rule (reference) in projects: security - OpenGrok search results

Project(s)

Full Search
Definition
Symbol
File Path
Type

Searched refs:rule (Results 1 – 18 of 18) sorted by relevance

/security/safesetid/
A D	securityfs.c	32 struct setid_rule rule) in parse_policy_line() argument 53 if (rule->type == UID){ in parse_policy_line() 56 if (!uid_valid(rule->src_id.uid) \|\| !uid_valid(rule->dst_id.uid)) in parse_policy_line() 61 if (!gid_valid(rule->src_id.gid) \|\| !gid_valid(rule->dst_id.gid)) in parse_policy_line() 75 struct setid_rule rule; in __release_ruleset() local 79 kfree(rule); in __release_ruleset() 91 hash_add(pol->rules, &rule->next, __kuid_val(rule->src_id.uid)); in insert_rule() 93 hash_add(pol->rules, &rule->next, __kgid_val(rule->src_id.gid)); in insert_rule() 179 if (!rule) { in handle_policy_update() 189 if (_setid_policy_lookup(pol, rule->src_id, rule->dst_id) == SIDPOL_ALLOWED) { in handle_policy_update() [all …]
A D	lsm.c	36 struct setid_rule *rule; in _setid_policy_lookup() local 40 hash_for_each_possible(policy->rules, rule, next, __kuid_val(src.uid)) { in _setid_policy_lookup() 41 if (!uid_eq(rule->src_id.uid, src.uid)) in _setid_policy_lookup() 43 if (uid_eq(rule->dst_id.uid, dst.uid)) in _setid_policy_lookup() 48 hash_for_each_possible(policy->rules, rule, next, __kgid_val(src.gid)) { in _setid_policy_lookup() 49 if (!gid_eq(rule->src_id.gid, src.gid)) in _setid_policy_lookup() 51 if (gid_eq(rule->dst_id.gid, dst.gid)){ in _setid_policy_lookup()
/security/apparmor/
A D	audit.c	211 struct aa_audit_rule rule = vrule; in aa_audit_rule_free() local 213 if (rule) { in aa_audit_rule_free() 214 if (!IS_ERR(rule->label)) in aa_audit_rule_free() 215 aa_put_label(rule->label); in aa_audit_rule_free() 216 kfree(rule); in aa_audit_rule_free() 222 struct aa_audit_rule rule; in aa_audit_rule_init() local 235 if (!rule) in aa_audit_rule_init() 241 if (IS_ERR(rule->label)) { in aa_audit_rule_init() 242 int err = PTR_ERR(rule->label); in aa_audit_rule_init() 243 aa_audit_rule_free(rule); in aa_audit_rule_init() [all …]
A D	af_unix.c	`173 struct aa_ruleset *rule, aa_state_t state, in match_label() argument 184 state = aa_dfa_match(rule->policy->dfa, state, in match_label() 191 return aa_do_perms(profile, rule->policy, state, request, p, ad); in match_label()`
/security/integrity/ima/
A D	ima_policy.c	522 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rule_data() 607 if ((rule->flags & IMA_UID) && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules() 611 if (!rule->uid_op(cred->euid, rule->uid) in ima_match_rules() 612 && !rule->uid_op(cred->suid, rule->uid) in ima_match_rules() 613 && !rule->uid_op(cred->uid, rule->uid)) in ima_match_rules() 615 } else if (!rule->uid_op(cred->euid, rule->uid)) in ima_match_rules() 618 if ((rule->flags & IMA_GID) && !rule->gid_op(cred->gid, rule->gid)) in ima_match_rules() 622 if (!rule->gid_op(cred->egid, rule->gid) in ima_match_rules() 623 && !rule->gid_op(cred->sgid, rule->gid) in ima_match_rules() 624 && !rule->gid_op(cred->gid, rule->gid)) in ima_match_rules() [all …]
A D	Kconfig	`197 Enabling this rule will require all kexec'ed kernel images to 202 kexec_load syscall. Enabling this rule will prevent its 210 Enabling this rule will require all kernel modules to be signed 214 via the finit_module syscall. Enabling this rule will prevent 222 Enabling this rule will require the IMA policy to be signed and`
/security/selinux/include/
A D	audit.h	`30 int selinux_audit_rule_init(u32 field, u32 op, char rulestr, void rule, 40 void selinux_audit_rule_free(void rule); 53 void rule); 60 int selinux_audit_rule_known(struct audit_krule rule);`
/security/smack/
A D	smackfs.c	339 rule->smk_subject = skp; in smk_fill_rule() 348 rule->smk_object = skp; in smk_fill_rule() 355 rule->smk_access2 = ~rule->smk_access1; in smk_fill_rule() 513 rc = smk_set_access(&rule, &rule.smk_subject->smk_rules, in smk_write_rules_list() 826 char *rule; in smk_set_cipso() local 849 rule = data; in smk_set_cipso() 863 rule += SMK_LABELLEN; in smk_set_cipso() 867 if (rule > data + count) { in smk_set_cipso() 876 rule += SMK_DIGITLEN; in smk_set_cipso() 893 rule += SMK_DIGITLEN; in smk_set_cipso() [all …]
A D	Kconfig	`22 When access is granted by a rule with the "b" mode a 29 access rule set once the behavior is well understood.`
A D	smack_lsm.c	`4688 char rule = (char )vrule; in smack_audit_rule_init() local 4689 rule = NULL; in smack_audit_rule_init() 4701 rule = skp->smk_known; in smack_audit_rule_init() 4743 char *rule = vrule; in smack_audit_rule_match() local 4745 if (unlikely(!rule)) { in smack_audit_rule_match() 4759 return (rule == skp->smk_known); in smack_audit_rule_match() 4761 return (rule != skp->smk_known); in smack_audit_rule_match()`
/security/ipe/
A D	eval.c	`318 const struct ipe_rule *rule = NULL; in ipe_evaluate_event() local 347 list_for_each_entry(rule, &rules->rules, next) { in ipe_evaluate_event() 350 list_for_each_entry(prop, &rule->props, next) { in ipe_evaluate_event() 361 action = rule->action; in ipe_evaluate_event() 372 ipe_audit_match(ctx, match_type, action, rule); in ipe_evaluate_event()`
/security/landlock/
A D	ruleset.c	82 const struct landlock_rule rule = { in build_check_rule() local 86 BUILD_BUG_ON(rule.num_layers < LANDLOCK_MAX_NUM_LAYERS); in build_check_rule() 163 static void free_rule(struct landlock_rule const rule, in free_rule() argument 167 if (!rule) in free_rule() 170 landlock_put_object(rule->key.object); in free_rule() 171 kfree(rule); in free_rule() 616 bool landlock_unmask_layers(const struct landlock_rule const rule, in landlock_unmask_layers() argument 625 if (!rule) in landlock_unmask_layers() 638 for (layer_level = 0; layer_level < rule->num_layers; layer_level++) { in landlock_unmask_layers() 640 &rule->layers[layer_level]; in landlock_unmask_layers()
A D	net.c	`51 const struct landlock_rule *rule; in current_check_access_socket() local 177 rule = landlock_find_rule(subject->domain, id); in current_check_access_socket() 181 if (landlock_unmask_layers(rule, access_request, &layer_masks, in current_check_access_socket()`
A D	fs.c	`367 const struct landlock_rule rule; in find_rule() local 380 rule = landlock_find_rule(domain, id); in find_rule() 382 return rule; in find_rule() 841 const struct landlock_rule rule; in is_access_to_paths_allowed() local 883 rule = find_rule(domain, walker_path.dentry); in is_access_to_paths_allowed() 886 rule, access_masked_parent1, in is_access_to_paths_allowed() 891 rule, access_masked_parent2, in is_access_to_paths_allowed()`
A D	ruleset.h	`304 bool landlock_unmask_layers(const struct landlock_rule *const rule,`
/security/selinux/ss/
A D	services.c	3575 struct selinux_audit_rule rule = vrule; in selinux_audit_rule_free() local 3577 if (rule) { in selinux_audit_rule_free() 3578 context_destroy(&rule->au_ctxt); in selinux_audit_rule_free() 3579 kfree(rule); in selinux_audit_rule_free() 3596 rule = NULL; in selinux_audit_rule_init() 3674 rule = tmprule; in selinux_audit_rule_init() 3680 rule = NULL; in selinux_audit_rule_init() 3689 for (i = 0; i < rule->field_count; i++) { in selinux_audit_rule_known() 3715 struct selinux_audit_rule *rule = vrule; in selinux_audit_rule_match() local 3718 if (unlikely(!rule)) { in selinux_audit_rule_match() [all …]
/security/apparmor/include/
A D	audit.h	`207 int aa_audit_rule_known(struct audit_krule *rule);`
/security/keys/
A D	Kconfig	`53 LSMs gets to rule on which admin-level processes get to access the`

Completed in 51 milliseconds

arch
block
certs
crypto
Documentation
drivers
fs
include
init
io_uring
ipc
kernel
lib
LICENSES
mm
net
rust
samples
scripts
security
sound
tools
usr
virt