| /security/selinux/ |
| H A D | xfrm.c | 2 * NSA Security-Enhanced Linux (SELinux) security module
32 * 3. Testing addition of sk_policy's with security context via setsockopt
36 #include <linux/security.h>
69 * Returns true if the xfrm contains a security blob for SELinux.
73 return selinux_authorizable_ctx(x->security);
77 * Allocates a xfrm_sec_state and populates it using the supplied security
184 if (!xp->security)
185 if (x->security)
192 if (!x->security)
200 state_sid = x->security
[all...] |
| H A D | hooks.c | 2 * NSA Security-Enhanced Linux (SELinux) security module
32 #include <linux/security.h>
176 * initialise the security for the init task
188 cred->security = tsec;
192 * get the security ID of a set of credentials
198 tsec = cred->security;
203 * get the objective security ID of a task
216 * get the subjective security ID of the current task
225 /* Allocate and free functions for each kind of security blob. */
373 const struct task_security_struct *tsec = cred->security;
4724 selinux_tun_dev_alloc_security(void **security) argument
4737 selinux_tun_dev_free_security(void *security) argument
4757 selinux_tun_dev_attach_queue(void *security) argument
4765 selinux_tun_dev_attach(struct sock *sk, void *security) argument
4783 selinux_tun_dev_open(void *security) argument
[all...] |
| H A D | selinuxfs.c | 25 #include <linux/security.h>
34 /* selinuxfs pseudo filesystem for exporting the security policy API.
40 #include "security.h"
80 /* Check whether a task is allowed to use a security operation. */
88 tsec = __task_cred(tsk)->security;
|
| /security/ |
| H A D | Kconfig | 7 source security/keys/Kconfig
22 bool "Enable different security models"
25 This allows you to choose different security modules to be
28 If this option is not selected, the default Linux security
46 This enables the socket and networking security hooks.
47 If enabled, a security module can use these hooks to
55 This enables the XFRM (IPSec) networking security hooks.
56 If enabled, a security module can use these hooks to
68 This enables the security hooks for pathname based access control.
69 If enabled, a security modul
[all...] |
| H A D | min_addr.c | 3 #include <linux/security.h>
|
| H A D | Makefile | 2 # Makefile for the kernel security code
17 obj-$(CONFIG_SECURITY) += security.o capability.o
|
| H A D | security.c | 19 #include <linux/security.h>
61 * security_init - initializes the security framework
87 __setup("security=", choose_lsm);
90 * security_module_enable - Load given security module on boot ?
94 * to avoid security registration races. This method may also be used
109 * register_security - registers a security framework with the kernel
112 * This function allows a security module to register itself with the
113 * kernel security subsystem. Some rudimentary checking is done on the @ops
117 * If there is already a security module registered with the kernel,
1324 int security_tun_dev_alloc_security(void **security) argument
1330 security_tun_dev_free_security(void *security) argument
1342 security_tun_dev_attach_queue(void *security) argument
1348 security_tun_dev_attach(struct sock *sk, void *security) argument
1354 security_tun_dev_open(void *security) argument
[all...] |
| H A D | inode.c | 22 #include <linux/security.h>
224 security_kobj = kobject_create_and_add("security", kernel_kobj);
|
| H A D | capability.c | 4 * This is the default security module in case no other module is loaded.
13 #include <linux/security.h>
748 static int cap_tun_dev_alloc_security(void **security) argument
753 static void cap_tun_dev_free_security(void *security) argument
762 static int cap_tun_dev_attach_queue(void *security) argument
767 static int cap_tun_dev_attach(struct sock *sk, void *security) argument
772 static int cap_tun_dev_open(void *security) argument
947 " security operation with the default.\n");\
|
| H A D | commoncap.c | 15 #include <linux/security.h>
303 * affects the security markings on that inode, and if it is, should
324 * cap_inode_killpriv - Erase the security markings on an inode
327 * Erase the privilege-enhancing security markings on an inode.
631 * This is used to make sure security xattrs don't get updated or set by those
658 * This is used to make sure security xattrs don't get removed by those who
856 * cap_task_prctl - Implement process control functions for this security module
977 * capability security module. Returns 0 if this mapping should be allowed
|
| /security/integrity/evm/ |
| H A D | evm.h | 20 #include <linux/security.h>
35 /* List of EVM protected security xattrs */
|
| /security/tomoyo/ |
| H A D | tomoyo.c | 2 * security/tomoyo/tomoyo.c
7 #include <linux/security.h>
20 new->security = NULL;
36 struct tomoyo_domain_info *domain = old->security;
37 new->security = domain;
61 struct tomoyo_domain_info *domain = cred->security;
97 * "bprm->cred->security". New reference to "struct tomoyo_domain_info"
98 * stored inside "bprm->cred->security" will be acquired later inside
102 bprm->cred->security)->users);
107 bprm->cred->security
[all...] |
| H A D | securityfs_if.c | 2 * security/tomoyo/securityfs_if.c
7 #include <linux/security.h>
27 * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface.
78 cred->security;
79 cred->security = new_domain;
96 * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface.
122 /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */
129 * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface.
144 * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface.
156 * tomoyo_poll - poll() for /sys/kernel/security/tomoy
[all...] |
| H A D | common.h | 2 * security/tomoyo/common.h
252 /* Index numbers for /sys/kernel/security/tomoyo/stat interface. */
296 /* Index numbers for /sys/kernel/security/tomoyo/ interfaces. */
382 /* Index numbers for /sys/kernel/security/tomoyo/stat interface. */
774 /* Structure for holding a line from /sys/kernel/security/tomoyo/ interface. */
785 * Structure for reading/writing policy via /sys/kernel/security/tomoyo
874 /* Structure for /sys/kernel/security/tomnoyo/profile interface. */
1205 return current_cred()->security;
1218 return task_cred_xxx(task, security);
|
| H A D | domain.c | 2 * security/tomoyo/domain.c
843 bprm->cred->security = domain;
|
| /security/keys/ |
| H A D | permission.c | 13 #include <linux/security.h>
23 * but permit the security modules to override.
|
| H A D | gc.c | 14 #include <linux/security.h>
|
| H A D | Kconfig | 94 Note that LSM security checks are still performed, and may further
|
| H A D | process_keys.c | 19 #include <linux/security.h>
|
| /security/smack/ |
| H A D | smack_lsm.c | 2 * Simplified MAC Kernel (smack) security module
46 #define task_security(task) (task_cred_xxx((task), security))
183 struct task_smack *tsp = cred->security;
234 * new_inode_smack - allocate an inode security blob
255 * new_task_smack - allocate a task security blob
672 struct task_smack *bsp = bprm->cred->security;
719 struct task_smack *bsp = bprm->cred->security;
1305 * smack_inode_getsecid - Extract inode's security id
1340 * smack_file_alloc_security - assign a file security blob
1343 * The security blo
[all...] |
| H A D | smack.h | 18 #include <linux/security.h>
|
| /security/apparmor/include/ |
| H A D | context.h | 2 * AppArmor security module
24 #define cred_cxt(X) (X)->security
|
| /security/integrity/ima/ |
| H A D | ima.h | 22 #include <linux/security.h>
|
| H A D | ima_policy.c | 15 #include <linux/security.h>
|
| /security/yama/ |
| H A D | yama_lsm.c | 15 #include <linux/security.h>
|