/security/selinux/ |
H A D | xfrm.c | 2 * NSA Security-Enhanced Linux (SELinux) security module 32 * 3. Testing addition of sk_policy's with security context via setsockopt 36 #include <linux/security.h> 69 * Returns true if the xfrm contains a security blob for SELinux. 73 return selinux_authorizable_ctx(x->security); 77 * Allocates a xfrm_sec_state and populates it using the supplied security 184 if (!xp->security) 185 if (x->security) 192 if (!x->security) 200 state_sid = x->security [all...] |
H A D | hooks.c | 2 * NSA Security-Enhanced Linux (SELinux) security module 32 #include <linux/security.h> 176 * initialise the security for the init task 188 cred->security = tsec; 192 * get the security ID of a set of credentials 198 tsec = cred->security; 203 * get the objective security ID of a task 216 * get the subjective security ID of the current task 225 /* Allocate and free functions for each kind of security blob. */ 373 const struct task_security_struct *tsec = cred->security; 4724 selinux_tun_dev_alloc_security(void **security) argument 4737 selinux_tun_dev_free_security(void *security) argument 4757 selinux_tun_dev_attach_queue(void *security) argument 4765 selinux_tun_dev_attach(struct sock *sk, void *security) argument 4783 selinux_tun_dev_open(void *security) argument [all...] |
H A D | selinuxfs.c | 25 #include <linux/security.h> 34 /* selinuxfs pseudo filesystem for exporting the security policy API. 40 #include "security.h" 80 /* Check whether a task is allowed to use a security operation. */ 88 tsec = __task_cred(tsk)->security;
|
/security/ |
H A D | Kconfig | 7 source security/keys/Kconfig 22 bool "Enable different security models" 25 This allows you to choose different security modules to be 28 If this option is not selected, the default Linux security 46 This enables the socket and networking security hooks. 47 If enabled, a security module can use these hooks to 55 This enables the XFRM (IPSec) networking security hooks. 56 If enabled, a security module can use these hooks to 68 This enables the security hooks for pathname based access control. 69 If enabled, a security modul [all...] |
H A D | min_addr.c | 3 #include <linux/security.h>
|
H A D | Makefile | 2 # Makefile for the kernel security code 17 obj-$(CONFIG_SECURITY) += security.o capability.o
|
H A D | security.c | 19 #include <linux/security.h> 61 * security_init - initializes the security framework 87 __setup("security=", choose_lsm); 90 * security_module_enable - Load given security module on boot ? 94 * to avoid security registration races. This method may also be used 109 * register_security - registers a security framework with the kernel 112 * This function allows a security module to register itself with the 113 * kernel security subsystem. Some rudimentary checking is done on the @ops 117 * If there is already a security module registered with the kernel, 1324 int security_tun_dev_alloc_security(void **security) argument 1330 security_tun_dev_free_security(void *security) argument 1342 security_tun_dev_attach_queue(void *security) argument 1348 security_tun_dev_attach(struct sock *sk, void *security) argument 1354 security_tun_dev_open(void *security) argument [all...] |
H A D | inode.c | 22 #include <linux/security.h> 224 security_kobj = kobject_create_and_add("security", kernel_kobj);
|
H A D | capability.c | 4 * This is the default security module in case no other module is loaded. 13 #include <linux/security.h> 748 static int cap_tun_dev_alloc_security(void **security) argument 753 static void cap_tun_dev_free_security(void *security) argument 762 static int cap_tun_dev_attach_queue(void *security) argument 767 static int cap_tun_dev_attach(struct sock *sk, void *security) argument 772 static int cap_tun_dev_open(void *security) argument 947 " security operation with the default.\n");\
|
H A D | commoncap.c | 15 #include <linux/security.h> 303 * affects the security markings on that inode, and if it is, should 324 * cap_inode_killpriv - Erase the security markings on an inode 327 * Erase the privilege-enhancing security markings on an inode. 631 * This is used to make sure security xattrs don't get updated or set by those 658 * This is used to make sure security xattrs don't get removed by those who 856 * cap_task_prctl - Implement process control functions for this security module 977 * capability security module. Returns 0 if this mapping should be allowed
|
/security/integrity/evm/ |
H A D | evm.h | 20 #include <linux/security.h> 35 /* List of EVM protected security xattrs */
|
/security/tomoyo/ |
H A D | tomoyo.c | 2 * security/tomoyo/tomoyo.c 7 #include <linux/security.h> 20 new->security = NULL; 36 struct tomoyo_domain_info *domain = old->security; 37 new->security = domain; 61 struct tomoyo_domain_info *domain = cred->security; 97 * "bprm->cred->security". New reference to "struct tomoyo_domain_info" 98 * stored inside "bprm->cred->security" will be acquired later inside 102 bprm->cred->security)->users); 107 bprm->cred->security [all...] |
H A D | securityfs_if.c | 2 * security/tomoyo/securityfs_if.c 7 #include <linux/security.h> 27 * tomoyo_write_self - write() for /sys/kernel/security/tomoyo/self_domain interface. 78 cred->security; 79 cred->security = new_domain; 96 * tomoyo_read_self - read() for /sys/kernel/security/tomoyo/self_domain interface. 122 /* Operations for /sys/kernel/security/tomoyo/self_domain interface. */ 129 * tomoyo_open - open() for /sys/kernel/security/tomoyo/ interface. 144 * tomoyo_release - close() for /sys/kernel/security/tomoyo/ interface. 156 * tomoyo_poll - poll() for /sys/kernel/security/tomoy [all...] |
H A D | common.h | 2 * security/tomoyo/common.h 252 /* Index numbers for /sys/kernel/security/tomoyo/stat interface. */ 296 /* Index numbers for /sys/kernel/security/tomoyo/ interfaces. */ 382 /* Index numbers for /sys/kernel/security/tomoyo/stat interface. */ 774 /* Structure for holding a line from /sys/kernel/security/tomoyo/ interface. */ 785 * Structure for reading/writing policy via /sys/kernel/security/tomoyo 874 /* Structure for /sys/kernel/security/tomnoyo/profile interface. */ 1205 return current_cred()->security; 1218 return task_cred_xxx(task, security);
|
H A D | domain.c | 2 * security/tomoyo/domain.c 843 bprm->cred->security = domain;
|
/security/keys/ |
H A D | permission.c | 13 #include <linux/security.h> 23 * but permit the security modules to override.
|
H A D | gc.c | 14 #include <linux/security.h>
|
H A D | Kconfig | 94 Note that LSM security checks are still performed, and may further
|
H A D | process_keys.c | 19 #include <linux/security.h>
|
/security/smack/ |
H A D | smack_lsm.c | 2 * Simplified MAC Kernel (smack) security module 46 #define task_security(task) (task_cred_xxx((task), security)) 183 struct task_smack *tsp = cred->security; 234 * new_inode_smack - allocate an inode security blob 255 * new_task_smack - allocate a task security blob 672 struct task_smack *bsp = bprm->cred->security; 719 struct task_smack *bsp = bprm->cred->security; 1305 * smack_inode_getsecid - Extract inode's security id 1340 * smack_file_alloc_security - assign a file security blob 1343 * The security blo [all...] |
H A D | smack.h | 18 #include <linux/security.h>
|
/security/apparmor/include/ |
H A D | context.h | 2 * AppArmor security module 24 #define cred_cxt(X) (X)->security
|
/security/integrity/ima/ |
H A D | ima.h | 22 #include <linux/security.h>
|
H A D | ima_policy.c | 15 #include <linux/security.h>
|
/security/yama/ |
H A D | yama_lsm.c | 15 #include <linux/security.h>
|