| /security/apparmor/ |
| A D | policy_unpack_test.c | 65 e = kunit_kmalloc(test, sizeof(*e), GFP_USER); in build_aa_ext_struct()
69 e->end = e->start + buf_size; in build_aa_ext_struct()
70 e->pos = e->start; in build_aa_ext_struct()
110 return e; in build_aa_ext_struct()
222 puf->e->end = puf->e->start + TEST_BLOB_BUF_OFFSET in policy_unpack_test_unpack_blob_out_of_bounds()
263 puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET in policy_unpack_test_unpack_str_out_of_bounds()
314 puf->e->end = puf->e->pos + TEST_STRING_BUF_OFFSET in policy_unpack_test_unpack_strdup_out_of_bounds()
413 puf->e->pos = puf->e->end - 1; in policy_unpack_test_unpack_u16_chunk_out_of_bounds_1()
435 puf->e->end = puf->e->pos + TEST_U16_DATA - 1; in policy_unpack_test_unpack_u16_chunk_out_of_bounds_2()
559 KUNIT_EXPECT_TRUE(test, puf->e->pos == puf->e->start); in policy_unpack_test_unpack_X_code_mismatch()
[all …]
|
| A D | policy_unpack.c | 69 if (e) in audit_iface()
70 ad.iface.pos = e->pos - e->start; in audit_iface()
165 return (size <= e->end - e->pos); in aa_inbounds()
192 e->pos = pos; in aa_unpack_u16_chunk()
204 e->pos++; in aa_unpack_X()
251 e->pos = pos; in aa_unpack_nameX()
270 e->pos = pos; in unpack_u8()
439 ((e->pos - e->start) & 7); in unpack_dfa()
1171 if (!aa_unpack_u32(e, &e->version, "version")) { in verify_header()
1470 while (e.pos < e.end) { in aa_unpack()
[all …]
|
| A D | resource.c | 93 int e = 0; in profile_setrlimit() local
97 e = -EACCES; in profile_setrlimit()
99 NULL, NULL, e); in profile_setrlimit()
|
| A D | file.c | 227 int e = 0; in __aa_path_perm() local
235 e = -EACCES; in __aa_path_perm()
238 cond->uid, NULL, e); in __aa_path_perm()
|
| /security/selinux/ss/ |
| A D | ebitmap.h | 47 #define ebitmap_length(e) ((e)->highbit) argument
54 for (*n = e->node; *n; *n = (*n)->next) { in ebitmap_start_positive()
59 return ebitmap_length(e); in ebitmap_start_positive()
62 static inline void ebitmap_init(struct ebitmap *e) in ebitmap_init() argument
64 memset(e, 0, sizeof(*e)); in ebitmap_init()
81 return ebitmap_length(e); in ebitmap_next_positive()
119 for ((bit) = ebitmap_start_positive(e, &(n)); \
120 (bit) < ebitmap_length(e); \
121 (bit) = ebitmap_next_positive(e, &(n), bit))
131 void ebitmap_destroy(struct ebitmap *e);
[all …]
|
| A D | ebitmap.c | 267 n = e->node; in ebitmap_get_bit()
282 n = e->node; in ebitmap_set_bit()
339 e->node = new; in ebitmap_set_bit()
349 if (!e) in ebitmap_destroy()
352 n = e->node; in ebitmap_destroy()
359 e->highbit = 0; in ebitmap_destroy()
360 e->node = NULL; in ebitmap_destroy()
373 ebitmap_init(e); in ebitmap_read()
392 e->highbit -= (e->highbit % EBITMAP_SIZE); in ebitmap_read()
395 e->node = NULL; in ebitmap_read()
[all …]
|
| A D | policydb.c | 237 while (e) { in cls_destroy()
238 etmp = e; in cls_destroy()
239 e = e->next; in cls_destroy()
250 while (e) { in cls_destroy()
251 etmp = e; in cls_destroy()
252 e = e->next; in cls_destroy()
1257 e = kzalloc(sizeof(*e), GFP_KERNEL); in read_cons_helper()
1258 if (!e) in read_cons_helper()
1314 le = e; in read_cons_helper()
3053 for (e = c->expr; e; e = e->next) in write_cons_helper()
[all …]
|
| A D | mls.c | 36 struct ebitmap *e; in mls_compute_context_len() local
50 e = &context->range.level[l].cat; in mls_compute_context_len()
51 ebitmap_for_each_positive_bit(e, node, i) in mls_compute_context_len()
91 struct ebitmap *e; in mls_sid_to_context() local
110 e = &context->range.level[l].cat; in mls_sid_to_context()
111 ebitmap_for_each_positive_bit(e, node, i) in mls_sid_to_context()
|
| A D | services.c | 275 struct constraint_expr *e; in constraint_expr_eval() local
279 for (e = cexpr; e; e = e->next) { in constraint_expr_eval()
280 switch (e->expr_type) { in constraint_expr_eval()
298 switch (e->attr) { in constraint_expr_eval()
312 switch (e->op) { in constraint_expr_eval()
356 switch (e->op) { in constraint_expr_eval()
382 switch (e->op) { in constraint_expr_eval()
398 if (e->attr & CEXPR_TARGET) in constraint_expr_eval()
407 if (e->attr & CEXPR_USER) in constraint_expr_eval()
409 else if (e->attr & CEXPR_ROLE) in constraint_expr_eval()
[all …]
|
| /security/tomoyo/ |
| A D | group.c | 83 struct tomoyo_path_group e = { }; in tomoyo_write_group() local
85 e.member_name = tomoyo_get_name(tomoyo_read_token(param)); in tomoyo_write_group()
86 if (!e.member_name) { in tomoyo_write_group()
90 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_group()
92 tomoyo_put_name(e.member_name); in tomoyo_write_group()
94 struct tomoyo_number_group e = { }; in tomoyo_write_group() local
97 !tomoyo_parse_number_union(param, &e.number)) in tomoyo_write_group()
99 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_group()
106 struct tomoyo_address_group e = { }; in tomoyo_write_group() local
109 !tomoyo_parse_ipaddr_union(param, &e.address)) in tomoyo_write_group()
[all …]
|
| A D | condition.c | 566 e.argc++; in tomoyo_get_condition()
567 e.condc++; in tomoyo_get_condition()
569 e.argc--; in tomoyo_get_condition()
581 e.envc++; in tomoyo_get_condition()
584 e.envc--; in tomoyo_get_condition()
611 e.condc++; in tomoyo_get_condition()
613 e.condc--; in tomoyo_get_condition()
656 __LINE__, e.condc, e.numbers_count, e.names_count, e.argc, in tomoyo_get_condition()
657 e.envc); in tomoyo_get_condition()
659 BUG_ON(e.names_count | e.numbers_count | e.argc | e.envc | in tomoyo_get_condition()
[all …]
|
| A D | file.c | 389 struct tomoyo_path_acl e = { in tomoyo_update_path_acl() local
398 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_update_path_acl()
401 tomoyo_put_name_union(&e.name); in tomoyo_update_path_acl()
465 struct tomoyo_mkdev_acl e = { in tomoyo_update_mkdev_acl() local
477 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_update_mkdev_acl()
480 tomoyo_put_name_union(&e.name); in tomoyo_update_mkdev_acl()
544 struct tomoyo_path2_acl e = { in tomoyo_update_path2_acl() local
554 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_update_path2_acl()
691 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_update_path_number_acl()
694 tomoyo_put_name_union(&e.name); in tomoyo_update_path_number_acl()
[all …]
|
| A D | network.c | 290 for (e.protocol = 0; e.protocol < TOMOYO_SOCK_MAX; e.protocol++) in tomoyo_write_inet_network()
295 e.perm |= 1 << type; in tomoyo_write_inet_network()
296 if (e.protocol == TOMOYO_SOCK_MAX || !e.perm) in tomoyo_write_inet_network()
300 e.address.group = in tomoyo_write_inet_network()
302 if (!e.address.group) in tomoyo_write_inet_network()
309 e.port.values[1] > 65535) in tomoyo_write_inet_network()
311 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_write_inet_network()
335 for (e.protocol = 0; e.protocol < TOMOYO_SOCK_MAX; e.protocol++) in tomoyo_write_unix_network()
340 e.perm |= 1 << type; in tomoyo_write_unix_network()
341 if (e.protocol == TOMOYO_SOCK_MAX || !e.perm) in tomoyo_write_unix_network()
[all …]
|
| A D | domain.c | 262 if (!e.program) in tomoyo_write_transition_control()
269 e.is_last_name = true; in tomoyo_write_transition_control()
272 if (!e.domainname) in tomoyo_write_transition_control()
276 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_transition_control()
280 tomoyo_put_name(e.program); in tomoyo_write_transition_control()
415 if (!e.original_name || !e.aggregated_name || in tomoyo_write_aggregator()
419 error = tomoyo_update_policy(&e.head, sizeof(e), param, in tomoyo_write_aggregator()
556 if (!e.ns) in tomoyo_assign_domain()
567 memcpy(e.group, domain->group, sizeof(e.group)); in tomoyo_assign_domain()
570 if (!e.domainname) in tomoyo_assign_domain()
[all …]
|
| A D | environ.c | 96 struct tomoyo_env_acl e = { .head.type = TOMOYO_TYPE_ENV_ACL }; in tomoyo_write_env() local
102 e.env = tomoyo_get_name(data); in tomoyo_write_env()
103 if (!e.env) in tomoyo_write_env()
105 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_write_env()
107 tomoyo_put_name(e.env); in tomoyo_write_env()
|
| A D | memory.c | 98 struct tomoyo_group e = { }; in tomoyo_get_group() local
106 e.group_name = tomoyo_get_name(group_name); in tomoyo_get_group()
107 if (!e.group_name) in tomoyo_get_group()
113 if (e.group_name != group->group_name || in tomoyo_get_group()
121 struct tomoyo_group *entry = tomoyo_commit_ok(&e, sizeof(e)); in tomoyo_get_group()
133 tomoyo_put_name(e.group_name); in tomoyo_get_group()
|
| A D | util.c | 452 unsigned char e; in tomoyo_correct_word2() local
457 e = *string++; in tomoyo_correct_word2()
458 if (d < '0' || d > '7' || e < '0' || e > '7') in tomoyo_correct_word2()
460 c = tomoyo_make_byte(c, d, e); in tomoyo_correct_word2()
|
| A D | common.c | 856 struct tomoyo_manager e = { }; in tomoyo_update_manager_entry() local
867 e.manager = tomoyo_get_name(manager); in tomoyo_update_manager_entry()
868 if (e.manager) { in tomoyo_update_manager_entry()
869 error = tomoyo_update_policy(&e.head, sizeof(e), ¶m, in tomoyo_update_manager_entry()
871 tomoyo_put_name(e.manager); in tomoyo_update_manager_entry()
1058 struct tomoyo_task_acl e = { in tomoyo_write_task() local
1063 if (e.domainname) in tomoyo_write_task()
1064 error = tomoyo_update_domain(&e.head, sizeof(e), param, in tomoyo_write_task()
1067 tomoyo_put_name(e.domainname); in tomoyo_write_task()
|
| A D | Kconfig | 51 variant part of policy and verifying (e.g. running GPG check) and
|
| /security/integrity/ima/ |
| A D | ima_fs.c | 131 struct ima_template_entry *e; in ima_measurements_show() local
147 e = qe->entry; in ima_measurements_show()
148 if (e == NULL) in ima_measurements_show()
152 e->template_desc->name : e->template_desc->fmt; in ima_measurements_show()
159 pcr = !ima_canonical_fmt ? e->pcr : (__force u32)cpu_to_le32(e->pcr); in ima_measurements_show()
187 e->template_desc->fields[i]; in ima_measurements_show()
230 struct ima_template_entry *e; in ima_ascii_measurements_show() local
244 e = qe->entry; in ima_ascii_measurements_show()
245 if (e == NULL) in ima_ascii_measurements_show()
249 e->template_desc->name : e->template_desc->fmt; in ima_ascii_measurements_show()
[all …]
|
| /security/apparmor/include/ |
| A D | policy_unpack.h | 169 bool aa_inbounds(struct aa_ext *e, size_t size);
170 size_t aa_unpack_u16_chunk(struct aa_ext *e, char **chunk);
171 bool aa_unpack_X(struct aa_ext *e, enum aa_code code);
172 bool aa_unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name);
173 bool aa_unpack_u32(struct aa_ext *e, u32 *data, const char *name);
174 bool aa_unpack_u64(struct aa_ext *e, u64 *data, const char *name);
175 bool aa_unpack_array(struct aa_ext *e, const char *name, u16 *size);
176 size_t aa_unpack_blob(struct aa_ext *e, char **blob, const char *name);
177 int aa_unpack_str(struct aa_ext *e, const char **string, const char *name);
178 int aa_unpack_strdup(struct aa_ext *e, char **string, const char *name);
|
| A D | perms.h | 158 int e, error = FN1; \
159 e = FN2; \
160 if (e) \
161 error = e; \
|
| /security/landlock/ |
| A D | Kconfig | 12 set of access rights (e.g. open a file in read-only, make a
|
| /security/selinux/ |
| A D | Kconfig | 58 chain lengths are high (e.g. > 20) then selecting a higher value here
|
| /security/ |
| A D | Kconfig | 221 specify an empty string here (i.e. "").
|