security.c - OpenGrok cross reference for /security/security.c

Lines Matching refs:new
427 static int lsm_append(const char *new, char **result);

585 static int lsm_append(const char *new, char **result)

590 		*result = kstrdup(new, GFP_KERNEL);

595 		if (match_last_lsm(*result, new))

597 		cp = kasprintf(GFP_KERNEL, "%s,%s", *result, new);

870  * @val: the new LSM context value

871  * @val_len: the size of the new LSM context value

1104  * @new: new credentials for the target process

1113  * Return: Returns 0 and update @new if permission is granted.

1115 int security_capset(struct cred *new, const struct cred *old,

1120 	return call_int_hook(capset, new, old, effective, inheritable,

1191  * @ts: new time

1205  * security_vm_enough_memory_mm() - Check if allocating a new mem map is allowed

1209  * Check permissions for allocating a new virtual mapping.  If all LSMs return

1245  * @bprm->cred->security to be what commit_creds needs to install for the new

1309  * Prepare to install the new security attributes of a process being

1326  * Tidy up after the installation of the new security attributes of a process

1327  * being transformed by an execve operation.  The new credentials have, by this

1340  * @fc: new filesystem context

1343  * Fill out the ->security field for a new fs_context.

1358  * initialised to NULL by the caller.  @fc indicates the new filesystem context.

1476  * security_sb_mnt_opts_compat() - Check if new mount options are allowed

1478  * @mnt_opts: new mount options

1480  * Determine if the new mount options in @mnt_opts are allowed given the

1589  * @old_path: new location for current rootfs

1590  * @new_path: location of the new rootfs

1768  * @new: creds to modify

1771  * that context in passed in creds so that new files are created using that

1779 				    const struct cred *old, struct cred *new)

1782 			     name, old, new);

1795  * created inode and set up the incore security field for the new inode.  This

1867  * Set up the incore security field for the new anonymous inode and return

1885  * @dentry: new file

1886  * @mode: new file mode

1906  * @dentry: new file

1918  * security_path_mkdir() - Check if creating a new directory is allowed

1920  * @dentry: new directory

1921  * @mode: new directory mode

1923  * Check permissions to create a new directory in the existing directory.

1990  * @new_dir: new parent directory

1991  * @new_dentry: new link

1993  * Check permission before creating a new hard link to a file.

2009  * @new_dir: parent directory of the new file

2010  * @new_dentry: the new file

2051  * @mode: new mode

2053  * Check for permission to change a mode of the file @path. The new mode is

2117  * security_inode_post_create_tmpfile() - Update inode security of new tmpfile

2119  * @inode: inode of the new tmpfile

2134  * @dir: new parent directory

2135  * @new_dentry: new link

2137  * Check permission before creating a new hard link to a file.

2184  * security_inode_mkdir() - Check if creating a new directory is allowed

2186  * @dentry: new directory

2187  * @mode: new directory mode

2189  * Check permissions to create a new directory in the existing directory

2221  * @dentry: new file

2222  * @mode: new file mode

2244  * @new_dir: parent directory of the new file

2245  * @new_dentry: the new file

2331  * @attr: new attributes

2775  * security_inode_copy_up() - Create new creds for an overlayfs copy-up op

2777  * @new: newly created creds

2780  * filesystem. Security module can prepare a set of new creds and modify as

2781  * need be and return new creds. Caller will switch to new creds temporarily to

2782  * create new file and release newly allocated creds.

2786 int security_inode_copy_up(struct dentry *src, struct cred **new)

2788 	return call_int_hook(inode_copy_up, src, new);

3260  * security_prepare_creds() - Prepare a new set of credentials

3261  * @new: new credentials

3265  * Prepare a new set of credentials by copying the data from the old set.

3269 int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)

3271 	int rc = lsm_cred_alloc(new, gfp);

3276 	rc = call_int_hook(cred_prepare, new, old, gfp);

3278 		security_cred_free(new);

3284  * @new: target credentials

3287  * Transfer data from original creds to new creds.

3289 void security_transfer_creds(struct cred *new, const struct cred *old)

3291 	call_void_hook(cred_transfer, new, old);

3326  * @new: credentials

3334 int security_kernel_act_as(struct cred *new, u32 secid)

3336 	return call_int_hook(kernel_act_as, new, secid);

3341  * @new: target credentials

3350 int security_kernel_create_files_as(struct cred *new, struct inode *inode)

3352 	return call_int_hook(kernel_create_files_as, new, inode);

3444  * security_task_fix_setuid() - Update LSM with new user id attributes

3445  * @new: updated credentials

3451  * the set*uid system calls invoked this hook.  If @new is the set of

3457 int security_task_fix_setuid(struct cred *new, const struct cred *old,

3460 	return call_int_hook(task_fix_setuid, new, old, flags);

3464  * security_task_fix_setgid() - Update LSM with new group id attributes

3465  * @new: updated credentials

3471  * the set*gid system calls invoked this hook.  @new is the set of credentials

3477 int security_task_fix_setgid(struct cred *new, const struct cred *old,

3480 	return call_int_hook(task_fix_setgid, new, old, flags);

3484  * security_task_fix_setgroups() - Update LSM with new supplementary groups

3485  * @new: updated credentials

3489  * attributes of the current process.  @new is the set of credentials that will

3495 int security_task_fix_setgroups(struct cred *new, const struct cred *old)

3497 	return call_int_hook(task_fix_setgroups, new, old);

3503  * @pgid: new pgid

3630  * security_task_setrlimit() - Check if setting a new rlimit value is allowed

3633  * @new_rlim: new resource limit

3754  * security_create_user_ns() - Check if creating a new userns is allowed

3757  * Check permission prior to creating a new user namespace.

3869  * for an existing message queue, not when a new message queue is created.

3972  * region identifier for an existing region, not when a new shared memory

4056  * an existing semaphore, not when a new one must be created.

4218  * and new value are included in @uctx.

4520  * @newsk: new sock

4571  * security_socket_create() - Check if creating a new socket is allowed

4577  * Check permissions prior to creating a new socket.

4681  * Check permission before accepting a new connection.  Note that the new

4966  * @req: new request_sock

4980  * security_inet_csk_clone() - Set new sock LSM state based on request_sock

4981  * @newsk: new sock

4997  * Update @sock's LSM state to represent a new connection from @skb.

5008  * @secid: new secmark value

5083  * Check permissions prior to creating a new TUN device.

5181  * Called whenever a new socket is created by accept(2) (i.e. a TCP style

5212  * @ssk: the new subflow

5709  * Do a check when the kernel creates a new BPF map. This is also the

5745  * Do a check when the kernel instantiates a new BPF token object from BPF FS

5890  * Please note that the new hook should be invoked every time the security

5893  * target with a new roothash and signing information, the previously stored

5997  * @new: new credentials

6000  * override it's credentials with @new.

6004 int security_uring_override_creds(const struct cred *new)

6006 	return call_int_hook(uring_override_creds, new);