Home
last modified time | relevance | path

Searched refs:domain (Results 1 – 24 of 24) sorted by relevance

/security/landlock/
A Dcred.h34 struct landlock_ruleset *domain; member
70 return landlock_cred(current_cred())->domain; in landlock_get_current_domain()
79 return landlock_cred(__task_cred(task))->domain; in landlock_get_task_domain()
117 const struct landlock_ruleset *domain; in landlock_get_applicable_subject() local
123 domain = landlock_cred(cred)->domain; in landlock_get_applicable_subject()
124 if (!domain) in landlock_get_applicable_subject()
127 for (layer_level = domain->num_layers - 1; layer_level >= 0; in landlock_get_applicable_subject()
130 .masks = domain->access_masks[layer_level], in landlock_get_applicable_subject()
A Dtask.c100 err = domain_ptrace(parent_subject->domain, child_dom); in hook_ptrace_access_check()
117 .layer_plus_one = parent_subject->domain->num_layers, in hook_ptrace_access_check()
145 err = domain_ptrace(parent_subject->domain, child_dom); in hook_ptrace_traceme()
163 .layer_plus_one = parent_subject->domain->num_layers, in hook_ptrace_traceme()
236 const struct landlock_ruleset *const domain) in sock_is_scoped() argument
243 return domain_is_scoped(domain, dom_other, in sock_is_scoped()
281 if (!sock_is_scoped(other, subject->domain)) in hook_unix_stream_connect()
318 if (!sock_is_scoped(other->sk, subject->domain)) in hook_unix_may_send()
371 is_scoped = domain_is_scoped(subject->domain, in hook_task_kill()
407 if (!subject->domain) in hook_file_send_sigiotask()
[all …]
A Daudit.c137 get_hierarchy(const struct landlock_ruleset *const domain, const size_t layer) in get_hierarchy() argument
139 struct landlock_hierarchy *hierarchy = domain->hierarchy; in get_hierarchy()
142 if (WARN_ON_ONCE(layer >= domain->num_layers)) in get_hierarchy()
145 for (i = domain->num_layers - 1; i > layer; i--) { in get_hierarchy()
183 static size_t get_denied_layer(const struct landlock_ruleset *const domain, in get_denied_layer() argument
212 return domain->num_layers - 1; in get_denied_layer()
398 if (WARN_ON_ONCE(!subject || !subject->domain || in landlock_log_denial()
399 !subject->domain->hierarchy || !request)) in landlock_log_denial()
410 subject->domain, &missing, request->layer_masks, in landlock_log_denial()
418 get_hierarchy(subject->domain, youngest_layer); in landlock_log_denial()
[all …]
A Dfs.c380 rule = landlock_find_rule(domain, id); in find_rule()
755 const struct landlock_ruleset *const domain, in is_access_to_paths_allowed() argument
801 landlock_union_access_masks(domain).fs; in is_access_to_paths_allowed()
814 find_rule(domain, dentry_child1), in is_access_to_paths_allowed()
816 domain, LANDLOCK_MASK_ACCESS_FS, in is_access_to_paths_allowed()
824 find_rule(domain, dentry_child2), in is_access_to_paths_allowed()
826 domain, LANDLOCK_MASK_ACCESS_FS, in is_access_to_paths_allowed()
1033 const struct landlock_ruleset *const domain, in collect_domain_accesses() argument
1172 subject->domain, in current_check_refer_path()
1646 subject->domain, &file->f_path, in hook_file_open()
[all …]
A Dcred.c25 if (old_llcred->domain) { in hook_cred_transfer()
26 landlock_get_ruleset(old_llcred->domain); in hook_cred_transfer()
40 struct landlock_ruleset *const dom = landlock_cred(cred)->domain; in hook_cred_free()
A Druleset.h230 landlock_union_access_masks(const struct landlock_ruleset *const domain) in landlock_union_access_masks() argument
235 for (layer_level = 0; layer_level < domain->num_layers; layer_level++) { in landlock_union_access_masks()
237 .masks = domain->access_masks[layer_level], in landlock_union_access_masks()
310 landlock_init_layer_masks(const struct landlock_ruleset *const domain,
A DMakefile11 domain.o
A Dnet.c177 rule = landlock_find_rule(subject->domain, id); in current_check_access_socket()
178 access_request = landlock_init_layer_masks(subject->domain, in current_check_access_socket()
A Dsyscalls.c548 new_dom = landlock_merge_ruleset(new_llcred->domain, ruleset); in SYSCALL_DEFINE2()
562 landlock_put_ruleset(new_llcred->domain); in SYSCALL_DEFINE2()
563 new_llcred->domain = new_dom; in SYSCALL_DEFINE2()
A Druleset.c682 landlock_init_layer_masks(const struct landlock_ruleset *const domain, in landlock_init_layer_masks() argument
717 for (layer_level = 0; layer_level < domain->num_layers; layer_level++) { in landlock_init_layer_masks()
720 get_access_mask(domain, layer_level); in landlock_init_layer_masks()
/security/tomoyo/
A Dutil.c614 struct tomoyo_domain_info *domain; in tomoyo_find_domain() local
621 if (!domain->is_deleted && in tomoyo_find_domain()
623 return domain; in tomoyo_find_domain()
1025 if (!domain) in tomoyo_init_request_info()
1026 domain = tomoyo_domain(); in tomoyo_init_request_info()
1027 r->domain = domain; in tomoyo_init_request_info()
1028 profile = domain->profile; in tomoyo_init_request_info()
1047 struct tomoyo_domain_info *domain = r->domain; in tomoyo_domain_quota_is_ok() local
1052 if (!domain) in tomoyo_domain_quota_is_ok()
1095 if (count < tomoyo_profile(domain->ns, domain->profile)-> in tomoyo_domain_quota_is_ok()
[all …]
A Ddomain.c165 const struct tomoyo_domain_info *domain = r->domain; in tomoyo_check_acl() local
566 e.profile = domain->profile; in tomoyo_assign_domain()
834 domain = old_domain; in tomoyo_find_next_domain()
845 domain = old_domain; in tomoyo_find_next_domain()
855 if (!domain) in tomoyo_find_next_domain()
857 if (domain) in tomoyo_find_next_domain()
875 if (!domain) in tomoyo_find_next_domain()
876 domain = old_domain; in tomoyo_find_next_domain()
882 s->domain_info = domain; in tomoyo_find_next_domain()
883 atomic_inc(&domain->users); in tomoyo_find_next_domain()
[all …]
A Dcommon.c1011 head->w.domain = domain; in tomoyo_select_domain()
1017 if (domain) in tomoyo_select_domain()
1018 head->r.domain = &domain->list; in tomoyo_select_domain()
1022 if (domain && domain->is_deleted) in tomoyo_select_domain()
1168 struct tomoyo_domain_info *domain = head->w.domain; in tomoyo_write_domain() local
1183 head->w.domain = domain; in tomoyo_write_domain()
1186 if (!domain) in tomoyo_write_domain()
1616 list_entry(head->r.domain, typeof(*domain), list); in tomoyo_read_domain()
1716 if (!domain) in tomoyo_read_pid()
2208 entry.domain = r->domain; in tomoyo_supervisor()
[all …]
A Dsecurityfs_if.c103 const char *domain = tomoyo_domain()->domainname->name; in tomoyo_read_self() local
104 loff_t len = strlen(domain); in tomoyo_read_self()
112 if (copy_to_user(buf, domain + pos, len)) in tomoyo_read_self()
238 struct tomoyo_domain_info *domain; in tomoyo_interface_init() local
243 domain = tomoyo_domain(); in tomoyo_interface_init()
245 if (domain != &tomoyo_kernel_domain) in tomoyo_interface_init()
A Dgc.c50 if (head->r.domain == element || head->r.group == element || in tomoyo_struct_used_by_io_buffer()
51 head->r.acl == element || &head->w.domain->list == element) in tomoyo_struct_used_by_io_buffer()
253 struct tomoyo_domain_info *domain = in tomoyo_del_domain() local
254 container_of(element, typeof(*domain), list); in tomoyo_del_domain()
263 list_for_each_entry_safe(acl, tmp, &domain->acl_info_list, list) { in tomoyo_del_domain()
267 tomoyo_put_name(domain->domainname); in tomoyo_del_domain()
532 struct tomoyo_domain_info *domain; in tomoyo_collect_entry() local
535 list_for_each_entry_safe(domain, tmp, &tomoyo_domain_list, in tomoyo_collect_entry()
537 tomoyo_collect_acl(&domain->acl_info_list); in tomoyo_collect_entry()
538 if (!domain->is_deleted || atomic_read(&domain->users)) in tomoyo_collect_entry()
[all …]
A DMakefile2 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
A Dcommon.h431 struct tomoyo_domain_info *domain; member
803 struct list_head *domain; member
824 struct tomoyo_domain_info *domain; member
969 int tomoyo_check_open_permission(struct tomoyo_domain_info *domain,
979 struct tomoyo_domain_info *domain,
A Dfile.c579 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_path_permission()
611 r->mode = tomoyo_get_mode(r->domain->ns, r->profile, r->type); in tomoyo_execute_permission()
753 int tomoyo_check_open_permission(struct tomoyo_domain_info *domain, in tomoyo_check_open_permission() argument
769 tomoyo_init_request_info(&r, domain, TOMOYO_MAC_FILE_OPEN) in tomoyo_check_open_permission()
A Daudit.c253 const char *domainname = r->domain->domainname->name; in tomoyo_init_log()
373 if (!tomoyo_get_audit(r->domain->ns, r->profile, r->type, in tomoyo_write_log2()
A DKconfig84 domain/program checks for run-time policy modifications. Please enable
/security/apparmor/
A DMakefile7 path.o domain.o policy.o policy_unpack.o procattr.o lsm.o \
/security/selinux/include/
A Dsecurity.h314 int security_node_sid(u16 domain, const void *addr, u32 addrlen, u32 *out_sid);
/security/smack/
A Dsmack_access.c533 skp->smk_netlabel.domain = skp->smk_known; in smack_populate_secattr()
/security/selinux/ss/
A Dservices.c2671 int security_node_sid(u16 domain, in security_node_sid() argument
2693 switch (domain) { in security_node_sid()
3985 secattr->domain = kstrdup(sym_name(policydb, SYM_TYPES, ctx->type - 1), in security_netlbl_sid_to_secattr()
3987 if (secattr->domain == NULL) in security_netlbl_sid_to_secattr()

Completed in 46 milliseconds