| /security/ipe/ |
| A D | hooks.c | 114 enum ipe_op_type op; in ipe_kernel_read_file() local
118 op = IPE_OP_FIRMWARE; in ipe_kernel_read_file()
127 op = IPE_OP_KEXEC_IMAGE; in ipe_kernel_read_file()
130 op = IPE_OP_POLICY; in ipe_kernel_read_file()
133 op = IPE_OP_X509; in ipe_kernel_read_file()
136 op = IPE_OP_INVALID; in ipe_kernel_read_file()
159 enum ipe_op_type op; in ipe_kernel_load_data() local
163 op = IPE_OP_FIRMWARE; in ipe_kernel_load_data()
175 op = IPE_OP_POLICY; in ipe_kernel_load_data()
178 op = IPE_OP_X509; in ipe_kernel_load_data()
[all …]
|
| A D | audit.c | 97 audit_log_format(ab, " rule=\"op=%s ", audit_op_names[r->op]); in audit_rule()
131 const char *op = audit_op_names[ctx->op]; in ipe_audit_match() local
145 op, audit_hook_names[ctx->hook], READ_ONCE(enforce), in ipe_audit_match()
166 audit_log_format(ab, " rule=\"DEFAULT op=%s action=%s\"", op, in ipe_audit_match()
200 void ipe_audit_policy_activation(const struct ipe_policy *const op, in ipe_audit_policy_activation() argument
210 if (op) { in ipe_audit_policy_activation()
211 audit_policy(ab, AUDIT_OLD_ACTIVE_POLICY_FMT, op); in ipe_audit_policy_activation()
|
| A D | policy_parser.c | 365 enum ipe_op_type op = IPE_OP_INVALID; in parse_rule() local
390 op = parse_operation(t); in parse_rule()
391 if (op == IPE_OP_INVALID) in parse_rule()
414 } else if (op == IPE_OP_INVALID) { in parse_rule()
420 if (p->rules[op].default_action != IPE_ACTION_INVALID) in parse_rule()
423 p->rules[op].default_action = action; in parse_rule()
425 } else if (op != IPE_OP_INVALID && action != IPE_ACTION_INVALID) { in parse_rule()
426 r->op = op; in parse_rule()
435 list_add_tail(&r->next, &p->rules[op].rules); in parse_rule()
|
| A D | eval.c | 94 enum ipe_op_type op, in ipe_build_eval_ctx() argument
100 ctx->op = op; in ipe_build_eval_ctx()
334 if (ctx->op == IPE_OP_INVALID) { in ipe_evaluate_event()
345 rules = &pol->parsed->rules[ctx->op]; in ipe_evaluate_event()
|
| A D | eval.h | 41 enum ipe_op_type op; member
66 enum ipe_op_type op,
|
| A D | audit.h | 15 void ipe_audit_policy_activation(const struct ipe_policy *const op,
|
| /security/apparmor/include/ |
| A D | af_unix.h | 36 struct aa_label *label, const char *op, u32 request,
39 int aa_unix_sock_perm(const char *op, u32 request, struct socket *sock);
48 int aa_unix_msg_perm(const char *op, u32 request, struct socket *sock,
50 int aa_unix_opt_perm(const char *op, u32 request, struct socket *sock, int level,
53 const char *op, u32 request, struct file *file);
|
| A D | file.h | 76 const char *op, u32 request, const char *name,
87 int __aa_path_perm(const char *op, const struct cred *subj_cred,
91 int aa_path_perm(const char *op, const struct cred *subj_cred,
99 int aa_file_perm(const char *op, const struct cred *subj_cred,
|
| A D | audit.h | 115 const char *op; member
178 .op = (X), \
206 int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule, gfp_t gfp);
208 int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule);
|
| A D | net.h | 100 const char *op, u32 request, u16 family,
110 int aa_sk_perm(const char *op, u32 request, struct sock *sk);
113 const char *op, u32 request,
116 int apparmor_secmark_check(struct aa_label *label, char *op, u32 request,
|
| /security/apparmor/ |
| A D | file.c | 97 const char *op, u32 request, const char *name, in aa_audit_file() argument
102 DEFINE_AUDIT_DATA(ad, LSM_AUDIT_DATA_TASK, AA_CLASS_FILE, op); in aa_audit_file()
162 profile, &nullperms, op, request, *name, in path_name()
237 profile, perms, op, request, name, NULL, NULL, in __aa_path_perm()
254 error = path_name(op, subj_cred, &profile->label, path, in profile_path_perm()
275 int aa_path_perm(const char *op, const struct cred *subj_cred, in aa_path_perm() argument
291 profile_path_perm(op, subj_cred, profile, path, buffer, in aa_path_perm()
506 profile_path_perm(op, subj_cred, profile, in __file_path_perm()
520 profile_path_perm(op, subj_cred, in __file_path_perm()
526 profile_path_perm(op, subj_cred, in __file_path_perm()
[all …]
|
| A D | audit.c | 101 if (ad->op) in audit_pre()
102 audit_log_format(ab, " operation=\"%s\"", ad->op); in audit_pre()
220 int aa_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule, gfp_t gfp) in aa_audit_rule_init() argument
226 if (op != Audit_equal && op != Audit_not_equal) in aa_audit_rule_init()
267 int aa_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op, void *vrule) in aa_audit_rule_match() argument
283 switch (op) { in aa_audit_rule_match()
|
| A D | af_unix.c | 55 return aa_path_perm(op, subj_cred, label, path, in unix_fs_perm()
302 return unix_fs_perm(ad->op, AA_MAY_LISTEN, in profile_listen_perm()
337 return unix_fs_perm(ad->op, AA_MAY_ACCEPT, in profile_accept_perm()
368 return unix_fs_perm(ad->op, request, in profile_opt_perm()
447 const char *op, u32 request, struct sock *sk, in aa_unix_label_sk_perm() argument
452 DEFINE_AUDIT_SK(ad, op, subj_cred, sk); in aa_unix_label_sk_perm()
589 DEFINE_AUDIT_SK(ad, op, current_cred(), sock->sk); in aa_unix_opt_perm()
607 DEFINE_AUDIT_SK(ad, op, subj_cred, sk); in unix_peer_perm()
758 unix_fs_perm(op, request, subj_cred, label, in aa_unix_file_perm()
771 xcheck(unix_peer_perm(subj_cred, label, op, in aa_unix_file_perm()
[all …]
|
| A D | net.c | 273 const char *op, u32 request, u16 family, int type, int protocol) in aa_af_perm() argument
276 DEFINE_AUDIT_NET(ad, op, subj_cred, NULL, family, type, protocol); in aa_af_perm()
285 const char *op, u32 request, in aa_label_sk_perm() argument
296 DEFINE_AUDIT_SK(ad, op, subj_cred, sk); in aa_label_sk_perm()
306 int aa_sk_perm(const char *op, u32 request, struct sock *sk) in aa_sk_perm() argument
316 error = aa_label_sk_perm(current_cred(), label, op, request, sk); in aa_sk_perm()
324 const char *op, u32 request, struct file *file) in aa_sock_file_perm() argument
333 return aa_unix_file_perm(subj_cred, label, op, request, file); in aa_sock_file_perm()
334 return aa_label_sk_perm(subj_cred, label, op, request, sock->sk); in aa_sock_file_perm()
393 int apparmor_secmark_check(struct aa_label *label, char *op, u32 request, in apparmor_secmark_check() argument
[all …]
|
| A D | policy.c | 916 const char *op; in aa_may_manage_policy() local
919 op = OP_PROF_RM; in aa_may_manage_policy()
921 op = OP_PROF_REPL; in aa_may_manage_policy()
923 op = OP_PROF_LOAD; in aa_may_manage_policy()
927 return audit_policy(label, op, NULL, NULL, "policy_locked", in aa_may_manage_policy()
1096 const char *op; in aa_replace_profiles() local
1135 op = OP_PROF_LOAD; in aa_replace_profiles()
1262 audit_policy(label, op, ns_name, ent->new->base.hname, in aa_replace_profiles()
1275 audit_policy(label, op, ns_name, ent->new->base.hname, NULL, in aa_replace_profiles()
1312 op = (ent && !ent->old) ? OP_PROF_LOAD : OP_PROF_REPL; in aa_replace_profiles()
[all …]
|
| A D | procattr.c | 77 static char *split_token_from_name(const char *op, char *args, u64 *token) in split_token_from_name() argument
83 AA_ERROR("%s: Invalid input '%s'", op, args); in split_token_from_name()
|
| A D | lsm.c | 227 error = aa_path_perm(op, current_cred(), label, path, 0, mask, in common_perm()
254 return common_perm(op, path, mask, &cond); in common_perm_cond()
273 return common_perm(op, &path, mask, cond); in common_perm_dir_dentry()
299 return common_perm_dir_dentry(op, dir, dentry, mask, &cond); in common_perm_rm()
320 return common_perm_dir_dentry(op, dir, dentry, mask, &cond); in common_perm_create()
580 return common_file_perm(op, file, mask, in_atomic); in common_mmap()
1430 return aa_sk_perm(op, request, sock->sk); in aa_sock_msg_perm()
1453 return aa_unix_sock_perm(op, request, sock); in aa_sock_perm()
1454 return aa_sk_perm(op, request, sock->sk); in aa_sock_perm()
1476 return aa_unix_opt_perm(op, request, sock, level, optname); in aa_sock_opt_perm()
[all …]
|
| A D | domain.c | 1350 static int change_profile_perms_wrapper(const char *op, const char *name, in change_profile_perms_wrapper() argument
1365 error = aa_audit_file(subj_cred, profile, perms, op, request, in change_profile_perms_wrapper()
1399 char *op; in aa_change_profile() local
1423 op = OP_STACK_ONEXEC; in aa_change_profile()
1425 op = OP_CHANGE_ONEXEC; in aa_change_profile()
1429 op = OP_STACK; in aa_change_profile()
1431 op = OP_CHANGE_PROFILE; in aa_change_profile()
1450 aa_audit_file(subj_cred, profile, &perms, op, in aa_change_profile()
1496 change_profile_perms_wrapper(op, auditname, in aa_change_profile()
1570 profile, &perms, op, request, auditname, in aa_change_profile()
|
| /security/keys/ |
| A D | keyctl_pkey.c | 115 int op, in keyctl_pkey_params_get_2() argument
136 switch (op) { in keyctl_pkey_params_get_2()
212 long keyctl_pkey_e_d_s(int op, in keyctl_pkey_e_d_s() argument
222 ret = keyctl_pkey_params_get_2(_params, _info, op, ¶ms); in keyctl_pkey_e_d_s()
230 switch (op) { in keyctl_pkey_e_d_s()
232 params.op = kernel_pkey_encrypt; in keyctl_pkey_e_d_s()
235 params.op = kernel_pkey_decrypt; in keyctl_pkey_e_d_s()
238 params.op = kernel_pkey_sign; in keyctl_pkey_e_d_s()
318 params.op = kernel_pkey_verify; in keyctl_pkey_verify()
|
| A D | request_key_auth.c | 161 struct key *request_key_auth_new(struct key *target, const char *op, in request_key_auth_new() argument
181 strscpy(rka->op, op, sizeof(rka->op)); in request_key_auth_new()
|
| /security/integrity/ |
| A D | integrity_audit.c | 29 const unsigned char *fname, const char *op, in integrity_audit_msg() argument
32 integrity_audit_message(audit_msgno, inode, fname, op, cause, in integrity_audit_msg()
37 const unsigned char *fname, const char *op, in integrity_audit_message() argument
56 audit_log_format(ab, " op=%s cause=%s comm=", op, cause); in integrity_audit_message()
|
| A D | integrity.h | 207 const unsigned char *fname, const char *op,
211 const unsigned char *fname, const char *op,
224 const char *op, const char *cause, in integrity_audit_msg() argument
232 const char *op, const char *cause, in integrity_audit_message() argument
|
| /security/selinux/include/ |
| A D | audit.h | 30 int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule,
52 int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op,
|
| /security/integrity/ima/ |
| A D | ima_api.c | 106 static const char op[] = "add_template_measure"; in ima_store_template() local
116 template_name, op, in ima_store_template()
122 result = ima_add_template_entry(entry, violation, op, inode, filename); in ima_store_template()
134 struct ima_iint_cache *iint, const char *op, in ima_add_violation() argument
160 op, cause, result, 0); in ima_add_violation()
354 static const char op[] = "add_template_measure"; in ima_store_measurement() local
379 op, audit_cause, result, 0); in ima_store_measurement()
|
| A D | ima_init.c | 44 static const char op[] = "add_boot_aggregate"; in ima_add_boot_aggregate() local
98 integrity_audit_msg(AUDIT_INTEGRITY_PCR, NULL, boot_aggregate_name, op, in ima_add_boot_aggregate()
|