| /security/keys/ |
| A D | sysctl.c | 17 .mode = 0644,
26 .mode = 0644,
35 .mode = 0644,
44 .mode = 0644,
53 .mode = 0644,
63 .mode = 0644,
|
| /security/tomoyo/ |
| A D | audit.c | 120 switch (mode & S_IFMT) { in tomoyo_filetype()
188 umode_t mode; in tomoyo_print_header() local
194 mode = stat->mode; in tomoyo_print_header()
203 stat->mode & S_IALLUGO); in tomoyo_print_header()
213 mode & S_IALLUGO, tomoyo_filetype(mode)); in tomoyo_print_header()
214 if (S_ISCHR(mode) || S_ISBLK(mode)) { in tomoyo_print_header()
333 u8 mode; in tomoyo_get_audit() local
346 mode = p->config[index]; in tomoyo_get_audit()
347 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_audit()
348 mode = p->config[category]; in tomoyo_get_audit()
[all …]
|
| A D | file.c | 324 &acl->mode) && in tomoyo_check_mkdev_acl()
420 tomoyo_same_number_union(&p1->mode, &p2->mode) && in tomoyo_same_mkdev_acl()
481 tomoyo_put_number_union(&e.mode); in tomoyo_update_mkdev_acl()
580 if (r->mode == TOMOYO_CONFIG_DISABLED) in tomoyo_path_permission()
618 if (r->mode != TOMOYO_CONFIG_DISABLED) in tomoyo_execute_permission()
739 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_path_number_perm()
766 r.mode = TOMOYO_CONFIG_DISABLED; in tomoyo_check_open_permission()
788 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_check_open_permission()
881 r.param.mkdev.mode = mode; in tomoyo_mkdev_perm()
889 if (r.mode != TOMOYO_CONFIG_ENFORCING) in tomoyo_mkdev_perm()
[all …]
|
| A D | tomoyo.c | 175 umode_t mode) in tomoyo_path_mkdir() argument
180 mode & S_IALLUGO); in tomoyo_path_mkdir()
226 umode_t mode, unsigned int dev) in tomoyo_path_mknod() argument
230 const unsigned int perm = mode & S_IALLUGO; in tomoyo_path_mknod()
232 switch (mode & S_IFMT) { in tomoyo_path_mknod()
244 switch (mode & S_IFMT) { in tomoyo_path_mknod()
361 static int tomoyo_path_chmod(const struct path *path, umode_t mode) in tomoyo_path_chmod() argument
364 mode & S_IALLUGO); in tomoyo_path_chmod()
|
| A D | util.c | 995 u8 mode; in tomoyo_get_mode() local
1001 mode = p->config[index]; in tomoyo_get_mode()
1002 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_mode()
1003 mode = p->config[tomoyo_index2category[index] in tomoyo_get_mode()
1005 if (mode == TOMOYO_CONFIG_USE_DEFAULT) in tomoyo_get_mode()
1006 mode = p->default_config; in tomoyo_get_mode()
1007 return mode & 3; in tomoyo_get_mode()
1031 r->mode = tomoyo_get_mode(domain->ns, profile, index); in tomoyo_init_request_info()
1032 return r->mode; in tomoyo_init_request_info()
1050 if (r->mode != TOMOYO_CONFIG_LEARNING) in tomoyo_domain_quota_is_ok()
|
| A D | Kconfig | 17 int "Default maximal count for learning mode"
23 that are automatically appended into policy at "learning mode".
25 such programs in "learning mode" dulls the system response
53 enforcing mode from the beginning, you can reduce the possibility of
|
| A D | securityfs_if.c | 224 static void __init tomoyo_create_entry(const char *name, const umode_t mode, in tomoyo_create_entry() argument
227 securityfs_create_file(name, mode, parent, (void *) (uintptr_t) key, in tomoyo_create_entry()
|
| A D | common.h | 449 unsigned int mode; member
499 u8 mode; /* One of tomoyo_mode_index . */ member
571 umode_t mode; member
732 struct tomoyo_number_union mode; member
982 const unsigned int mode, unsigned int dev);
|
| /security/integrity/ima/ |
| A D | ima_efi.c | 16 enum efi_secureboot_mode mode; in get_sb_mode() local
23 mode = efi_get_secureboot_mode(efi.get_variable); in get_sb_mode()
24 if (mode == efi_secureboot_mode_disabled) in get_sb_mode()
26 else if (mode == efi_secureboot_mode_unknown) in get_sb_mode()
30 return mode; in get_sb_mode()
|
| A D | ima_template_lib.c | 689 u16 mode; in ima_eventinodemode_init() local
695 mode = inode->i_mode; in ima_eventinodemode_init()
697 mode = (__force u16)cpu_to_le16(mode); in ima_eventinodemode_init()
699 return ima_write_template_field_data((char *)&mode, sizeof(mode), in ima_eventinodemode_init()
|
| /security/ |
| A D | inode.c | 107 static struct dentry *securityfs_create_dentry(const char *name, umode_t mode, in securityfs_create_dentry() argument
117 if (!(mode & S_IFMT)) in securityfs_create_dentry()
118 mode = (mode & S_IALLUGO) | S_IFREG; in securityfs_create_dentry()
149 inode->i_mode = mode; in securityfs_create_dentry()
152 if (S_ISDIR(mode)) { in securityfs_create_dentry()
157 } else if (S_ISLNK(mode)) { in securityfs_create_dentry()
202 struct dentry *securityfs_create_file(const char *name, umode_t mode, in securityfs_create_file() argument
206 return securityfs_create_dentry(name, mode, parent, data, fops, NULL); in securityfs_create_file()
|
| A D | security.c | 1062 return call_int_hook(ptrace_access_check, child, mode); in security_ptrace_access_check()
1895 umode_t mode, unsigned int dev) in security_path_mknod() argument
1899 return call_int_hook(path_mknod, dir, dentry, mode, dev); in security_path_mknod()
1928 umode_t mode) in security_path_mkdir() argument
1932 return call_int_hook(path_mkdir, dir, dentry, mode); in security_path_mkdir()
2063 return call_int_hook(path_chmod, path, mode); in security_path_chmod()
2108 umode_t mode) in security_inode_create() argument
2112 return call_int_hook(inode_create, dir, dentry, mode); in security_inode_create()
2198 return call_int_hook(inode_mkdir, dir, dentry, mode); in security_inode_mkdir()
2233 umode_t mode, dev_t dev) in security_inode_mknod() argument
[all …]
|
| A D | min_addr.c | 52 .mode = 0644,
|
| /security/apparmor/include/ |
| A D | apparmorfs.h | 29 umode_t mode; member
43 { .name = (_name), .mode = 0444, \
47 { .name = (_name), .mode = 0444, \
51 { .name = (_name), .mode = 0444, \
56 .mode = (_mode), .file_ops = (_fops) }
|
| A D | policy.h | 44 ((_profile)->mode == (_mode)))
242 long mode; member
289 #define profile_unconfined(X) ((X)->mode == APPARMOR_UNCONFINED)
|
| /security/smack/ |
| A D | Kconfig | 21 Enable the bring-up ("b") access mode in Smack rules.
22 When access is granted by a rule with the "b" mode a
25 of access initially with the bringup mode set on the
31 "permissive" mode of other systems.
|
| A D | smack_access.c | 221 u32 mode, struct smk_audit_info *a) in smk_tskacc() argument
230 rc = smk_access(sbj_known, obj_known, mode, NULL); in smk_tskacc()
241 if ((mode & may) == mode) in smk_tskacc()
256 mode, rc, a); in smk_tskacc()
273 u32 mode, struct smk_audit_info *a) in smk_curacc() argument
277 return smk_tskacc(tsp, obj_known, mode, a); in smk_curacc()
|
| A D | smack_lsm.c | 109 smack_str_from_perm(s, mode); in smk_bu_mode()
124 smk_bu_mode(mode, acc); in smk_bu_note()
135 int mode, int rc) in smk_bu_current() argument
145 smk_bu_mode(mode, acc); in smk_bu_current()
167 smk_bu_mode(mode, acc); in smk_bu_task()
196 smk_bu_mode(mode, acc); in smk_bu_inode()
225 smk_bu_mode(mode, acc); in smk_bu_file()
238 int mode, int rc) in smk_bu_credfile() argument
255 smk_bu_mode(mode, acc); in smk_bu_credfile()
397 if (mode & PTRACE_MODE_READ) in smk_ptrace_mode()
[all …]
|
| /security/lockdown/ |
| A D | Kconfig | 20 prompt "Kernel default lockdown mode"
36 The kernel runs in integrity mode by default. Features that allow
42 The kernel runs in confidentiality mode by default. Features that
|
| /security/yama/ |
| A D | yama_lsm.c | 350 unsigned int mode) in yama_ptrace_access_check() argument
355 if (mode & PTRACE_MODE_ATTACH) { in yama_ptrace_access_check()
383 if (rc && (mode & PTRACE_MODE_NOAUDIT) == 0) in yama_ptrace_access_check()
455 .mode = 0644,
|
| /security/selinux/ |
| A D | Kconfig | 34 kernel will start in permissive mode (log everything, deny nothing)
36 can interactively toggle the kernel between enforcing mode and
37 permissive mode (if permitted by the policy) via
|
| /security/apparmor/ |
| A D | lsm.c | 125 unsigned int mode) in apparmor_ptrace_access_check() argument
136 (mode & PTRACE_MODE_READ) ? AA_PTRACE_READ in apparmor_ptrace_access_check()
297 cond.mode = inode->i_mode; in common_perm_rm()
329 umode_t mode) in apparmor_path_mkdir() argument
341 umode_t mode, unsigned int dev) in apparmor_path_mknod() argument
402 .mode = d_backing_inode(old_dentry)->i_mode in apparmor_path_rename()
409 .mode = d_backing_inode(new_dentry)->i_mode, in apparmor_path_rename()
487 .mode = inode->i_mode, in apparmor_file_open()
2323 .mode = 0600,
2331 .mode = 0600,
[all …]
|
| A D | apparmorfs.c | 215 umode_t mode, void *data, char *link, in __aafs_setup_d_inode() argument
228 inode->i_mode = mode; in __aafs_setup_d_inode()
231 if (S_ISDIR(mode)) { in __aafs_setup_d_inode()
236 } else if (S_ISLNK(mode)) { in __aafs_setup_d_inode()
264 static struct dentry *aafs_create(const char *name, umode_t mode, in aafs_create() argument
276 if (!(mode & S_IFMT)) in aafs_create()
277 mode = (mode & S_IALLUGO) | S_IFREG; in aafs_create()
329 return aafs_create(name, mode, parent, data, NULL, fops, NULL); in aafs_create_file()
1134 SEQ_PROFILE_FOPS(mode);
1807 struct dentry *dentry, umode_t mode) in ns_mkdir_op() argument
[all …]
|
| /security/integrity/evm/ |
| A D | evm_main.c | 638 umode_t mode; in evm_inode_set_acl_change() local
644 rc = posix_acl_update_mode(idmap, inode, &mode, &kacl); in evm_inode_set_acl_change()
645 if (rc || (inode->i_mode != mode)) in evm_inode_set_acl_change()
1082 fmode_t mode = file->f_mode; in evm_file_release() local
1084 if (!S_ISREG(inode->i_mode) || !(mode & FMODE_WRITE)) in evm_file_release()
|
| /security/landlock/ |
| A D | task.c | 86 const unsigned int mode) in hook_ptrace_access_check() argument
110 if (!(mode & PTRACE_MODE_NOAUDIT)) in hook_ptrace_access_check()
|