| /security/ |
| A D | lsm_audit.c | 60 ad->u.net->dport = th->dest; in ipv4_skb_to_auditdata()
67 ad->u.net->dport = uh->dest; in ipv4_skb_to_auditdata()
74 ad->u.net->dport = sh->dest; in ipv4_skb_to_auditdata()
258 inode = a->u.inode; in audit_log_lsm_data()
286 if (a->u.net->sk) { in audit_log_lsm_data()
319 u = unix_sk(sk); in audit_log_lsm_data()
323 if (u->path.dentry) { in audit_log_lsm_data()
341 a->u.net->sport, in audit_log_lsm_data()
344 a->u.net->dport, in audit_log_lsm_data()
349 a->u.net->sport, in audit_log_lsm_data()
[all …]
|
| /security/keys/trusted-keys/ |
| A D | trusted_tee.c | 85 param[0].u.memref.shm = reg_shm; in trusted_tee_seal()
86 param[0].u.memref.size = p->key_len; in trusted_tee_seal()
87 param[0].u.memref.shm_offs = 0; in trusted_tee_seal()
89 param[1].u.memref.shm = reg_shm; in trusted_tee_seal()
132 param[0].u.memref.shm = reg_shm; in trusted_tee_unseal()
136 param[1].u.memref.shm = reg_shm; in trusted_tee_unseal()
138 param[1].u.memref.shm_offs = 0; in trusted_tee_unseal()
178 param[0].u.memref.shm = reg_shm; in trusted_tee_get_random()
179 param[0].u.memref.size = key_len; in trusted_tee_get_random()
180 param[0].u.memref.shm_offs = 0; in trusted_tee_get_random()
[all …]
|
| /security/selinux/ss/ |
| A D | avtab.c | 85 *xperms = *(datum->u.xperms); in avtab_insert_node()
86 newnode->datum.u.xperms = xperms; in avtab_insert_node()
88 newnode->datum.u.data = datum->u.data; in avtab_insert_node()
234 temp->datum.u.xperms); in avtab_destroy()
413 datum.u.data = le32_to_cpu(buf32[items++]); in avtab_read_item()
487 datum.u.xperms = &xperms; in avtab_read_item()
494 datum.u.data = le32_to_cpu(*buf32); in avtab_read_item()
497 !policydb_type_isvalid(pol, datum.u.data)) { in avtab_read_item()
556 __le32 buf32[ARRAY_SIZE(cur->datum.u.xperms->perms.p)]; in avtab_write_item()
579 ARRAY_SIZE(cur->datum.u.xperms->perms.p), fp); in avtab_write_item()
[all …]
|
| A D | policydb.c | 380 kfree(c->u.name); in ocontext_destroy()
2217 if (!strcmp(newc->u.name, c->u.name) && in genfs_read()
2224 len = strlen(newc->u.name); in genfs_read()
2225 len2 = strlen(c->u.name); in genfs_read()
2303 c->u.name); in ocontext_read()
2384 c->u.ibpkey.subnet_prefix = in ocontext_read()
3340 len = strlen(c->u.name); in ocontext_write()
3378 len = strlen(c->u.name); in ocontext_write()
3393 c->u.node6.addr in ocontext_write()
3397 c->u.node6.mask in ocontext_write()
[all …]
|
| A D | services.c | 605 node->datum.u.xperms->driver); in services_compute_xperms_drivers()
611 node->datum.u.xperms->driver); in services_compute_xperms_drivers()
999 node->datum.u.xperms->specified); in services_compute_xperms_decision()
1008 &node->datum.u.xperms->perms, in services_compute_xperms_decision()
1013 &node->datum.u.xperms->perms, in services_compute_xperms_decision()
2469 c->u.port.low_port <= port && in security_port_sid()
2470 c->u.port.high_port >= port) in security_port_sid()
2630 if (strcmp(c->u.name, name) == 0) in security_netif_sid()
2705 if (c->u.node.addr == (addr & c->u.node.mask)) in security_node_sid()
2719 c->u.node6.mask)) in security_node_sid()
[all …]
|
| A D | avtab.h | 75 } u; member
|
| A D | conditional.c | 582 avd->allowed |= node->datum.u.data; in cond_compute_av()
590 avd->auditdeny &= node->datum.u.data; in cond_compute_av()
593 avd->auditallow |= node->datum.u.data; in cond_compute_av()
|
| A D | policydb.h | 196 } u; member
|
| /security/apparmor/ |
| A D | net.c | 100 const struct unix_sock *u = unix_sk(sk); in audit_unix_sk_addr() local
102 if (u && u->addr) { in audit_unix_sk_addr()
104 struct sockaddr_un *addr = aa_sunaddr(u, &addrlen); in audit_unix_sk_addr()
119 if (address_family_names[ad->common.u.net->family]) in audit_net_cb()
121 address_family_names[ad->common.u.net->family]); in audit_net_cb()
124 ad->common.u.net->family); in audit_net_cb()
144 if (ad->common.u.net->family == PF_UNIX) { in audit_net_cb()
145 if (ad->net.addr || !ad->common.u.net->sk) in audit_net_cb()
150 audit_unix_sk_addr(ab, "addr", ad->common.u.net->sk); in audit_net_cb()
|
| A D | af_unix.c | 28 static inline struct sock *aa_unix_sk(struct unix_sock *u) in aa_unix_sk() argument
30 return &u->sk; in aa_unix_sk()
113 addr = smp_load_acquire(&u->addr); in aa_sunaddr()
124 struct unix_sock *u, struct aa_perms **p, in match_to_sk() argument
128 struct sockaddr_un *addr = aa_sunaddr(u, &addrlen); in match_to_sk()
131 u->sk.sk_protocol, addr, addrlen, p, info); in match_to_sk()
139 u32 request, struct unix_sock *u, in match_to_cmd() argument
145 state = match_to_sk(policy, state, request, u, p, info); in match_to_cmd()
156 u32 request, struct unix_sock *u, in match_to_peer() argument
629 struct unix_sock *u = unix_sk(sk); in aa_unix_peer_perm() local
[all …]
|
| A D | audit.c | 197 ad->common.u.tsk ? ad->common.u.tsk : current); in aa_audit()
|
| A D | capability.c | 52 audit_log_untrustedstring(ab, capability_names[sa->u.cap]); in audit_cb()
187 ad.common.u.cap = cap; in aa_capable()
|
| A D | label.c | 203 long u = FLAG_UNCONFINED; in accum_label_info() local
213 u |= new->vec[i]->label.flags & (FLAG_DEBUG1 | FLAG_DEBUG2 | in accum_label_info()
215 if (!(u & new->vec[i]->label.flags & FLAG_UNCONFINED)) in accum_label_info()
216 u &= ~FLAG_UNCONFINED; in accum_label_info()
219 new->flags |= u; in accum_label_info()
|
| A D | file.c | 112 ad.common.u.tsk = NULL; in aa_audit_file()
|
| /security/landlock/ |
| A D | task.c | 115 .u.tsk = child, in hook_ptrace_access_check()
161 .u.tsk = current, in hook_ptrace_traceme()
288 .u.net = &(struct lsm_network_audit) { in hook_unix_stream_connect()
325 .u.net = &(struct lsm_network_audit) { in hook_unix_may_send()
383 .u.tsk = p, in hook_task_kill()
424 .u.tsk = tsk, in hook_file_send_sigiotask()
|
| A D | fs.c | 933 log_request_parent1->audit.u.path = *path; in is_access_to_paths_allowed()
943 log_request_parent2->audit.u.path = *path; in is_access_to_paths_allowed()
1226 request1.audit.u.path.dentry = old_parent; in current_check_refer_path()
1230 request2.audit.u.path.dentry = new_dir->dentry; in current_check_refer_path()
1384 .u.path = *path, in log_fs_change_topology_path()
1398 .u.dentry = dentry, in log_fs_change_topology_dentry()
1710 .u.file = file, in hook_file_truncate()
1746 .u.op = &(struct lsm_ioctlop_audit) { in hook_file_ioctl_common()
|
| A D | net.c | 190 .audit.u.net = &audit_net, in current_check_access_socket()
|
| /security/smack/ |
| A D | smack.h | 467 a->a.u.net = net; in smk_ad_init_net()
473 a->a.u.tsk = t; in smk_ad_setfield_u_tsk()
478 a->a.u.dentry = d; in smk_ad_setfield_u_fs_path_dentry()
483 a->a.u.inode = i; in smk_ad_setfield_u_fs_inode()
488 a->a.u.path = p; in smk_ad_setfield_u_fs_path()
493 a->a.u.net->sk = sk; in smk_ad_setfield_u_net_sk()
|
| A D | smack_lsm.c | 2689 ad.a.u.net->family = PF_INET6; in smk_ipv6_check()
3139 ad.a.u.ipc_id = isp->id; in smk_curacc_shm()
3228 ad.a.u.ipc_id = isp->id; in smk_curacc_sem()
3323 ad.a.u.ipc_id = isp->id; in smk_curacc_msq()
3431 ad.a.u.ipc_id = ipp->id; in smack_ipc_permission()
4192 ad.a.u.net->family = family; in smack_socket_sock_rcv_skb()
4193 ad.a.u.net->netif = skb->skb_iif; in smack_socket_sock_rcv_skb()
4225 ad.a.u.net->family = family; in smack_socket_sock_rcv_skb()
4226 ad.a.u.net->netif = skb->skb_iif; in smack_socket_sock_rcv_skb()
4398 ad.a.u.net->family = family; in smack_inet_conn_request()
[all …]
|
| /security/selinux/ |
| A D | hooks.c | 237 ad->u.net = net; in __ad_net_init()
1640 ad.u.cap = cap; in cred_has_capability()
1715 ad.u.path = *path; in path_has_perm()
1730 ad.u.file = file; in file_path_has_perm()
1757 ad.u.file = file; in file_has_perm()
3516 ad.u.path = *path; in selinux_path_notify()
3819 ad.u.op = &ioctl; in ioctl_has_perm()
4255 ad.u.file = file; in selinux_kernel_load_from_file()
4930 ad.u.net = &net; in selinux_socket_bind()
5071 ad.u.net = &net; in selinux_socket_connect_helper()
[all …]
|
| /security/apparmor/include/ |
| A D | af_unix.h | 34 struct sockaddr_un *aa_sunaddr(const struct unix_sock *u, int *addrlen);
|
| A D | audit.h | 180 .common.u.tsk = NULL, \
|
| A D | net.h | 68 NAME.common.u.net = &(NAME ## _net); \
|
| /security/tomoyo/ |
| A D | network.c | 597 struct tomoyo_unix_addr_info *u = &address->unix0; in tomoyo_check_unix_address() local
603 u->addr = ((struct sockaddr_un *) addr)->sun_path; in tomoyo_check_unix_address()
604 u->addr_len = addr_len; in tomoyo_check_unix_address()
|