/security/apparmor/ |
H A D | context.c | 24 * cred or task context but instead creates a new one. Ideally the task 33 * aa_alloc_task_context - allocate a new task_cxt 60 * @new: a blank task context (NOT NULL) 63 void aa_dup_task_context(struct aa_task_cxt *new, const struct aa_task_cxt *old) argument 65 *new = *old; 66 aa_get_profile(new->profile); 67 aa_get_profile(new->previous); 68 aa_get_profile(new->onexec); 90 * @profile: new profile (NOT NULL) 97 struct cred *new; local 135 struct cred *new = prepare_creds(); local 161 struct cred *new = prepare_creds(); local 199 struct cred *new = prepare_creds(); local [all...] |
H A D | policy.c | 268 * alloc_namespace - allocate, initialize and return a new namespace 370 * aa_prepare_namespace - find an existing or create a new namespace of @name 641 * aa_alloc_profile - allocate, initialize and return a new profile 675 * aa_new_null_profile - create a new null-X learning profile 686 * Returns: new refcounted profile else NULL on failure 783 * is used to load a new profile. 954 if (ent->new == profile) 956 if (strncmp(ent->new->base.hname, profile->base.hname, len) == 957 0 && ent->new->base.hname[len] == 0) 958 return ent->new; 977 __replace_profile(struct aa_profile *old, struct aa_profile *new, bool share_replacedby) argument [all...] |
H A D | resource.c | 85 * @new_rlim - the new resource limit (NOT NULL) 117 * __aa_transition_rlimits - apply new profile rlimits 119 * @new: new profile with rlimits to apply (NOT NULL) 121 void __aa_transition_rlimits(struct aa_profile *old, struct aa_profile *new) argument 141 /* set any new hard limits as dictated by the new profile */ 142 if (!new->rlimits.mask) 145 if (!(new->rlimits.mask & mask)) 150 new [all...] |
H A D | file.c | 157 * map_old_perms - map old file perms layout to the new layout 160 * Returns: new permission mapping 164 u32 new = old & 0xf; local 166 new |= AA_MAY_META_READ; 168 new |= AA_MAY_META_WRITE | AA_MAY_CREATE | AA_MAY_DELETE | 171 new |= AA_MAY_LINK; 176 new |= AA_MAY_LOCK | AA_LINK_SUBSET; 178 new |= AA_EXEC_MMAP; 180 return new; 199 /* FIXME: change over to new df [all...] |
H A D | policy_unpack.c | 84 * @new: profile if it has been allocated (MAYBE NULL) 92 static int audit_iface(struct aa_profile *new, const char *name, argument 102 aad.iface.target = new; 723 aa_put_profile(ent->new); 789 ent->new = profile;
|
H A D | lsm.c | 70 * prepare new aa_task_cxt for modification by prepare_cred block 72 static int apparmor_cred_prepare(struct cred *new, const struct cred *old, argument 81 cred_cxt(new) = cxt; 88 static void apparmor_cred_transfer(struct cred *new, const struct cred *old) argument 91 struct aa_task_cxt *new_cxt = cred_cxt(new);
|
/security/ |
H A D | commoncap.c | 246 * @new: The proposed new credentials; alterations should be made here 248 * @effective: A pointer to the proposed new effective capabilities set 249 * @inheritable: A pointer to the proposed new inheritable capabilities set 250 * @permitted: A pointer to the proposed new permitted capabilities set 253 * process's capability sets. The changes are made to the proposed new 256 int cap_capset(struct cred *new, argument 272 /* no new pI capabilities outside bounding set */ 275 /* verify restrictions on target's new Permitted set */ 283 new 350 struct cred *new = bprm->cred; local 496 struct cred *new = bprm->cred; local 705 cap_emulate_setxuid(struct cred *new, const struct cred *old) argument 734 cap_task_fix_setuid(struct cred *new, const struct cred *old, int flags) argument 841 struct cred *new; local 871 struct cred *new; local [all...] |
H A D | security.c | 188 int security_capset(struct cred *new, const struct cred *old, argument 193 return security_ops->capset(new, old, 848 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp) argument 850 return security_ops->cred_prepare(new, old, gfp); 853 void security_transfer_creds(struct cred *new, const struct cred *old) argument 855 security_ops->cred_transfer(new, old); 858 int security_kernel_act_as(struct cred *new, u32 secid) argument 860 return security_ops->kernel_act_as(new, secid); 863 int security_kernel_create_files_as(struct cred *new, struct inode *inode) argument 865 return security_ops->kernel_create_files_as(new, inod 894 security_task_fix_setuid(struct cred *new, const struct cred *old, int flags) argument [all...] |
H A D | device_cgroup.c | 69 struct dev_exception_item *ex, *tmp, *new; local 74 new = kmemdup(ex, sizeof(*ex), GFP_KERNEL); 75 if (!new) 77 list_add_tail(&new->list, dest); 389 * verify_new_ex - verifies if a new exception is allowed by parent cgroup's permissions 391 * @refex: new exception 410 * new exception in the child doesn't matter, only 416 * new exception in the child will add more devices 433 * the new exception will add access to more devices and must 452 * when adding a new allo [all...] |
H A D | capability.c | 405 static int cap_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) argument 410 static void cap_cred_transfer(struct cred *new, const struct cred *old) argument 414 static int cap_kernel_act_as(struct cred *new, u32 secid) argument 419 static int cap_kernel_create_files_as(struct cred *new, struct inode *inode) argument
|
/security/keys/ |
H A D | process_keys.c | 128 * Install a fresh thread keyring directly to new credentials. This keyring is 131 int install_thread_keyring_to_cred(struct cred *new) argument 135 keyring = keyring_alloc("_tid", new->uid, new->gid, new, 141 new->thread_keyring = keyring; 150 struct cred *new; local 153 new = prepare_creds(); 154 if (!new) 157 BUG_ON(new 174 install_process_keyring_to_cred(struct cred *new) argument 200 struct cred *new; local 257 struct cred *new; local 756 struct cred *new; local 828 struct cred *new = container_of(twork, struct cred, rcu); local [all...] |
H A D | keyctl.c | 49 * Extract the description of a new key from userspace and either add it as a 50 * new key to the specified keyring or update a matching key in that keyring. 57 * If successful, the new key's serial number is returned, otherwise an error 479 * new key. 787 * If the UID is to be changed, the new user must have sufficient quota to 789 * the new user should the attribute be changed. 845 /* transfer the quota burden to the new user */ 988 struct cred *new; local 990 new = prepare_creds(); 991 if (!new) 1261 struct cred *new; local [all...] |
/security/apparmor/include/ |
H A D | policy_unpack.h | 22 struct aa_profile *new;
|
H A D | resource.h | 43 void __aa_transition_rlimits(struct aa_profile *old, struct aa_profile *new);
|
H A D | apparmorfs.h | 98 struct aa_profile *new);
|
H A D | context.h | 80 void aa_dup_task_context(struct aa_task_cxt *new,
|
H A D | policy.h | 361 struct aa_profile *new) 366 rcu_assign_pointer(orig->replacedby->profile, aa_get_profile(new)); 360 __aa_update_replacedby(struct aa_profile *orig, struct aa_profile *new) argument
|
/security/selinux/ |
H A D | netif.c | 86 * sel_netif_insert - Insert a new interface into the table 87 * @netif: the new interface record 90 * Add a new interface record to the network interface hash table. Returns 140 struct sel_netif *new = NULL; local 161 new = kzalloc(sizeof(*new), GFP_ATOMIC); 162 if (new == NULL) { 166 ret = security_netif_sid(dev->name, &new->nsec.sid); 169 new->nsec.ns = ns; 170 new [all...] |
H A D | netnode.c | 149 * sel_netnode_insert - Insert a new node into the table 150 * @node: the new node record 153 * Add a new node record to the network address hash table. 204 struct sel_netnode *new = NULL; local 213 new = kzalloc(sizeof(*new), GFP_ATOMIC); 214 if (new == NULL) 220 new->nsec.addr.ipv4 = *(__be32 *)addr; 225 new->nsec.addr.ipv6 = *(struct in6_addr *)addr; 234 new [all...] |
H A D | netport.c | 108 * sel_netport_insert - Insert a new port into the table 109 * @port: the new port record 112 * Add a new port record to the network address hash table. 152 struct sel_netport *new = NULL; local 161 new = kzalloc(sizeof(*new), GFP_ATOMIC); 162 if (new == NULL) 168 new->psec.port = pnum; 169 new->psec.protocol = protocol; 170 new [all...] |
H A D | hooks.c | 837 struct superblock_security_struct *new = newsb->s_security; local 839 char newflags = new->flags & SE_MNTMASK; 843 if ((oldflags & FSCONTEXT_MNT) && old->sid != new->sid) 845 if ((oldflags & CONTEXT_MNT) && old->mntpoint_sid != new->mntpoint_sid) 847 if ((oldflags & DEFCONTEXT_MNT) && old->def_sid != new->def_sid) 2030 static int selinux_capset(struct cred *new, const struct cred *old, argument 2037 error = cap_capset(new, old, 2042 return cred_has_perm(old, new, PROCESS__SETCAP); 2130 * Check that a process has enough memory to allocate a new virtual 2380 * Prepare a process for imminent new credentia 3579 selinux_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) argument 3598 selinux_cred_transfer(struct cred *new, const struct cred *old) argument 3610 selinux_kernel_act_as(struct cred *new, u32 secid) argument 3633 selinux_kernel_create_files_as(struct cred *new, struct inode *inode) argument 5654 struct cred *new; local [all...] |
/security/selinux/ss/ |
H A D | ebitmap.c | 51 struct ebitmap_node *n, *new, *prev; local 57 new = kzalloc(sizeof(*new), GFP_ATOMIC); 58 if (!new) { 62 new->startbit = n->startbit; 63 memcpy(new->maps, n->maps, EBITMAP_SIZE / 8); 64 new->next = NULL; 66 prev->next = new; 68 dst->node = new; 69 prev = new; 252 struct ebitmap_node *n, *prev, *new; local [all...] |
/security/tomoyo/ |
H A D | tomoyo.c | 13 * @new: Pointer to "struct cred". 18 static int tomoyo_cred_alloc_blank(struct cred *new, gfp_t gfp) argument 20 new->security = NULL; 27 * @new: Pointer to "struct cred". 33 static int tomoyo_cred_prepare(struct cred *new, const struct cred *old, argument 37 new->security = domain; 46 * @new: Pointer to "struct cred". 49 static void tomoyo_cred_transfer(struct cred *new, const struct cred *old) argument 51 tomoyo_cred_prepare(new, old, 0);
|
/security/smack/ |
H A D | smack_lsm.c | 237 * Returns the new blob or NULL if there's no memory available 258 * Returns the new blob or NULL if there's no memory available 279 * @nhead - new rules header pointer 712 * smack_bprm_committing_creds - Prepare to install the new credentials 831 * @new_dentry: the new object 932 * @new_dentry: the new object 935 * new directories. 1685 * @new: the new credentials 1731 * smack_cred_prepare - prepare new se 1738 smack_cred_prepare(struct cred *new, const struct cred *old, gfp_t gfp) argument 1764 smack_cred_transfer(struct cred *new, const struct cred *old) argument 1785 smack_kernel_act_as(struct cred *new, u32 secid) argument 1805 smack_kernel_create_files_as(struct cred *new, struct inode *inode) argument 3234 struct cred *new; local [all...] |
H A D | smackfs.c | 213 * during the allocation of the new pair to add. 253 * If this is a global as opposed to self and a new rule 1108 * @new : netlabel to insert 1115 static void smk_netlbladdr_insert(struct smk_netlbladdr *new) argument 1120 list_add_rcu(&new->list, &smk_netlbladdr_list); 1128 if (new->smk_mask.s_addr > m->smk_mask.s_addr) { 1129 list_add_rcu(&new->list, &smk_netlbladdr_list); 1135 list_add_rcu(&new->list, &m->list); 1140 if (new->smk_mask.s_addr > m_next->smk_mask.s_addr) { 1141 list_add_rcu(&new [all...] |