Lines Matching refs:flags
101 unsigned int flags; member
148 {.action = DONT_MEASURE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
149 {.action = DONT_MEASURE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
150 {.action = DONT_MEASURE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
152 .flags = IMA_FSMAGIC | IMA_FUNC},
153 {.action = DONT_MEASURE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
154 {.action = DONT_MEASURE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
155 {.action = DONT_MEASURE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
156 {.action = DONT_MEASURE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
157 {.action = DONT_MEASURE, .fsmagic = SMACK_MAGIC, .flags = IMA_FSMAGIC},
159 .flags = IMA_FSMAGIC},
161 .flags = IMA_FSMAGIC},
162 {.action = DONT_MEASURE, .fsmagic = NSFS_MAGIC, .flags = IMA_FSMAGIC},
163 {.action = DONT_MEASURE, .fsmagic = EFIVARFS_MAGIC, .flags = IMA_FSMAGIC}
168 .flags = IMA_FUNC | IMA_MASK},
170 .flags = IMA_FUNC | IMA_MASK},
173 .flags = IMA_FUNC | IMA_MASK | IMA_UID},
174 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
175 {.action = MEASURE, .func = FIRMWARE_CHECK, .flags = IMA_FUNC},
180 .flags = IMA_FUNC | IMA_MASK},
182 .flags = IMA_FUNC | IMA_MASK},
185 .flags = IMA_FUNC | IMA_INMASK | IMA_EUID},
188 .flags = IMA_FUNC | IMA_INMASK | IMA_UID},
189 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
190 {.action = MEASURE, .func = FIRMWARE_CHECK, .flags = IMA_FUNC},
191 {.action = MEASURE, .func = POLICY_CHECK, .flags = IMA_FUNC},
195 {.action = DONT_APPRAISE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
196 {.action = DONT_APPRAISE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
197 {.action = DONT_APPRAISE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
198 {.action = DONT_APPRAISE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
199 {.action = DONT_APPRAISE, .fsmagic = RAMFS_MAGIC, .flags = IMA_FSMAGIC},
200 {.action = DONT_APPRAISE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
201 {.action = DONT_APPRAISE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
202 {.action = DONT_APPRAISE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
203 {.action = DONT_APPRAISE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
204 {.action = DONT_APPRAISE, .fsmagic = SMACK_MAGIC, .flags = IMA_FSMAGIC},
205 {.action = DONT_APPRAISE, .fsmagic = NSFS_MAGIC, .flags = IMA_FSMAGIC},
206 {.action = DONT_APPRAISE, .fsmagic = EFIVARFS_MAGIC, .flags = IMA_FSMAGIC},
207 {.action = DONT_APPRAISE, .fsmagic = CGROUP_SUPER_MAGIC, .flags = IMA_FSMAGIC},
208 {.action = DONT_APPRAISE, .fsmagic = CGROUP2_SUPER_MAGIC, .flags = IMA_FSMAGIC},
211 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
215 .flags = IMA_FOWNER},
219 .flags = IMA_FOWNER | IMA_DIGSIG_REQUIRED},
226 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
230 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
234 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
238 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
244 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
246 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
248 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
250 .flags = IMA_FUNC | IMA_DIGSIG_REQUIRED},
254 {.action = MEASURE, .func = CRITICAL_DATA, .flags = IMA_FUNC},
522 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rule_data()
579 if ((rule->flags & IMA_FUNC) && in ima_match_rules()
592 if ((rule->flags & IMA_MASK) && in ima_match_rules()
595 if ((rule->flags & IMA_INMASK) && in ima_match_rules()
598 if ((rule->flags & IMA_FSMAGIC) in ima_match_rules()
601 if ((rule->flags & IMA_FSNAME) in ima_match_rules()
604 if ((rule->flags & IMA_FSUUID) && in ima_match_rules()
607 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules()
609 if (rule->flags & IMA_EUID) { in ima_match_rules()
618 if ((rule->flags & IMA_GID) && !rule->gid_op(cred->gid, rule->gid)) in ima_match_rules()
620 if (rule->flags & IMA_EGID) { in ima_match_rules()
629 if ((rule->flags & IMA_FOWNER) && in ima_match_rules()
633 if ((rule->flags & IMA_FGROUP) && in ima_match_rules()
699 if (!(rule->flags & IMA_FUNC)) in get_subaction()
743 enum ima_hooks func, int mask, int flags, int *pcr, in ima_match_policy() argument
748 int action = 0, actmask = flags | (flags << 1); in ima_match_policy()
765 action |= entry->flags & IMA_NONACTION_FLAGS; in ima_match_policy()
775 entry->flags & IMA_VALIDATE_ALGOS) in ima_match_policy()
784 if ((pcr) && (entry->flags & IMA_PCR)) in ima_match_policy()
1250 if (entry->action != MEASURE && entry->flags & IMA_PCR) in ima_validate_rule()
1254 entry->flags & (IMA_DIGSIG_REQUIRED | IMA_MODSIG_ALLOWED | in ima_validate_rule()
1264 if (((entry->flags & IMA_FUNC) && entry->func == NONE) || in ima_validate_rule()
1265 (!(entry->flags & IMA_FUNC) && entry->func != NONE)) in ima_validate_rule()
1282 if (entry->flags & ~(IMA_FUNC | IMA_MASK | IMA_FSMAGIC | in ima_validate_rule()
1295 if (entry->flags & ~(IMA_FUNC | IMA_MASK | IMA_FSMAGIC | in ima_validate_rule()
1309 if (entry->flags & ~(IMA_FUNC | IMA_FSMAGIC | IMA_UID | in ima_validate_rule()
1320 if (entry->flags & ~(IMA_FUNC | IMA_UID | IMA_GID | IMA_PCR | in ima_validate_rule()
1332 if (entry->flags & ~(IMA_FUNC | IMA_UID | IMA_GID | IMA_PCR | in ima_validate_rule()
1346 if (!(entry->flags & IMA_VALIDATE_ALGOS)) in ima_validate_rule()
1353 if (entry->flags & ~(IMA_FUNC | IMA_VALIDATE_ALGOS)) in ima_validate_rule()
1362 if (entry->flags & IMA_CHECK_BLACKLIST && in ima_validate_rule()
1363 !(entry->flags & IMA_DIGSIG_REQUIRED)) in ima_validate_rule()
1374 (entry->flags & IMA_VERITY_REQUIRED) && in ima_validate_rule()
1375 !(entry->flags & IMA_DIGSIG_REQUIRED)) in ima_validate_rule()
1541 entry->flags |= IMA_FUNC; in ima_parse_rule()
1564 entry->flags |= (*args[0].from == '^') in ima_parse_rule()
1577 entry->flags |= IMA_FSMAGIC; in ima_parse_rule()
1588 entry->flags |= IMA_FSNAME; in ima_parse_rule()
1606 entry->flags |= IMA_KEYRINGS; in ima_parse_rule()
1623 entry->flags |= IMA_LABEL; in ima_parse_rule()
1635 entry->flags |= IMA_FSUUID; in ima_parse_rule()
1668 entry->flags |= eid_token in ima_parse_rule()
1703 entry->flags |= eid_token in ima_parse_rule()
1730 entry->flags |= IMA_FOWNER; in ima_parse_rule()
1756 entry->flags |= IMA_FGROUP; in ima_parse_rule()
1797 if (entry->flags & IMA_DIGSIG_REQUIRED) in ima_parse_rule()
1800 entry->flags |= IMA_VERITY_REQUIRED; in ima_parse_rule()
1808 if (entry->flags & IMA_VERITY_REQUIRED) in ima_parse_rule()
1811 entry->flags |= IMA_DIGSIG_REQUIRED | IMA_CHECK_BLACKLIST; in ima_parse_rule()
1814 if (entry->flags & IMA_VERITY_REQUIRED) in ima_parse_rule()
1815 entry->flags |= IMA_DIGSIG_REQUIRED | IMA_CHECK_BLACKLIST; in ima_parse_rule()
1820 if (entry->flags & IMA_VERITY_REQUIRED) in ima_parse_rule()
1823 entry->flags |= IMA_DIGSIG_REQUIRED | in ima_parse_rule()
1848 entry->flags |= IMA_VALIDATE_ALGOS; in ima_parse_rule()
1852 entry->flags |= IMA_PERMIT_DIRECTIO; in ima_parse_rule()
1861 entry->flags |= IMA_PCR; in ima_parse_rule()
1897 if (!result && entry->flags & IMA_MODSIG_ALLOWED) { in ima_parse_rule()
1905 entry->flags & IMA_VERITY_REQUIRED) { in ima_parse_rule()
2107 if (entry->flags & IMA_FUNC) in ima_policy_show()
2110 if ((entry->flags & IMA_MASK) || (entry->flags & IMA_INMASK)) { in ima_policy_show()
2111 if (entry->flags & IMA_MASK) in ima_policy_show()
2124 if (entry->flags & IMA_FSMAGIC) { in ima_policy_show()
2130 if (entry->flags & IMA_FSNAME) { in ima_policy_show()
2136 if (entry->flags & IMA_KEYRINGS) { in ima_policy_show()
2142 if (entry->flags & IMA_LABEL) { in ima_policy_show()
2148 if (entry->flags & IMA_PCR) { in ima_policy_show()
2154 if (entry->flags & IMA_FSUUID) { in ima_policy_show()
2159 if (entry->flags & IMA_UID) { in ima_policy_show()
2170 if (entry->flags & IMA_EUID) { in ima_policy_show()
2181 if (entry->flags & IMA_GID) { in ima_policy_show()
2192 if (entry->flags & IMA_EGID) { in ima_policy_show()
2203 if (entry->flags & IMA_FOWNER) { in ima_policy_show()
2214 if (entry->flags & IMA_FGROUP) { in ima_policy_show()
2225 if (entry->flags & IMA_VALIDATE_ALGOS) { in ima_policy_show()
2264 if (entry->flags & IMA_DIGSIG_REQUIRED) { in ima_policy_show()
2265 if (entry->flags & IMA_VERITY_REQUIRED) in ima_policy_show()
2267 else if (entry->flags & IMA_MODSIG_ALLOWED) in ima_policy_show()
2272 if (entry->flags & IMA_VERITY_REQUIRED) in ima_policy_show()
2274 if (entry->flags & IMA_PERMIT_DIRECTIO) in ima_policy_show()
2322 if (entry->flags & IMA_DIGSIG_REQUIRED) in ima_appraise_signature()