| /security/integrity/ |
| A D | integrity_audit.c | 20 unsigned long audit; in integrity_audit_setup() local
22 if (!kstrtoul(str, 0, &audit)) in integrity_audit_setup()
23 integrity_audit_info = audit ? 1 : 0; in integrity_audit_setup()
|
| A D | Kconfig | 12 extension and audit measurement log support.
|
| /security/apparmor/ |
| A D | domain.c | 688 goto audit; in profile_transition()
767 goto audit; in profile_transition()
780 audit: in profile_transition()
828 goto audit; in profile_onexec()
835 goto audit; in profile_onexec()
846 goto audit; in profile_onexec()
859 audit: in profile_onexec()
991 goto audit; in apparmor_bprm_creds_for_exec()
1036 audit: in apparmor_bprm_creds_for_exec()
1087 audit: in build_change_hat()
[all …]
|
| A D | mount.c | 145 u32 mask = perms->audit; in audit_mount()
179 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount()
327 goto audit; in match_mnt_path_str()
332 goto audit; in match_mnt_path_str()
341 goto audit; in match_mnt_path_str()
345 audit: in match_mnt_path_str()
620 goto audit; in profile_umount()
629 audit: in profile_umount()
687 goto audit; in build_pivotroot()
692 goto audit; in build_pivotroot()
[all …]
|
| A D | file.c | 115 u32 mask = perms->audit; in aa_audit_file()
337 goto audit; in profile_path_link()
344 goto audit; in profile_path_link()
353 goto audit; in profile_path_link()
362 lperms.audit = perms.audit; in profile_path_link()
369 goto audit; in profile_path_link()
388 goto audit; in profile_path_link()
394 goto audit; in profile_path_link()
400 audit: in profile_path_link()
|
| A D | policy_compat.c | 118 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_fperms_user()
133 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in compute_fperms_other()
217 perms.audit = dfa_user_audit(dfa, state); in compute_perms_entry()
241 perms.audit |= map_other(dfa_other_audit(dfa, state)); in compute_perms_entry()
|
| A D | lib.c | 365 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
371 perms->audit = 0; in aa_apply_modes_to_perms()
427 request &= perms->audit; in aa_check_perms()
|
| A D | Makefile | 6 apparmor-y := apparmorfs.o audit.o capability.o task.o ipc.o lib.o match.o \
|
| A D | net.c | 383 if (rules->secmark[i].audit) in aa_secmark_perm()
384 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
|
| A D | capability.c | 81 !cap_raised(rules->caps.audit, cap))) in audit_caps()
|
| A D | policy_unpack.c | 584 if (!unpack_u8(e, &rules->secmark[i].audit, NULL)) in unpack_secmark()
663 aa_unpack_u32(e, &perm->audit, NULL) && in unpack_perm()
964 profile->audit = AUDIT_ALL; in unpack_profile()
980 if (!aa_unpack_cap_low(e, &rules->caps.audit, NULL)) in unpack_profile()
992 if (!aa_unpack_cap_high(e, &rules->caps.audit, NULL)) in unpack_profile()
|
| /security/landlock/ |
| A D | task.c | 113 .audit = { in hook_ptrace_access_check()
159 .audit = { in hook_ptrace_traceme()
286 .audit = { in hook_unix_stream_connect()
323 .audit = { in hook_unix_may_send()
381 .audit = { in hook_task_kill()
422 .audit = { in hook_file_send_sigiotask()
|
| A D | fs.c | 932 log_request_parent1->audit.type = LSM_AUDIT_DATA_PATH; in is_access_to_paths_allowed()
933 log_request_parent1->audit.u.path = *path; in is_access_to_paths_allowed()
942 log_request_parent2->audit.type = LSM_AUDIT_DATA_PATH; in is_access_to_paths_allowed()
943 log_request_parent2->audit.u.path = *path; in is_access_to_paths_allowed()
1226 request1.audit.u.path.dentry = old_parent; in current_check_refer_path()
1230 request2.audit.u.path.dentry = new_dir->dentry; in current_check_refer_path()
1382 .audit = { in log_fs_change_topology_path()
1396 .audit = { in log_fs_change_topology_dentry()
1708 .audit = { in hook_file_truncate()
1744 .audit = { in hook_file_ioctl_common()
|
| A D | Makefile | 10 audit.o \
|
| A D | net.c | 189 .audit.type = LSM_AUDIT_DATA_NET, in current_check_access_socket()
190 .audit.u.net = &audit_net, in current_check_access_socket()
|
| A D | audit.h | 34 struct common_audit_data audit; member
|
| A D | audit.c | 458 audit_log_lsm_data(ab, &request->audit); in landlock_log_denial()
|
| /security/apparmor/include/ |
| A D | perms.h | 80 u32 audit; /* set only when allow is set */ member
112 accum->audit |= addend->audit & addend->allow; in aa_perms_accum_raw()
139 accum->audit |= addend->audit & accum->allow; in aa_perms_accum()
|
| A D | capability.h | 30 kernel_cap_t audit; member
|
| A D | policy.h | 241 enum audit_mode audit; member
413 return profile->audit; in AUDIT_MODE()
|
| A D | file.h | 72 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
|
| A D | net.h | 79 u8 audit; member
|
| /security/tomoyo/ |
| A D | Kconfig | 30 int "Default maximal count for audit log"
36 audit logs that the kernel can hold on memory.
37 You can read the log via /sys/kernel/security/tomoyo/audit.
38 If you don't need audit logs, you may set this value to 0.
|
| A D | Makefile | 2 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
|
| /security/ipe/ |
| A D | Makefile | 26 audit.o \
|