| /security/integrity/ |
| A D | digsig.c | 47 if (!keyring[id]) { in integrity_keyring_from_id()
48 keyring[id] = in integrity_keyring_from_id()
50 if (IS_ERR(keyring[id])) { in integrity_keyring_from_id()
53 keyring[id] = NULL; in integrity_keyring_from_id()
58 return keyring[id]; in integrity_keyring_from_id()
105 keyring[id] = keyring_alloc(keyring_name[id], KUIDT_INIT(0), in __integrity_init_keyring()
108 if (IS_ERR(keyring[id])) { in __integrity_init_keyring()
109 err = PTR_ERR(keyring[id]); in __integrity_init_keyring()
111 keyring_name[id], err); in __integrity_init_keyring()
112 keyring[id] = NULL; in __integrity_init_keyring()
[all …]
|
| A D | integrity.h | 130 int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
132 int integrity_modsig_verify(unsigned int id, const struct modsig *modsig);
134 int __init integrity_init_keyring(const unsigned int id);
135 int __init integrity_load_x509(const unsigned int id, const char *path);
136 int __init integrity_load_cert(const unsigned int id, const char *source,
140 static inline int integrity_digsig_verify(const unsigned int id, in integrity_digsig_verify() argument
147 static inline int integrity_modsig_verify(unsigned int id, in integrity_modsig_verify() argument
153 static inline int integrity_init_keyring(const unsigned int id) in integrity_init_keyring() argument
158 static inline int __init integrity_load_cert(const unsigned int id, in integrity_load_cert() argument
|
| /security/landlock/ |
| A D | ruleset.c | 128 if (is_object_pointer(id.type)) { in create_rule()
130 WARN_ON_ONCE(!id.key.object); in create_rule()
131 landlock_get_object(id.key.object); in create_rule()
134 new_rule->key = id.key; in create_rule()
218 if (is_object_pointer(id.type) && WARN_ON_ONCE(!id.key.object)) in insert_rule()
221 root = get_root(ruleset, id.type); in insert_rule()
269 free_rule(this, id.type); in insert_rule()
299 const struct landlock_id id, in landlock_insert_rule() argument
334 const struct landlock_id id = { in merge_tree() local
416 const struct landlock_id id = { in inherit_tree() local
[all …]
|
| A D | net.c | 26 const struct landlock_id id = { in landlock_append_net_rule() local
31 BUILD_BUG_ON(sizeof(port) > sizeof(id.key.data)); in landlock_append_net_rule()
38 err = landlock_insert_rule(ruleset, id, access_rights); in landlock_append_net_rule()
52 struct landlock_id id = { in current_check_access_socket() local
174 id.key.data = (__force uintptr_t)port; in current_check_access_socket()
175 BUILD_BUG_ON(sizeof(port) > sizeof(id.key.data)); in current_check_access_socket()
177 rule = landlock_find_rule(subject->domain, id); in current_check_access_socket()
|
| A D | audit.c | 118 WARN_ON_ONCE(hierarchy->id == 0); in log_domain()
122 hierarchy->id, pid_nr(hierarchy->details->pid), in log_domain()
160 .id = 10, in test_get_hierarchy()
164 .id = 20, in test_get_hierarchy()
168 .id = 30, in test_get_hierarchy()
175 KUNIT_EXPECT_EQ(test, 10, get_hierarchy(&dom2, 0)->id); in test_get_hierarchy()
176 KUNIT_EXPECT_EQ(test, 20, get_hierarchy(&dom2, 1)->id); in test_get_hierarchy()
177 KUNIT_EXPECT_EQ(test, 30, get_hierarchy(&dom2, 2)->id); in test_get_hierarchy()
456 audit_log_format(ab, "domain=%llx blockers=", youngest_denied->id); in landlock_log_denial()
500 hierarchy->id, atomic64_read(&hierarchy->num_denials)); in landlock_log_drop_domain()
|
| A D | id.c | 93 u64 id, step; in get_id_range() local
113 id = atomic64_fetch_add(step, counter); in get_id_range()
116 WARN_ON_ONCE(id == COUNTER_PRE_INIT); in get_id_range()
117 return id; in get_id_range()
|
| A D | ruleset.h | 204 const struct landlock_id id,
213 const struct landlock_id id);
|
| A D | Makefile | 9 id.o \
|
| A D | fs.c | 328 struct landlock_id id = { in landlock_append_fs_rule() local
342 id.key.object = get_inode_object(d_backing_inode(path->dentry)); in landlock_append_fs_rule()
343 if (IS_ERR(id.key.object)) in landlock_append_fs_rule()
344 return PTR_ERR(id.key.object); in landlock_append_fs_rule()
346 err = landlock_insert_rule(ruleset, id, access_rights); in landlock_append_fs_rule()
352 landlock_put_object(id.key.object); in landlock_append_fs_rule()
369 struct landlock_id id = { in find_rule() local
379 id.key.object = rcu_dereference(landlock_inode(inode)->object); in find_rule()
380 rule = landlock_find_rule(domain, id); in find_rule()
|
| A D | setup.c | 27 .id = LSM_ID_LANDLOCK,
|
| A D | domain.h | 102 u64 id; member
|
| /security/keys/ |
| A D | keyctl.c | 325 long keyctl_update_key(key_serial_t id, in keyctl_update_key() argument
379 long keyctl_revoke_key(key_serial_t id) in keyctl_revoke_key() argument
420 long keyctl_invalidate_key(key_serial_t id) in keyctl_invalidate_key() argument
426 kenter("%d", id); in keyctl_invalidate_key()
1184 kenter("%d,,%zu,%d", id, plen, ringid); in keyctl_instantiate_key_common()
1201 if (rka->target_key->serial != id) in keyctl_instantiate_key_common()
1362 if (rka->target_key->serial != id) in keyctl_reject_key()
1472 key_ref = lookup_user_key(id, in keyctl_set_timeout()
1523 if (id < 0) in keyctl_assume_authority()
1527 if (id == 0) { in keyctl_assume_authority()
[all …]
|
| A D | keyctl_pkey.c | 78 static int keyctl_pkey_params_get(key_serial_t id, in keyctl_pkey_params_get() argument
98 key_ref = lookup_user_key(id, 0, KEY_NEED_SEARCH); in keyctl_pkey_params_get()
169 long keyctl_pkey_query(key_serial_t id, in keyctl_pkey_query() argument
177 ret = keyctl_pkey_params_get(id, _info, ¶ms); in keyctl_pkey_query()
|
| A D | proc.c | 78 static struct key *find_ge_key(struct seq_file *p, key_serial_t id) in find_ge_key() argument
86 if (id < key->serial) { in find_ge_key()
90 } else if (id > key->serial) { in find_ge_key()
|
| A D | process_keys.c | 611 key_ref_t lookup_user_key(key_serial_t id, unsigned long lflags, in lookup_user_key() argument
629 switch (id) { in lookup_user_key()
746 if (id < 1) in lookup_user_key()
749 key = key_lookup(id); in lookup_user_key()
|
| /security/loadpin/ |
| A D | loadpin.c | 129 static int loadpin_check(struct file *file, enum kernel_read_file_id id) in loadpin_check() argument
132 const char *origin = kernel_read_file_id_str(id); in loadpin_check()
137 if ((unsigned int)id < ARRAY_SIZE(ignore_read_file_id) && in loadpin_check()
138 ignore_read_file_id[id]) { in loadpin_check()
190 static int loadpin_read_file(struct file *file, enum kernel_read_file_id id, in loadpin_read_file() argument
198 return loadpin_check(file, id); in loadpin_read_file()
201 static int loadpin_load_data(enum kernel_load_data_id id, bool contents) in loadpin_load_data() argument
208 return loadpin_check(NULL, (enum kernel_read_file_id) id); in loadpin_load_data()
213 .id = LSM_ID_LOADPIN,
|
| /security/ipe/ |
| A D | hooks.c | 110 int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id, in ipe_kernel_read_file() argument
116 switch (id) { in ipe_kernel_read_file()
137 WARN(1, "no rule setup for kernel_read_file enum %d", id); in ipe_kernel_read_file()
156 int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents) in ipe_kernel_load_data() argument
161 switch (id) { in ipe_kernel_load_data()
182 WARN(1, "no rule setup for kernel_load_data enum %d", id); in ipe_kernel_load_data()
|
| A D | hooks.h | 33 int ipe_kernel_read_file(struct file *file, enum kernel_read_file_id id,
36 int ipe_kernel_load_data(enum kernel_load_data_id id, bool contents);
|
| A D | ipe.c | 26 .id = LSM_ID_IPE,
|
| /security/tomoyo/ |
| A D | gc.c | 485 static void tomoyo_collect_member(const enum tomoyo_policy_id id, in tomoyo_collect_member() argument
495 tomoyo_try_to_gc(id, &member->list); in tomoyo_collect_member()
527 enum tomoyo_policy_id id; in tomoyo_collect_entry() local
544 for (id = 0; id < TOMOYO_MAX_POLICY; id++) in tomoyo_collect_entry()
545 tomoyo_collect_member(id, &ns->policy_list[id]); in tomoyo_collect_entry()
569 id = TOMOYO_ID_PATH_GROUP; in tomoyo_collect_entry()
572 id = TOMOYO_ID_NUMBER_GROUP; in tomoyo_collect_entry()
575 id = TOMOYO_ID_ADDRESS_GROUP; in tomoyo_collect_entry()
579 tomoyo_collect_member(id, &group->member_list); in tomoyo_collect_entry()
|
| /security/apparmor/ |
| A D | secid.c | 74 cp->id = LSM_ID_APPARMOR; in apparmor_label_to_secctx()
111 if (cp->id == LSM_ID_APPARMOR) { in apparmor_release_secctx()
114 cp->id = LSM_ID_UNDEF; in apparmor_release_secctx()
|
| /security/integrity/ima/ |
| A D | ima_template_lib.c | 640 unsigned int id; in ima_eventinodedac_init_common() local
646 id = i_uid_read(file_inode(event_data->file)); in ima_eventinodedac_init_common()
648 id = i_gid_read(file_inode(event_data->file)); in ima_eventinodedac_init_common()
651 if (sizeof(id) == sizeof(u16)) in ima_eventinodedac_init_common()
652 id = (__force u16)cpu_to_le16(id); in ima_eventinodedac_init_common()
654 id = (__force u32)cpu_to_le32(id); in ima_eventinodedac_init_common()
657 return ima_write_template_field_data((void *)&id, sizeof(id), in ima_eventinodedac_init_common()
|
| /security/ |
| A D | security.c | 884 u64 id, u64 flags) in lsm_fill_user_ctx() argument
905 nctx->id = id; in lsm_fill_user_ctx()
1158 return call_int_hook(quotactl, cmds, type, id, sb); in security_quotactl()
3400 enum kernel_read_file_id id) in security_kernel_post_read_file() argument
3436 enum kernel_load_data_id id, in security_kernel_post_load_data() argument
4137 struct lsm_ctx lctx = { .id = LSM_ID_UNDEF, }; in security_getselfattr()
4165 if (lctx.id == LSM_ID_UNDEF) in security_getselfattr()
4175 if (single && lctx.id != scall->hl->lsmid->id) in security_getselfattr()
4251 if ((scall->hl->lsmid->id) == lctx->id) { in security_setselfattr()
4278 if (lsmid != 0 && lsmid != scall->hl->lsmid->id) in security_getprocattr()
[all …]
|
| A D | lsm_syscalls.c | 116 if (put_user(lsm_idlist[i]->id, ids++)) in SYSCALL_DEFINE3()
|
| /security/bpf/ |
| A D | hooks.c | 20 .id = LSM_ID_BPF,
|