/security/selinux/include/ |
H A D | avc_ss.h | 16 const char *perms[sizeof(u32) * 8 + 1]; member in struct:security_class_mapping
|
H A D | security.h | 113 #define security_operation_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f)) 114 #define security_operation_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f))) 117 u32 perms[8]; member in struct:operation_perm 199 int security_get_permissions(char *class, char ***perms, int *nperms);
|
/security/apparmor/ |
H A D | file.c | 94 * @perms: the permissions computed for the request (NOT NULL) 106 int aa_audit_file(struct aa_profile *profile, struct file_perms *perms, argument 124 u32 mask = perms->audit; 129 /* mask off perms that are not being force audited */ 137 sa.aad->fs.request = sa.aad->fs.request & ~perms->allow; 139 if (sa.aad->fs.request & perms->kill) 143 if ((sa.aad->fs.request & perms->quiet) && 146 sa.aad->fs.request &= ~perms->quiet; 152 sa.aad->fs.denied = sa.aad->fs.request & ~perms->allow; 157 * map_old_perms - map old file perms layou 197 struct file_perms perms; local 238 aa_str_perms(struct aa_dfa *dfa, unsigned int start, const char *name, struct path_cond *cond, struct file_perms *perms) argument 282 struct file_perms perms = {}; local 359 struct file_perms lperms, perms; local [all...] |
H A D | domain.c | 90 * @request: requested perms 100 struct file_perms perms; local 105 perms.allow = AA_MAY_CHANGE_PROFILE | AA_MAY_ONEXEC; 106 perms.audit = perms.quiet = perms.kill = 0; 107 return perms; 112 aa_str_perms(profile->file.dfa, start, name, &cond, &perms); 113 if (COMBINED_PERM_MASK(perms) & request) 114 return perms; 344 struct file_perms perms = {}; local 615 struct file_perms perms = {}; local 753 struct file_perms perms = {}; local [all...] |
/security/apparmor/include/ |
H A D | file.h | 99 /* FIXME: split perms from dfa and match this to description 147 int aa_audit_file(struct aa_profile *profile, struct file_perms *perms, 154 * @perms: permission table indexed by the matched state accept entry of @dfa 159 * an index into @perms. If a named exec transition is required it is 165 /* struct perms perms; */ 172 struct file_perms *perms); 198 u32 perms = 0; local 201 perms |= MAY_WRITE; 203 perms | [all...] |
/security/selinux/ |
H A D | avc.c | 111 const char **perms; local 119 perms = secclass_map[tclass-1].perms; 125 if ((perm & av) && perms[i]) { 126 audit_log_format(ab, " %s", perms[i]); 260 rc = security_operation_test(od->allowed->perms, num); 263 rc = security_operation_test(od->auditallow->perms, num); 266 rc = security_operation_test(od->dontaudit->perms, num); 281 security_operation_set(od->allowed->perms, num); 319 memcpy(dest->allowed->perms, sr 834 avc_update_node(u32 event, u32 perms, u16 cmd, u32 ssid, u32 tsid, u16 tclass, u32 seqno, struct operation_decision *od, u32 flags) argument [all...] |
H A D | hooks.c | 1498 u32 perms) 1502 return avc_has_perm(asid, tsid, SECCLASS_PROCESS, perms, NULL); 1513 u32 perms) 1522 return avc_has_perm(sid1, sid2, SECCLASS_PROCESS, perms, NULL); 1532 u32 perms) 1538 return avc_has_perm(sid, tsid, SECCLASS_PROCESS, perms, NULL); 1584 u32 perms) 1589 SECCLASS_SYSTEM, perms, NULL); 1597 u32 perms, 1611 return avc_has_perm(sid, isec->sid, isec->sclass, perms, ad 1496 cred_has_perm(const struct cred *actor, const struct cred *target, u32 perms) argument 1511 task_has_perm(const struct task_struct *tsk1, const struct task_struct *tsk2, u32 perms) argument 1531 current_has_perm(const struct task_struct *tsk, u32 perms) argument 1583 task_has_system(struct task_struct *tsk, u32 perms) argument 1595 inode_has_perm(const struct cred *cred, struct inode *inode, u32 perms, struct common_audit_data *adp) argument 1851 superblock_has_perm(const struct cred *cred, struct super_block *sb, u32 perms, struct common_audit_data *ad) argument 2870 audit_inode_permission(struct inode *inode, u32 perms, u32 audited, u32 denied, int result, unsigned flags) argument 2892 u32 perms; local 4054 sock_has_perm(struct task_struct *task, struct sock *sk, u32 perms) argument 5216 ipc_has_perm(struct kern_ipc_perm *ipc_perms, u32 perms) argument 5290 int perms; local 5431 int perms; local 5464 u32 perms; local 5524 u32 perms; local 5565 u32 perms; local [all...] |
H A D | selinuxfs.c | 82 u32 perms) 96 SECCLASS_SECURITY, perms, NULL); 1610 char **perms; local 1612 rc = security_get_permissions(objclass, &perms, &nperms); 1621 dentry = d_alloc_name(dir, perms[i]); 1638 kfree(perms[i]); 1639 kfree(perms); 1662 dentry = sel_make_dir(dir, "perms", &last_class_ino); 81 task_has_security(struct task_struct *tsk, u32 perms) argument
|
/security/selinux/ss/ |
H A D | services.c | 104 u32 perms[sizeof(u32) * 8]; member in struct:selinux_mapping 158 while (p_in->perms && p_in->perms[k]) { 160 if (!*p_in->perms[k]) { 164 p_out->perms[k] = string_to_av_perm(pol, p_out->value, 165 p_in->perms[k]); 166 if (!p_out->perms[k]) { 169 p_in->perms[k], p_in->name); 227 if (avd->allowed & current_mapping[tclass].perms[i]) 229 if (allow_unknown && !current_mapping[tclass].perms[ 2914 char *name = k, **perms = args; local 2924 security_get_permissions(char *class, char ***perms, int *nperms) argument [all...] |
H A D | avtab.c | 363 __le32 buf32[ARRAY_SIZE(ops.op.perms)]; 485 rc = next_entry(buf32, fp, sizeof(u32)*ARRAY_SIZE(ops.op.perms)); 490 for (i = 0; i < ARRAY_SIZE(ops.op.perms); i++) 491 ops.op.perms[i] = le32_to_cpu(buf32[i]); 555 __le32 buf32[ARRAY_SIZE(cur->datum.u.ops->op.perms)]; 571 for (i = 0; i < ARRAY_SIZE(cur->datum.u.ops->op.perms); i++) 572 buf32[i] = cpu_to_le32(cur->datum.u.ops->op.perms[i]); 574 ARRAY_SIZE(cur->datum.u.ops->op.perms), fp);
|