1589 smk_write_ambient(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1673 smk_write_onlycap(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1752 smk_write_logging(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1829 smk_open_load_self(struct inode *inode, struct file *file) argument 1842 smk_write_load_self(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1866 smk_user_access(struct file *file, const char __user *buf, size_t count, loff_t *ppos, int format) argument 1914 smk_write_access(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1957 smk_open_load2(struct inode *inode, struct file *file) argument 1970 smk_write_load2(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 2034 smk_open_load_self2(struct inode *inode, struct file *file) argument 2047 smk_write_load_self2(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 2071 smk_write_access2(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 2091 smk_write_revoke_subj(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 2173 smk_write_change_rule(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 2235 smk_write_syslog(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 2300 smk_write_ptrace(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument [all...] |
H A D | smack_lsm.c | 4 * This file contains the smack hook function implementations. 158 static int smk_bu_file(struct file *file, int mode, int rc) argument 162 struct inode *inode = file->f_inode; 169 pr_info("Smack Bringup: (%s %s %s) file=(%s %ld %s) %s\n", 170 sskp->smk_known, (char *)file->f_security, acc, 171 inode->i_sb->s_id, inode->i_ino, file->f_dentry->d_name.name, 176 #define smk_bu_file(file, mode, RC) (RC) 180 static int smk_bu_credfile(const struct cred *cred, struct file *file, argument 1334 smack_file_permission(struct file *file, int mask) argument 1348 smack_file_alloc_security(struct file *file) argument 1363 smack_file_free_security(struct file *file) argument 1378 smack_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg) argument 1407 smack_file_lock(struct file *file, unsigned int cmd) argument 1431 smack_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg) argument 1472 smack_mmap_file(struct file *file, unsigned long reqprot, unsigned long prot, unsigned long flags) argument 1573 smack_file_set_fowner(struct file *file) argument 1596 struct file *file; local 1624 smack_file_receive(struct file *file) argument 1657 smack_file_open(struct file *file, const struct cred *cred) argument [all...] |
/security/apparmor/include/ |
H A D | file.h | 4 * This file contains AppArmor file mediation function definitions. 78 /* struct file_perms - file permission 152 * struct aa_file_rules - components used for file rule permissions 180 int aa_file_perm(int op, struct aa_profile *profile, struct file *file, 190 * aa_map_file_perms - map file flags to AppArmor permissions 191 * @file: open file to map flags to AppArmor permissions 193 * Returns: apparmor permission set for the file 195 aa_map_file_to_perms(struct file *file) argument [all...] |
/security/selinux/ |
H A D | selinuxfs.c | 131 static ssize_t sel_read_enforce(struct file *filp, char __user *buf, 142 static ssize_t sel_write_enforce(struct file *file, const char __user *buf, argument 202 static ssize_t sel_read_handle_unknown(struct file *filp, char __user *buf, 220 static int sel_open_handle_status(struct inode *inode, struct file *filp) 232 static ssize_t sel_read_handle_status(struct file *filp, char __user *buf, 244 static int sel_mmap_handle_status(struct file *filp, 274 static ssize_t sel_write_disable(struct file *file, const char __user *buf, argument 328 static ssize_t sel_read_policyvers(struct file *fil 504 sel_write_load(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 569 sel_write_context(struct file *file, char *buf, size_t size) argument 611 sel_write_checkreqprot(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 674 selinux_transaction_write(struct file *file, const char __user *buf, size_t size, loff_t *pos) argument 708 sel_write_access(struct file *file, char *buf, size_t size) argument 757 sel_write_create(struct file *file, char *buf, size_t size) argument 858 sel_write_relabel(struct file *file, char *buf, size_t size) argument 916 sel_write_user(struct file *file, char *buf, size_t size) argument 976 sel_write_member(struct file *file, char *buf, size_t size) argument 1320 sel_write_avc_cache_threshold(struct file *file, const char __user *buf, size_t count, loff_t *ppos) argument 1449 sel_open_avc_cache_stats(struct inode *inode, struct file *file) argument 1494 sel_read_initcon(struct file *file, char __user *buf, size_t count, loff_t *ppos) argument 1559 sel_read_class(struct file *file, char __user *buf, size_t count, loff_t *ppos) argument 1573 sel_read_perm(struct file *file, char __user *buf, size_t count, loff_t *ppos) argument 1587 sel_read_policycap(struct file *file, char __user *buf, size_t count, loff_t *ppos) argument [all...] |
H A D | hooks.c | 4 * This file contains the SELinux hook function implementations. 45 #include <linux/file.h> 277 static int file_alloc_security(struct file *file) argument 288 file->f_security = fsec; 293 static void file_free_security(struct file *file) argument 295 struct file_security_struct *fsec = file->f_security; 296 file->f_security = NULL; 327 /* The file syste 1645 file_path_has_perm(const struct cred *cred, struct file *file, u32 av) argument 1664 file_has_perm(const struct cred *cred, struct file *file, u32 av) argument 1892 file_to_av(struct file *file) argument 1918 open_file_to_av(struct file *file) argument 1961 selinux_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) argument 2325 match_file(const void *p, struct file *file, unsigned fd) argument 2334 struct file *file, *devnull = NULL; local 3199 selinux_revalidate_file_permission(struct file *file, int mask) argument 3212 selinux_file_permission(struct file *file, int mask) argument 3231 selinux_file_alloc_security(struct file *file) argument 3236 selinux_file_free_security(struct file *file) argument 3245 ioctl_has_perm(const struct cred *cred, struct file *file, u32 requested, u16 cmd) argument 3279 selinux_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg) argument 3328 file_map_prot_check(struct file *file, unsigned long prot, int shared) argument 3381 selinux_mmap_file(struct file *file, unsigned long reqprot, unsigned long prot, unsigned long flags) argument 3427 selinux_file_lock(struct file *file, unsigned int cmd) argument 3434 selinux_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg) argument 3474 selinux_file_set_fowner(struct file *file) argument 3485 struct file *file; local 3504 selinux_file_receive(struct file *file) argument 3511 selinux_file_open(struct file *file, const struct cred *cred) argument [all...] |
/security/ |
H A D | security.c | 153 int security_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) argument 155 return security_ops->binder_transfer_file(from, to, file); 706 int security_file_permission(struct file *file, int mask) argument 710 ret = security_ops->file_permission(file, mask); 714 return fsnotify_perm(file, mask); 717 int security_file_alloc(struct file *file) argument 719 return security_ops->file_alloc_security(file); 722 security_file_free(struct file *file) argument 727 security_file_ioctl(struct file *file, unsigned int cmd, unsigned long arg) argument 732 mmap_prot(struct file *file, unsigned long prot) argument 766 security_mmap_file(struct file *file, unsigned long prot, unsigned long flags) argument 788 security_file_lock(struct file *file, unsigned int cmd) argument 793 security_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg) argument 798 security_file_set_fowner(struct file *file) argument 809 security_file_receive(struct file *file) argument 814 security_file_open(struct file *file, const struct cred *cred) argument 868 security_kernel_fw_from_file(struct file *file, char *buf, size_t size) argument 884 security_kernel_module_from_file(struct file *file) argument [all...] |
H A D | capability.c | 30 static int cap_binder_transfer_file(struct task_struct *from, struct task_struct *to, struct file *file) argument 329 static int cap_file_permission(struct file *file, int mask) argument 334 static int cap_file_alloc_security(struct file *file) argument 339 static void cap_file_free_security(struct file *file) argument 343 static int cap_file_ioctl(struct file *file, unsigne argument 355 cap_file_lock(struct file *file, unsigned int cmd) argument 360 cap_file_fcntl(struct file *file, unsigned int cmd, unsigned long arg) argument 366 cap_file_set_fowner(struct file *file) argument 377 cap_file_receive(struct file *file) argument 382 cap_file_open(struct file *file, const struct cred *cred) argument 424 cap_kernel_fw_from_file(struct file *file, char *buf, size_t size) argument 434 cap_kernel_module_from_file(struct file *file) argument [all...] |
/security/apparmor/ |
H A D | lsm.c | 4 * This file contains AppArmor LSM hooks. 33 #include "include/file.h" 244 * @mode: created file mode 376 static int apparmor_file_open(struct file *file, const struct cred *cred) argument 378 struct aa_file_cxt *fcxt = file->f_security; 382 if (!mediated_filesystem(file_inode(file))) 397 struct inode *inode = file_inode(file); 400 error = aa_path_perm(OP_OPEN, profile, &file->f_path, 0, 401 aa_map_file_to_perms(file), 409 apparmor_file_alloc_security(struct file *file) argument 419 apparmor_file_free_security(struct file *file) argument 426 common_file_perm(int op, struct file *file, u32 mask) argument 454 apparmor_file_permission(struct file *file, int mask) argument 459 apparmor_file_lock(struct file *file, unsigned int cmd) argument 469 common_mmap(int op, struct file *file, unsigned long prot, unsigned long flags) argument 491 apparmor_mmap_file(struct file *file, unsigned long reqprot, unsigned long prot, unsigned long flags) argument [all...] |
H A D | apparmorfs.c | 4 * This file contains AppArmor /sys/kernel/security/apparmor interface functions 78 * @pos: position write is at in the file (NOT NULL) 116 /* .load file hook fn to load policy */ 117 static ssize_t profile_load(struct file *f, const char __user *buf, size_t size, 139 /* .replace file hook fn to load and/or replace policy */ 140 static ssize_t profile_replace(struct file *f, const char __user *buf, 161 /* .remove file hook fn to remove loaded policy */ 162 static ssize_t profile_remove(struct file *f, const char __user *buf, 214 static int aa_fs_seq_open(struct inode *inode, struct file *file) argument 227 aa_fs_seq_profile_open(struct inode *inode, struct file *file, int (*show)(struct seq_file *, void *)) argument 241 aa_fs_seq_profile_release(struct inode *inode, struct file *file) argument 259 aa_fs_seq_profname_open(struct inode *inode, struct file *file) argument 282 aa_fs_seq_profmode_open(struct inode *inode, struct file *file) argument 310 aa_fs_seq_profattach_open(struct inode *inode, struct file *file) argument 338 aa_fs_seq_hash_open(struct inode *inode, struct file *file) argument 767 profiles_open(struct inode *inode, struct file *file) argument 772 profiles_release(struct inode *inode, struct file *file) argument [all...] |
H A D | file.c | 4 * This file contains AppArmor mediation of files 17 #include "include/file.h" 61 * file_audit_cb - call back for file specific audit fields 92 * aa_audit_file - handle the auditing of file operations 157 * map_old_perms - map old file perms layout to the new layout 200 * currently file perms are encoded in the dfa, new format 255 * is_deleted - test if a file has been completely unlinked 256 * @dentry: dentry of file to test for deletion (NOT NULL) 298 aa_str_perms(profile->file.dfa, profile->file 448 aa_file_perm(int op, struct aa_profile *profile, struct file *file, u32 request) argument [all...] |
H A D | domain.c | 4 * This file contains AppArmor policy attachment and domain transitions 17 #include <linux/file.h> 27 #include "include/file.h" 108 } else if (!profile->file.dfa) { 112 aa_str_perms(profile->file.dfa, start, name, &cond, &perms); 118 state = aa_dfa_match(profile->file.dfa, start, ns->base.name); 119 state = aa_dfa_match_len(profile->file.dfa, state, ":", 1); 120 aa_str_perms(profile->file.dfa, state, name, &cond, &perms); 248 for (name = profile->file.trans.table[index]; !new_profile && name; 346 file_inode(bprm->file) [all...] |
H A D | policy_unpack.c | 4 * This file contains AppArmor functions for unpacking policy loaded from 321 * unpack_dfa - unpack a file rule dfa 384 profile->file.trans.table = kzalloc(sizeof(char *) * size, 386 if (!profile->file.trans.table) 389 profile->file.trans.size = size; 398 profile->file.trans.table[i] = str; 430 aa_free_domain_entries(&profile->file.trans); 601 /* get file rules */ 602 profile->file.dfa = unpack_dfa(e); 603 if (IS_ERR(profile->file [all...] |