Searched refs:audit (Results 1 – 25 of 68) sorted by relevance

123

/linux/tools/perf/scripts/python/Perf-Trace-Util/lib/Perf/Trace/
A D	Util.py	54 import audit 56 'x86_64': audit.MACH_86_64, 58 'alpha' : audit.MACH_ALPHA, 59 'ia64' : audit.MACH_IA64, 60 'ppc' : audit.MACH_PPC, 61 'ppc64' : audit.MACH_PPC64, 63 's390' : audit.MACH_S390, 64 's390x' : audit.MACH_S390X, 65 'i386' : audit.MACH_X86, 66 'i586' : audit.MACH_X86, [all …]
/linux/Documentation/ABI/stable/
A D	procfs-audit_loginuid	3 KernelVersion: 2.6.11-rc2 1e2d1492e178 ("[PATCH] audit: handle loginuid through proc") 4 Contact: linux-audit@redhat.com 5 Users: audit and login applications 8 read to get the audit login UID of process $pid as a 20 Contact: linux-audit@redhat.com 21 Users: audit and login applications 24 audit login session ID of process $pid as a decimal
/linux/arch/x86/ia32/
A D	Makefile	6 audit-class-$(CONFIG_AUDIT) := audit.o 7 obj-$(CONFIG_IA32_EMULATION) += $(audit-class-y)
/linux/security/integrity/
A D	integrity_audit.c	20 unsigned long audit; in integrity_audit_setup() local 22 if (!kstrtoul(str, 0, &audit)) in integrity_audit_setup() 23 integrity_audit_info = audit ? 1 : 0; in integrity_audit_setup()
/linux/security/apparmor/
A D	domain.c	660 goto audit; in profile_transition() 708 goto audit; in profile_transition() 721 audit: in profile_transition() 770 goto audit; in profile_onexec() 777 goto audit; in profile_onexec() 788 goto audit; in profile_onexec() 801 audit: in profile_onexec() 947 goto audit; in apparmor_bprm_creds_for_exec() 992 audit: in apparmor_bprm_creds_for_exec() 1043 audit: in build_change_hat() [all …]
A D	file.c	114 u32 mask = perms->audit; in aa_audit_file() 332 goto audit; in profile_path_link() 339 goto audit; in profile_path_link() 348 goto audit; in profile_path_link() 357 lperms.audit = perms.audit; in profile_path_link() 364 goto audit; in profile_path_link() 383 goto audit; in profile_path_link() 389 goto audit; in profile_path_link() 395 audit: in profile_path_link()
A D	mount.c	145 u32 mask = perms->audit; in audit_mount() 179 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount() 328 goto audit; in match_mnt_path_str() 333 goto audit; in match_mnt_path_str() 342 goto audit; in match_mnt_path_str() 346 audit: in match_mnt_path_str() 623 goto audit; in profile_umount() 632 audit: in profile_umount() 691 goto audit; in build_pivotroot() 696 goto audit; in build_pivotroot() [all …]
A D	policy_compat.c	118 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_fperms_user() 133 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in compute_fperms_other() 217 perms.audit = dfa_user_audit(dfa, state); in compute_perms_entry() 241 perms.audit |= map_other(dfa_other_audit(dfa, state)); in compute_perms_entry()
A D	lib.c	316 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms() 322 perms->audit = 0; in aa_apply_modes_to_perms() 397 request &= perms->audit; in aa_check_perms()
A D	net.c	246 if (rules->secmark[i].audit) in aa_secmark_perm() 247 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
A D	Makefile	6 apparmor-y := apparmorfs.o audit.o capability.o task.o ipc.o lib.o match.o \
A D	capability.c	77 !cap_raised(rules->caps.audit, cap))) in audit_caps()
/linux/security/apparmor/include/
A D	perms.h	80 u32 audit; /* set only when allow is set */ member 112 accum->audit |= addend->audit & addend->allow; in aa_perms_accum_raw() 139 accum->audit |= addend->audit & accum->allow; in aa_perms_accum()
A D	capability.h	30 kernel_cap_t audit; member
A D	policy.h	231 enum audit_mode audit; member 387 return profile->audit; in AUDIT_MODE()
A D	file.h	72 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
/linux/security/tomoyo/
A D	Kconfig	30 int "Default maximal count for audit log" 36 audit logs that the kernel can hold on memory. 37 You can read the log via /sys/kernel/security/tomoyo/audit. 38 If you don't need audit logs, you may set this value to 0.
A D	Makefile	2 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
/linux/Documentation/admin-guide/LSM/
A D	ipe.rst	119 generates audit logs which may be utilized to detect and analyze failures 339 type=1327 audit(1653364370.067:61): 707974686F6E3300746573742F6D61696E2E7079002D6E00 343 type=1327 audit(1653364735.161:64): 707974686F6E3300746573742F6D61696E2E7079002D6E00 384 …type=1327 audit(1653425583.136:54): PROCTITLE proctitle=707974686F6E3300746573742F6D61696E2E707900… 428 …type=1327 audit(1653425529.927:53): PROCTITLE proctitle=707974686F6E3300746573742F6D61696E2E707900… 460 …type=1404 audit(1653425689.008:55): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 ena… 462 type=1327 audit(1653425689.008:55): proctitle="-bash" 464 …type=1404 audit(1653425689.008:55): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 ena… 466 type=1327 audit(1653425689.008:55): proctitle="-bash" 483 | enabled | integer | No | The new TTY audit enabled setting … [all …]
/linux/arch/sparc/kernel/
A D	Makefile	114 obj-$(CONFIG_AUDIT) += audit.o 115 audit--$(CONFIG_AUDIT) := compat_audit.o 116 obj-$(CONFIG_COMPAT) += $(audit--y)
/linux/tools/perf/Documentation/
A D	security.txt	140 monitoring and observability operations. Inspect system audit records for 155 audit records using journalctl command or /var/log/audit/audit.log so the 163 …audit[1318098]: AVC avc: denied { open } for pid=1318098 comm="perf" scontext=unconfined_u:unco… 168 be generated using the system audit records about blocking perf_event access.
/linux/drivers/comedi/
A D	TODO	5 - audit userspace interface
/linux/security/ipe/
A D	Makefile	26 audit.o \
/linux/tools/perf/
A D	command-list.txt	34 perf-trace mainporcelain audit
/linux/arch/parisc/kernel/
A D	Makefile	33 obj-$(CONFIG_AUDIT) += audit.o

Completed in 51 milliseconds

123

Last Index update Fri Aug 22 08:59:00 CST 2025