| /security/keys/ |
| A D | key.c | 79 user = NULL; in key_user_lookup()
104 user = candidate; in key_user_lookup()
113 return user; in key_user_lookup()
125 kfree(user); in key_user_put()
252 if (!user) in key_alloc()
267 user->qnbytes + quotalen < user->qnbytes) in key_alloc()
271 user->qnkeys++; in key_alloc()
291 key->user = user; in key_alloc()
333 user->qnkeys--; in key_alloc()
346 user->qnkeys--; in key_alloc()
[all …]
|
| A D | proc.c | 71 if (kuid_has_mapping(user_ns, key->user->uid)) in key_serial_next()
103 if (kuid_has_mapping(user_ns, minkey->user->uid)) in find_ge_key()
256 if (kuid_has_mapping(user_ns, user->uid)) in __key_user_next()
307 unsigned maxkeys = uid_eq(user->uid, GLOBAL_ROOT_UID) ? in proc_key_users_show()
309 unsigned maxbytes = uid_eq(user->uid, GLOBAL_ROOT_UID) ? in proc_key_users_show()
313 from_kuid_munged(seq_user_ns(m), user->uid), in proc_key_users_show()
314 refcount_read(&user->usage), in proc_key_users_show()
315 atomic_read(&user->nkeys), in proc_key_users_show()
316 atomic_read(&user->nikeys), in proc_key_users_show()
317 user->qnkeys, in proc_key_users_show()
[all …]
|
| A D | request_key.c | 372 struct key_user *user, in construct_alloc_key() argument
385 mutex_lock(&user->cons_lock); in construct_alloc_key()
437 mutex_unlock(&user->cons_lock); in construct_alloc_key()
459 mutex_unlock(&user->cons_lock); in construct_alloc_key()
465 mutex_unlock(&user->cons_lock); in construct_alloc_key()
475 mutex_unlock(&user->cons_lock); in construct_alloc_key()
481 mutex_unlock(&user->cons_lock); in construct_alloc_key()
496 struct key_user *user; in construct_key_and_link() local
509 user = key_user_lookup(current_fsuid()); in construct_key_and_link()
510 if (!user) { in construct_key_and_link()
[all …]
|
| A D | keyctl.c | 959 uid = make_kuid(current_user_ns(), user); in keyctl_chown_key()
962 if ((user != (uid_t) -1) && !uid_valid(uid)) in keyctl_chown_key()
968 if (user == (uid_t) -1 && group == (gid_t) -1) in keyctl_chown_key()
988 if (user != (uid_t) -1 && !uid_eq(key->uid, uid)) in keyctl_chown_key()
1025 spin_lock_irqsave(&key->user->lock, flags); in keyctl_chown_key()
1026 key->user->qnkeys--; in keyctl_chown_key()
1027 key->user->qnbytes -= key->quotalen; in keyctl_chown_key()
1031 atomic_dec(&key->user->nkeys); in keyctl_chown_key()
1035 atomic_dec(&key->user->nikeys); in keyctl_chown_key()
1039 zapowner = key->user; in keyctl_chown_key()
[all …]
|
| A D | gc.c | 158 atomic_dec(&key->user->nkeys); in key_gc_unused_keys()
160 atomic_dec(&key->user->nikeys); in key_gc_unused_keys()
162 key_user_put(key->user); in key_gc_unused_keys()
|
| A D | Kconfig | 51 A particular keyring may be accessed by either the user whose keyring
100 key can be either a trusted-key or user-key type. Only encrypted
106 bool "Allow encrypted keys with user decrypted data"
110 user-provided decrypted data. The decrypted data must be hex-ascii
|
| A D | process_keys.c | 82 uid_t uid = from_kuid(user_ns, cred->user->uid); in look_up_user_keyrings()
106 uid_keyring = keyring_alloc(buf, cred->user->uid, INVALID_GID, in look_up_user_keyrings()
128 session_keyring = keyring_alloc(buf, cred->user->uid, INVALID_GID, in look_up_user_keyrings()
206 cred->user->uid)); in get_user_session_keyring_rcu()
936 new->user = get_uid(old->user); in key_change_session_keyring()
|
| A D | internal.h | 71 extern void key_user_put(struct key_user *user);
|
| A D | keyring.c | 1158 if (!kuid_has_mapping(ns, keyring->user->uid)) in find_keyring_by_name()
|
| /security/selinux/ss/ |
| A D | context.h | 29 u32 user; member
160 dst->user = src->user; in context_cpy()
184 c->user = c->role = c->type = 0; in context_destroy()
198 return ((c1->user == c2->user) && (c1->role == c2->role) && in context_equal()
|
| A D | mls.c | 205 if (!c->user || c->user > p->p_users.nprim) in mls_context_isvalid()
207 usrdatum = p->user_val_to_struct[c->user - 1]; in mls_context_isvalid()
396 struct user_datum *user, struct context *usercon) in mls_setup_user_range() argument
401 struct mls_level *user_low = &(user->range.level[0]); in mls_setup_user_range()
402 struct mls_level *user_clr = &(user->range.level[1]); in mls_setup_user_range()
403 struct mls_level *user_def = &(user->dfltlevel); in mls_setup_user_range()
|
| A D | services.c | 780 if (!user) in security_compute_validatetrans()
820 if (user) in security_compute_validatetrans()
1831 newcontext.user = tcontext->user; in security_compute_sid()
1835 newcontext.user = scontext->user; in security_compute_sid()
1840 newcontext.user = tcontext->user; in security_compute_sid()
2807 if (!user) in security_get_user_sids()
2810 usercon.user = user->value; in security_get_user_sids()
3275 newcon.user = context1->user; in security_sid_mls_copy()
3750 match = (ctxt->user == rule->au_ctxt.user); in selinux_audit_rule_match()
3753 match = (ctxt->user != rule->au_ctxt.user); in selinux_audit_rule_match()
[all …]
|
| A D | context.c | 29 hash = jhash_3words(c->user, c->role, c->type, hash); in context_compute_hash()
|
| A D | mls.h | 50 struct user_datum *user, struct context *usercon);
|
| A D | policydb.c | 968 if (!c->user || c->user > p->p_users.nprim) in policydb_context_isvalid()
986 usrdatum = p->user_val_to_struct[c->user - 1]; in policydb_context_isvalid()
1075 c->user = le32_to_cpu(buf[0]); in context_read_and_validate()
1688 struct user_datum *upper, *user; in user_bounds_sanity_check() local
1692 upper = user = datum; in user_bounds_sanity_check()
1705 ebitmap_for_each_positive_bit(&user->roles, node, bit) in user_bounds_sanity_check()
1712 sym_name(p, SYM_USERS, user->value - 1), in user_bounds_sanity_check()
2951 buf[0] = cpu_to_le32(c->user); in context_write()
|
| /security/safesetid/ |
| A D | Kconfig | 12 with CAP_SET{U/G}ID, such as allowing a user to set up user namespace
|
| /security/integrity/ima/ |
| A D | Kconfig | 142 This option allows the root user to see the current policy rules.
294 bool "Require signed user-space initialization"
298 This option requires user-space init to be signed.
|
| /security/ |
| A D | Kconfig | 158 Intel TXT also helps solve real end user concerns about having
172 int "Low address space for LSM to protect from user allocation"
178 from userspace allocation. Keeping a user from writing to low pages
|
| /security/selinux/ |
| A D | selinuxfs.c | 1065 char *con = NULL, *user = NULL, *ptr; in sel_write_user() local
1089 user = kzalloc(size + 1, GFP_KERNEL); in sel_write_user()
1090 if (!user) in sel_write_user()
1094 if (sscanf(buf, "%s %s", con, user) != 2) in sel_write_user()
1101 length = security_get_user_sids(sid, user, &sids, &nsids); in sel_write_user()
1125 kfree(user); in sel_write_user()
|