| /security/apparmor/ |
| A D | file.c | 191 if (uid_eq(subj_uid, cond->uid)) in aa_lookup_condperms()
216 cond)); in aa_str_perms()
233 name, cond, perms); in __aa_path_perm()
238 cond->uid, NULL, e); in __aa_path_perm()
278 struct path_cond *cond) in aa_path_perm() argument
323 struct path_cond *cond) in profile_path_link() argument
350 cond, &lperms); in profile_path_link()
380 tname, cond, &perms); in profile_path_link()
433 struct path_cond cond = { in aa_path_link() local
450 &target, buffer2, &cond)); in aa_path_link()
[all …]
|
| A D | domain.c | 136 struct path_cond cond = { }; in label_compound_match() local
162 &cond)); in label_compound_match()
199 struct path_cond cond = { }; in label_components_match() local
217 &cond)); in label_components_match()
227 &cond)); in label_components_match()
783 cond->uid, info, error); in profile_transition()
886 bprm, buffer, cond, unsafe)); in handle_onexec()
895 buffer, cond, unsafe)); in handle_onexec()
929 struct path_cond cond = { in apparmor_bprm_creds_for_exec() local
962 bprm, buffer, &cond, &unsafe); in apparmor_bprm_creds_for_exec()
[all …]
|
| A D | lsm.c | 219 struct path_cond *cond) in common_perm() argument
228 cond); in common_perm()
246 struct path_cond cond = { in common_perm_cond() local
269 struct path_cond *cond) in common_perm_dir_dentry() argument
289 struct path_cond cond = { }; in common_perm_rm() local
296 cond.uid = vfsuid_into_kuid(vfsuid); in common_perm_rm()
297 cond.mode = inode->i_mode; in common_perm_rm()
401 struct path_cond cond = { in apparmor_path_rename() local
431 &cond); in apparmor_path_rename()
436 AA_MAY_CREATE, &cond); in apparmor_path_rename()
[all …]
|
| A D | af_unix.c | 50 struct path_cond cond = { in unix_fs_perm() local
56 PATH_SOCK_COND, mask, &cond); in unix_fs_perm()
|
| A D | policy_unpack.c | 659 aa_unpack_u32(e, &perm->cond, NULL) && in unpack_perm()
1231 if (perm->cond & (perm->allow | perm->deny)) in verify_perm()
|
| A D | apparmorfs.c | 626 struct path_cond cond = { }; in profile_query_cb() local
629 rules->file, state, &cond)); in profile_query_cb()
|
| /security/apparmor/include/ |
| A D | file.h | 82 aa_state_t state, struct path_cond *cond);
84 const char *name, struct path_cond *cond,
89 u32 request, struct path_cond *cond, int flags,
93 int flags, u32 request, struct path_cond *cond);
|
| A D | perms.h | 74 u32 cond; /* set only when ~allow and ~deny */ member
116 accum->cond |= addend->cond & ~addend->allow & ~addend->deny; in aa_perms_accum_raw()
143 accum->cond |= addend->cond & ~accum->allow & ~accum->deny; in aa_perms_accum()
|
| /security/tomoyo/ |
| A D | gc.c | 161 tomoyo_put_condition(acl->cond); in tomoyo_del_acl()
279 struct tomoyo_condition *cond = container_of(element, typeof(*cond), in tomoyo_del_condition() local
281 const u16 condc = cond->condc; in tomoyo_del_condition()
282 const u16 numbers_count = cond->numbers_count; in tomoyo_del_condition()
283 const u16 names_count = cond->names_count; in tomoyo_del_condition()
284 const u16 argc = cond->argc; in tomoyo_del_condition()
285 const u16 envc = cond->envc; in tomoyo_del_condition()
288 = (const struct tomoyo_condition_element *) (cond + 1); in tomoyo_del_condition()
|
| A D | domain.c | 76 return a->type == b->type && a->cond == b->cond; in tomoyo_same_acl_head()
108 new_entry->cond = tomoyo_get_condition(param); in tomoyo_update_domain()
109 if (!new_entry->cond) in tomoyo_update_domain()
115 if (new_entry->cond->transit && in tomoyo_update_domain()
147 tomoyo_put_condition(new_entry->cond); in tomoyo_update_domain()
177 if (!tomoyo_condition(r, ptr->cond)) in tomoyo_check_acl()
|
| A D | condition.c | 766 const struct tomoyo_condition *cond) in tomoyo_condition() argument
782 if (!cond) in tomoyo_condition()
784 condc = cond->condc; in tomoyo_condition()
785 argc = cond->argc; in tomoyo_condition()
786 envc = cond->envc; in tomoyo_condition()
792 condp = (struct tomoyo_condition_element *) (cond + 1); in tomoyo_condition()
795 (numbers_p + cond->numbers_count); in tomoyo_condition()
796 argv = (const struct tomoyo_argv *) (names_p + cond->names_count); in tomoyo_condition()
|
| A D | audit.c | 343 if (is_granted && matched_acl && matched_acl->cond && in tomoyo_get_audit()
344 matched_acl->cond->grant_log != TOMOYO_GRANTLOG_AUTO) in tomoyo_get_audit()
345 return matched_acl->cond->grant_log == TOMOYO_GRANTLOG_YES; in tomoyo_get_audit()
|
| A D | common.h | 674 struct tomoyo_condition *cond; /* Maybe NULL. */ member
932 const struct tomoyo_condition *cond);
1191 static inline void tomoyo_put_condition(struct tomoyo_condition *cond) in tomoyo_put_condition() argument
1193 if (cond) in tomoyo_put_condition()
1194 atomic_dec(&cond->head.users); in tomoyo_put_condition()
|
| A D | common.c | 1225 const struct tomoyo_condition *cond) in tomoyo_print_condition() argument
1231 if (cond->transit) { in tomoyo_print_condition()
1233 tomoyo_set_string(head, cond->transit->name); in tomoyo_print_condition()
1238 const u16 condc = cond->condc; in tomoyo_print_condition()
1240 (typeof(condp)) (cond + 1); in tomoyo_print_condition()
1245 (numbers_p + cond->numbers_count); in tomoyo_print_condition()
1249 (typeof(envp)) (argv + cond->argc); in tomoyo_print_condition()
1347 if (cond->grant_log != TOMOYO_GRANTLOG_AUTO) in tomoyo_print_condition()
1349 str_yes_no(cond->grant_log == in tomoyo_print_condition()
1564 if (acl->cond) { in tomoyo_print_entry()
[all …]
|
| A D | file.c | 616 r->ee->transition = r->matched_acl && r->matched_acl->cond ? in tomoyo_execute_permission()
617 r->matched_acl->cond->transit : NULL; in tomoyo_execute_permission()
|