| /security/selinux/include/ |
| A D | security.h | 233 u32 seqno;
234 u32 flags;
244 u32 p[8];
283 int security_member_sid(u32 ssid, u32 tsid, u16 tclass, u32 *out_sid);
285 int security_change_sid(u32 ssid, u32 tsid, u16 tclass, u32 *out_sid);
299 u32 *out_sid, u32 def_sid, gfp_t gfp_flags);
304 int security_get_user_sids(u32 fromsid, const char *username, u32 **sids, u32 *nel);
316 int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid,
319 int security_validate_transition_user(u32 oldsid, u32 newsid, u32 tasksid,
324 int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid);
[all …]
|
| A D | avc.h | 49 u32 ssid;
50 u32 tsid;
52 u32 requested;
53 u32 audited;
54 u32 denied;
65 int result, u32 auditdeny, u32 *deniedp) in avc_audit_required()
101 int slow_avc_audit(u32 ssid, u32 tsid, u16 tclass, u32 requested, u32 audited,
123 static inline int avc_audit(u32 ssid, u32 tsid, u16 tclass, u32 requested, in avc_audit()
137 int avc_has_perm_noaudit(u32 ssid, u32 tsid, u16 tclass, u32 requested,
140 int avc_has_perm(u32 ssid, u32 tsid, u16 tclass, u32 requested,
[all …]
|
| A D | objsec.h | 33 u32 isid; /* inode SID */
41 u32 sid; /* current SID */
42 u32 exec_sid; /* exec SID */
43 u32 create_sid; /* fscreate SID */
73 u32 sid; /* SID of this object */
98 u32 sid; /* SID of message */
117 u32 sid; /* SID for this node */
122 u32 sid; /* SID for this node */
139 u32 peer_sid; /* SID of peer */
152 u32 sid; /* SID of key */
[all …]
|
| A D | xfrm.h | 25 struct xfrm_sec_ctx *polsec, u32 secid);
28 int selinux_xfrm_policy_lookup(struct xfrm_sec_ctx *ctx, u32 fl_secid);
41 int selinux_xfrm_sock_rcv_skb(u32 sk_sid, struct sk_buff *skb,
43 int selinux_xfrm_postroute_last(u32 sk_sid, struct sk_buff *skb,
45 int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, int ckall);
46 int selinux_xfrm_skb_sid(struct sk_buff *skb, u32 *sid);
63 static inline int selinux_xfrm_sock_rcv_skb(u32 sk_sid, struct sk_buff *skb, in selinux_xfrm_sock_rcv_skb()
69 static inline int selinux_xfrm_postroute_last(u32 sk_sid, struct sk_buff *skb, in selinux_xfrm_postroute_last()
76 static inline int selinux_xfrm_decode_session(struct sk_buff *skb, u32 *sid, in selinux_xfrm_decode_session()
87 static inline int selinux_xfrm_skb_sid(struct sk_buff *skb, u32 *sid) in selinux_xfrm_skb_sid()
|
| A D | audit.h | 30 int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **rule,
52 int selinux_audit_rule_match(struct lsm_prop *prop, u32 field, u32 op,
|
| /security/selinux/ss/ |
| A D | policydb.h | 140 u32 source_type;
141 u32 target_type;
142 u32 target_class;
161 u32 flags;
180 u32 addr;
181 u32 mask;
184 u32 addr[4];
185 u32 mask[4];
202 u32 sid[2]; /* SID(s) */
279 u32 cond_list_len;
[all …]
|
| A D | ebitmap.h | 39 u32 startbit;
52 u32 ofs; in ebitmap_start_positive()
68 struct ebitmap_node **n, u32 bit) in ebitmap_next_positive()
70 u32 ofs; in ebitmap_next_positive()
91 u32 index = EBITMAP_NODE_INDEX(n, bit); in ebitmap_node_get_bit()
92 u32 ofs = EBITMAP_NODE_OFFSET(n, bit); in ebitmap_node_get_bit()
102 u32 index = EBITMAP_NODE_INDEX(n, bit); in ebitmap_node_set_bit()
103 u32 ofs = EBITMAP_NODE_OFFSET(n, bit); in ebitmap_node_set_bit()
112 u32 ofs = EBITMAP_NODE_OFFSET(n, bit); in ebitmap_node_clr_bit()
128 u32 last_e2bit);
[all …]
|
| A D | sidtab.h | 22 u32 sid;
23 u32 hash;
87 u32 count;
95 u32 cache_free_slots;
109 struct sidtab_entry *sidtab_search_entry(struct sidtab *s, u32 sid);
110 struct sidtab_entry *sidtab_search_entry_force(struct sidtab *s, u32 sid);
112 static inline struct context *sidtab_search(struct sidtab *s, u32 sid) in sidtab_search()
143 const char *str, u32 str_len);
145 u32 *out_len);
149 const char *str, u32 str_len) in sidtab_sid2str_put()
[all …]
|
| A D | sidtab.c | 28 u32 len;
37 u32 i; in sidtab_init()
63 u32 sid = 0; in context_to_sid()
81 u32 hash; in sidtab_set_initial()
151 static u32 sidtab_level_from_count(u32 count) in sidtab_level_from_count()
154 u32 level = 0; in sidtab_level_from_count()
165 u32 l; in sidtab_alloc_roots()
366 u32 i; in sidtab_convert_hashtable()
379 u32 count, u32 level, in sidtab_convert_tree()
383 u32 i; in sidtab_convert_tree()
[all …]
|
| A D | avtab.c | 30 static inline u32 avtab_hash(const struct avtab_key *keyp, u32 mask) in avtab_hash()
34 static const u32 r1 = 15; in avtab_hash()
36 static const u32 m = 5; in avtab_hash()
39 u32 hash = 0; in avtab_hash()
123 u32 hvalue; in avtab_insert()
157 u32 hvalue; in avtab_insert_nonunique()
180 u32 hvalue; in avtab_search_node()
221 u32 i; in avtab_destroy()
270 u32 nslot = 0; in avtab_alloc()
514 u32 nel, i; in avtab_read()
[all …]
|
| A D | services.c | 756 static int security_compute_validatetrans(u32 oldsid, u32 newsid, u32 tasksid, in security_compute_validatetrans()
838 int security_validate_transition_user(u32 oldsid, u32 newsid, u32 tasksid, in security_validate_transition_user()
845 int security_validate_transition(u32 oldsid, u32 newsid, u32 tasksid, in security_validate_transition()
1553 u32 *sid, u32 def_sid, gfp_t gfp_flags, in security_context_to_sid_core()
1573 u32 i; in security_context_to_sid_core()
1672 u32 *sid, u32 def_sid, gfp_t gfp_flags) in security_context_to_sid_default()
1725 u32 stype, u32 ttype, u16 tclass, in filename_compute_type()
3049 u32 i; in security_get_bools()
3228 int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid) in security_sid_mls_copy()
3470 u32 i; in security_get_permissions()
[all …]
|
| A D | hashtab.h | 22 u32 (*hash)(const void *key); /* hash func */
34 u32 size; /* number of slots in hash table */
35 u32 nel; /* number of elements in hash table */
39 u32 slots_used;
40 u32 max_chain_len;
49 int hashtab_init(struct hashtab *h, u32 nel_hint);
65 u32 hvalue; in hashtab_insert()
100 u32 hvalue; in hashtab_search()
|
| A D | policydb.c | 788 u32 i; in policydb_destroy()
1008 u32 items; in mls_read_range_helper()
1132 u32 len; in perm_read()
1428 u32 len; in role_read()
1485 u32 len; in type_read()
1559 u32 len; in user_read()
1609 u32 len; in sens_read()
1645 u32 len; in cat_read()
1695 u32 bit; in user_bounds_sanity_check()
1732 u32 bit; in role_bounds_sanity_check()
[all …]
|
| A D | ebitmap.c | 24 #define BITS_PER_U64 ((u32)(sizeof(u64) * 8))
82 u32 bit; in ebitmap_and()
114 u32 offset; in ebitmap_netlbl_export()
165 u32 offset = 0, idx; in ebitmap_netlbl_import()
172 if (offset == (u32)-1) in ebitmap_netlbl_import()
219 u32 last_e2bit) in ebitmap_contains()
288 u32 s; in ebitmap_set_bit()
366 u32 mapunit, count, startbit, index, i; in ebitmap_read()
484 u32 bit, count, last_bit, last_startbit; in ebitmap_write()
506 rc = put_entry(buf, sizeof(u32), 3, fp); in ebitmap_write()
[all …]
|
| A D | conditional.c | 25 u32 i; in cond_evaluate_expr()
95 u32 i; in evaluate_cond_node()
124 u32 i; in evaluate_cond_nodes()
149 u32 i; in cond_list_destroy()
214 u32 len; in cond_read_bool()
261 u32 i; in cond_insertf()
481 u32 i; in cond_write_av_list()
503 u32 i; in cond_write_node()
535 u32 i; in cond_write_list()
604 u32 i; in cond_dup_av_list()
[all …]
|
| /security/apparmor/include/ |
| A D | perms.h | 70 u32 allow;
74 u32 cond; /* set only when ~allow and ~deny */
76 u32 kill; /* set only when ~allow | deny */
80 u32 audit; /* set only when allow is set */
81 u32 quiet; /* set only when ~allow | deny */
82 u32 hide; /* set only when ~allow | deny */
85 u32 xindex;
86 u32 tag; /* tag string index, if present */
204 u32 mask);
206 u32 mask);
[all …]
|
| A D | match.h | 46 u32 th_magic; /* YYTH_MAGIC */
47 u32 th_hsize;
48 u32 th_ssize;
85 u32 td_hilen;
86 u32 td_lolen;
91 #define TABLE_DATAU32(TABLE) ((u32 *)((TABLE)->td_data))
92 #define DEFAULT_TABLE(DFA) ((u32 *)((DFA)->tables[YYTD_ID_DEF]->td_data))
93 #define BASE_TABLE(DFA) ((u32 *)((DFA)->tables[YYTD_ID_BASE]->td_data))
94 #define NEXT_TABLE(DFA) ((u32 *)((DFA)->tables[YYTD_ID_NXT]->td_data))
95 #define CHECK_TABLE(DFA) ((u32 *)((DFA)->tables[YYTD_ID_CHK]->td_data))
[all …]
|
| A D | net.h | 81 u32 secid;
89 aa_state_t state, u32 request, struct aa_perms *p,
93 u32 request, u16 af, int type, int protocol,
98 u32 request, u16 family, int type, int protocol);
100 const char *op, u32 request, u16 family,
104 u32 request, in aa_profile_af_sk_perm()
110 int aa_sk_perm(const char *op, u32 request, struct sock *sk);
113 const char *op, u32 request,
116 int apparmor_secmark_check(struct aa_label *label, char *op, u32 request,
117 u32 secid, const struct sock *sk);
|
| A D | secid.h | 27 struct aa_label *aa_secid_to_label(u32 secid);
28 int apparmor_secid_to_secctx(u32 secid, struct lsm_context *cp);
30 int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid);
35 void aa_free_secid(u32 secid);
|
| A D | file.h | 45 u32 allow;
76 const char *op, u32 request, const char *name,
89 u32 request, struct path_cond *cond, int flags,
93 int flags, u32 request, struct path_cond *cond);
101 u32 request, bool in_atomic);
112 static inline u32 aa_map_file_to_perms(struct file *file) in aa_map_file_to_perms()
115 u32 perms = 0; in aa_map_file_to_perms()
|
| /security/selinux/ |
| A D | avc.c | 48 u32 ssid;
49 u32 tsid;
81 u32 events;
125 static inline u32 avc_hash(u32 ssid, u32 tsid, u16 tclass) in avc_hash()
657 u32 i; in avc_audit_pre_callback()
755 u32 requested, u32 audited, u32 denied, int result, in slow_avc_audit()
831 u8 xperm, u32 ssid, u32 tsid, u16 tclass, u32 seqno, in avc_update_node()
996 static noinline int avc_denied(u32 ssid, u32 tsid, u16 tclass, u32 requested, in avc_denied()
1019 int avc_has_extended_perms(u32 ssid, u32 tsid, u16 tclass, u32 requested, in avc_has_extended_perms()
1145 inline int avc_has_perm_noaudit(u32 ssid, u32 tsid, in avc_has_perm_noaudit()
[all …]
|
| A D | xfrm.c | 80 u32 str_len; in selinux_xfrm_alloc_user()
174 u32 state_sid; in selinux_xfrm_state_pol_flow_match()
175 u32 flic_sid; in selinux_xfrm_state_pol_flow_match()
207 static u32 selinux_xfrm_skb_sid_egress(struct sk_buff *skb) in selinux_xfrm_skb_sid_egress()
222 u32 *sid, int ckall) in selinux_xfrm_skb_sid_ingress()
224 u32 sid_session = SECSID_NULL; in selinux_xfrm_skb_sid_ingress()
265 int selinux_xfrm_skb_sid(struct sk_buff *skb, u32 *sid) in selinux_xfrm_skb_sid()
339 struct xfrm_sec_ctx *polsec, u32 secid) in selinux_xfrm_state_alloc_acquire()
344 u32 str_len; in selinux_xfrm_state_alloc_acquire()
399 int selinux_xfrm_sock_rcv_skb(u32 sk_sid, struct sk_buff *skb, in selinux_xfrm_sock_rcv_skb()
[all …]
|
| /security/ |
| A D | lsm_syscalls.c | 56 ctx, u32, size, u32, flags) in SYSCALL_DEFINE4() argument
78 ctx, u32 __user *, size, u32, flags) in SYSCALL_DEFINE4() argument
96 SYSCALL_DEFINE3(lsm_list_modules, u64 __user *, ids, u32 __user *, size, in SYSCALL_DEFINE3() argument
97 u32, flags) in SYSCALL_DEFINE3()
99 u32 total_size = lsm_active_cnt * sizeof(*ids); in SYSCALL_DEFINE3()
100 u32 usize; in SYSCALL_DEFINE3()
|
| /security/apparmor/ |
| A D | match.c | 264 u32 i; in remap_data16_to_data32()
422 u32 b = (base)[(state)]; \
454 u32 *base = BASE_TABLE(dfa); in aa_dfa_match_len()
455 u32 *next = NEXT_TABLE(dfa); in aa_dfa_match_len()
493 u32 *base = BASE_TABLE(dfa); in aa_dfa_match()
494 u32 *next = NEXT_TABLE(dfa); in aa_dfa_match()
531 u32 *base = BASE_TABLE(dfa); in aa_dfa_next()
532 u32 *next = NEXT_TABLE(dfa); in aa_dfa_next()
549 u32 *base = BASE_TABLE(dfa); in aa_dfa_outofband_transition()
550 u32 *next = NEXT_TABLE(dfa); in aa_dfa_outofband_transition()
[all …]
|
| A D | policy_compat.c | 24 static u32 dfa_map_xindex(u16 mask) in dfa_map_xindex()
27 u32 index = 0; in dfa_map_xindex()
78 static u32 map_old_perms(u32 old) in map_old_perms()
80 u32 new = old & 0xf; in map_old_perms()
151 u32 *size) in compute_fperms()
175 u32 *size) in compute_xmatch_perms()
197 static u32 map_other(u32 x) in map_other()
204 static u32 map_xbits(u32 x) in map_xbits()
212 u32 version) in compute_perms_entry()
250 u32 *size) in compute_perms()
[all …]
|