| /linux/security/apparmor/ |
| A D | policy_compat.c | 115 struct aa_perms perms = { }; in compute_fperms_user() local
124 return perms; in compute_fperms_user()
130 struct aa_perms perms = { }; in compute_fperms_other() local
139 return perms; in compute_fperms_other()
177 struct aa_perms *perms; in compute_xmatch_perms() local
186 if (!perms) in compute_xmatch_perms()
194 return perms; in compute_xmatch_perms()
246 return perms; in compute_perms_entry()
299 if (!policy->perms) in aa_compat_map_xmatch()
310 if (!policy->perms) in aa_compat_map_policy()
[all …]
|
| A D | lib.c | 316 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
319 perms->quiet = 0; in aa_apply_modes_to_perms()
322 perms->audit = 0; in aa_apply_modes_to_perms()
330 perms->kill = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
359 struct aa_perms perms; in aa_profile_label_perm() local
365 &perms); in aa_profile_label_perm()
367 *deny |= request & perms.deny; in aa_profile_label_perm()
393 u32 denied = request & (~perms->allow | perms->deny); in aa_check_perms()
397 request &= perms->audit; in aa_check_perms()
406 if (denied & perms->kill) in aa_check_perms()
[all …]
|
| A D | file.c | 114 u32 mask = perms->audit; in aa_audit_file()
185 if (!(file_rules->perms)) in aa_lookup_fperms()
206 struct aa_perms *perms) in aa_str_perms() argument
218 struct aa_perms *perms) in __aa_path_perm() argument
227 name, cond, perms); in __aa_path_perm()
254 flags, perms); in profile_path_perm()
274 struct aa_perms perms = {}; in aa_path_perm() local
359 lperms.kill = perms.kill; in profile_path_link()
363 lperms = perms; in profile_path_link()
516 &perms)); in __file_path_perm()
[all …]
|
| A D | domain.c | 146 *perms = allperms; in label_compound_match()
166 *perms = nullperms; in label_compound_match()
233 *perms = nullperms; in label_components_match()
255 *perms = nullperms; in label_match()
257 request, perms); in label_match()
261 *perms = allperms; in label_match()
290 perms->audit = perms->quiet = perms->kill = 0; in change_profile_perms()
785 state, &perms); in profile_onexec()
1304 perms); in change_profile_perms_wrapper()
1394 perms.audit = 0; in aa_change_profile()
[all …]
|
| A D | mount.c | 145 u32 mask = perms->audit; in audit_mount()
160 if (request & perms->kill) in audit_mount()
164 if ((request & perms->quiet) && in audit_mount()
167 request &= ~perms->quiet; in audit_mount()
235 AA_BUG(!policy->perms); in do_match_mnt()
236 AA_BUG(!perms); in do_match_mnt()
259 if (perms->allow & AA_MAY_MOUNT) in do_match_mnt()
312 struct aa_perms perms = { }; in match_mnt_path_str() local
609 struct aa_perms perms = { }; in profile_umount() local
675 struct aa_perms perms = { }; in build_pivotroot() local
[all …]
|
| A D | net.c | 115 struct aa_perms perms = { }; in aa_profile_af_perm() local
132 perms = *aa_lookup_perms(rules->policy, state); in aa_profile_af_perm()
133 aa_apply_modes_to_perms(profile, &perms); in aa_profile_af_perm()
135 return aa_check_perms(profile, &perms, request, ad, audit_net_cb); in aa_profile_af_perm()
225 struct aa_perms perms = { }; in aa_secmark_perm() local
242 perms.deny = ALL_PERMS_MASK; in aa_secmark_perm()
244 perms.allow = ALL_PERMS_MASK; in aa_secmark_perm()
247 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
251 aa_apply_modes_to_perms(profile, &perms); in aa_secmark_perm()
253 return aa_check_perms(profile, &perms, request, ad, audit_net_cb); in aa_secmark_perm()
|
| A D | task.c | 233 struct aa_perms perms = { }; in profile_ptrace_perm() local
238 &perms); in profile_ptrace_perm()
239 aa_apply_modes_to_perms(profile, &perms); in profile_ptrace_perm()
240 return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb); in profile_ptrace_perm()
320 struct aa_perms perms = { }; in aa_profile_ns_perm() local
336 perms = *aa_lookup_perms(rules->policy, state); in aa_profile_ns_perm()
337 aa_apply_modes_to_perms(profile, &perms); in aa_profile_ns_perm()
338 error = aa_check_perms(profile, &perms, request, ad, in aa_profile_ns_perm()
|
| A D | ipc.c | 85 struct aa_perms perms; in profile_signal_perm() local
98 aa_label_match(profile, rules, peer, state, false, request, &perms); in profile_signal_perm()
99 aa_apply_modes_to_perms(profile, &perms); in profile_signal_perm()
100 return aa_check_perms(profile, &perms, request, ad, audit_signal_cb); in profile_signal_perm()
|
| A D | policy_unpack.c | 672 AA_BUG(!perms); in unpack_perms_table()
686 if (!*perms) in unpack_perms_table()
697 *perms = NULL; in unpack_perms_table()
702 kfree(*perms); in unpack_perms_table()
724 pdb->perms = NULL; in unpack_pdb()
730 if (pdb->perms) { in unpack_pdb()
1011 if (!rules->policy->perms) { in unpack_profile()
1027 if (!rules->file->perms) { in unpack_profile()
1217 if (!verify_perm(&pdb->perms[i])) in verify_perms()
1223 if (pdb->perms[i].tag && pdb->perms[i].tag >= pdb->trans.size) in verify_perms()
[all …]
|
| /linux/security/apparmor/include/ |
| A D | file.h | 75 struct aa_profile *profile, struct aa_perms *perms,
84 struct aa_perms *perms);
110 u32 perms = 0; in aa_map_file_to_perms() local
113 perms |= MAY_WRITE; in aa_map_file_to_perms()
115 perms |= MAY_READ; in aa_map_file_to_perms()
117 if ((flags & O_APPEND) && (perms & MAY_WRITE)) in aa_map_file_to_perms()
118 perms = (perms & ~MAY_WRITE) | MAY_APPEND; in aa_map_file_to_perms()
121 perms |= MAY_WRITE; in aa_map_file_to_perms()
123 perms |= AA_MAY_CREATE; in aa_map_file_to_perms()
125 return perms; in aa_map_file_to_perms()
|
| /linux/include/linux/ |
| A D | kernel.h | 394 #define VERIFY_OCTAL_PERMISSIONS(perms) \ argument
395 (BUILD_BUG_ON_ZERO((perms) < 0) + \
396 BUILD_BUG_ON_ZERO((perms) > 0777) + \
398 BUILD_BUG_ON_ZERO((((perms) >> 6) & 4) < (((perms) >> 3) & 4)) + \
399 BUILD_BUG_ON_ZERO((((perms) >> 3) & 4) < ((perms) & 4)) + \
401 BUILD_BUG_ON_ZERO((((perms) >> 6) & 2) < (((perms) >> 3) & 2)) + \
403 BUILD_BUG_ON_ZERO((perms) & 2) + \
404 (perms))
|
| /linux/arch/arm/mm/ |
| A D | init.c | 405 if (!IS_ALIGNED(perms[i].start, SECTION_SIZE) || in set_section_perms()
406 !IS_ALIGNED(perms[i].end, SECTION_SIZE)) { in set_section_perms()
408 perms[i].name, perms[i].start, perms[i].end, in set_section_perms()
413 for (addr = perms[i].start; in set_section_perms()
414 addr < perms[i].end; in set_section_perms()
416 section_update(addr, perms[i].mask, in set_section_perms()
417 set ? perms[i].prot : perms[i].clear, mm); in set_section_perms()
427 static void update_sections_early(struct section_perm perms[], int n) in update_sections_early() argument
436 set_section_perms(perms, n, true, s->mm); in update_sections_early()
438 set_section_perms(perms, n, true, current->active_mm); in update_sections_early()
[all …]
|
| /linux/drivers/s390/crypto/ |
| A D | zcrypt_api.c | 120 struct ap_perms perms; member
502 struct ap_perms *perms = &ap_perms; in zcrypt_open() local
513 perms = &zcdndev->perms; in zcrypt_open()
515 filp->private_data = (void *)perms; in zcrypt_open()
699 if (!zcrypt_check_queue(perms, in zcrypt_rsa_modexpo()
803 if (!zcrypt_check_queue(perms, in zcrypt_rsa_crt()
924 if (!zcrypt_check_queue(perms, in _zcrypt_send_cprb()
1121 if (!zcrypt_check_queue(perms, in _zcrypt_send_ep11_cprb()
1584 struct ap_perms *perms = in zcrypt_unlocked_ioctl() local
1587 rc = zcrypt_check_ioctl(perms, cmd); in zcrypt_unlocked_ioctl()
[all …]
|
| /linux/drivers/soc/qcom/ |
| A D | rmtfs_mem.c | 34 u64 perms; member
174 struct qcom_scm_vmperm perms[NUM_MAX_VMIDS + 1]; in qcom_rmtfs_mem_probe() local
264 perms[0].vmid = QCOM_SCM_VMID_HLOS; in qcom_rmtfs_mem_probe()
265 perms[0].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
268 perms[i + 1].vmid = vmid[i]; in qcom_rmtfs_mem_probe()
269 perms[i + 1].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
272 rmtfs_mem->perms = BIT(QCOM_SCM_VMID_HLOS); in qcom_rmtfs_mem_probe()
274 &rmtfs_mem->perms, perms, num_vmids + 1); in qcom_rmtfs_mem_probe()
298 if (rmtfs_mem->perms) { in qcom_rmtfs_mem_remove()
303 &rmtfs_mem->perms, &perm, 1); in qcom_rmtfs_mem_remove()
|
| /linux/drivers/infiniband/sw/siw/ |
| A D | siw_mem.c | 98 mem->perms = rights & IWARP_ACCESS_MASK; in siw_mr_add_mem()
161 enum ib_access_flags perms, int len) in siw_check_mem() argument
174 if ((mem->perms & perms) < perms) { in siw_check_mem()
176 mem->perms, perms); in siw_check_mem()
215 enum ib_access_flags perms, u32 off, int len) in siw_check_sge() argument
240 rv = siw_check_mem(pd, *mem, sge->laddr + off, perms, len); in siw_check_sge()
|
| A D | siw_mem.h | 18 enum ib_access_flags perms, int len);
20 struct siw_mem *mem[], enum ib_access_flags perms,
|
| /linux/fs/nfsd/ |
| A D | nfs4acl.c | 431 struct posix_ace_state perms; member
581 a->aces[i].perms.allow = state->everyone.allow; in find_uid()
582 a->aces[i].perms.deny = state->everyone.deny; in find_uid()
598 a->aces[i].perms.allow = state->everyone.allow; in find_gid()
599 a->aces[i].perms.deny = state->everyone.deny; in find_gid()
609 deny_bits(&a->aces[i].perms, mask); in deny_bits_array()
617 allow_bits(&a->aces[i].perms, mask); in allow_bits_array()
640 allow_bits(&state->users->aces[i].perms, mask); in process_one_v4_ace()
642 deny_bits(&state->users->aces[i].perms, mask); in process_one_v4_ace()
643 mask = state->users->aces[i].perms.deny; in process_one_v4_ace()
[all …]
|
| /linux/fs/orangefs/ |
| A D | orangefs-utils.c | 106 if (attrs->perms & ORANGEFS_O_EXECUTE) in orangefs_inode_perms()
108 if (attrs->perms & ORANGEFS_O_WRITE) in orangefs_inode_perms()
110 if (attrs->perms & ORANGEFS_O_READ) in orangefs_inode_perms()
113 if (attrs->perms & ORANGEFS_G_EXECUTE) in orangefs_inode_perms()
115 if (attrs->perms & ORANGEFS_G_WRITE) in orangefs_inode_perms()
117 if (attrs->perms & ORANGEFS_G_READ) in orangefs_inode_perms()
120 if (attrs->perms & ORANGEFS_U_EXECUTE) in orangefs_inode_perms()
122 if (attrs->perms & ORANGEFS_U_WRITE) in orangefs_inode_perms()
124 if (attrs->perms & ORANGEFS_U_READ) in orangefs_inode_perms()
127 if (attrs->perms & ORANGEFS_G_SGID) in orangefs_inode_perms()
[all …]
|
| /linux/scripts/selinux/mdp/ |
| A D | mdp.c | 33 const char *perms[sizeof(unsigned) * 8 + 1]; member
88 for (j = 0; map->perms[j]; j++) in main()
89 fprintf(fout, "\t%s\n", map->perms[j]); in main()
109 for (j = 0; map->perms[j]; j++) in main()
110 fprintf(fout, "\t%s\n", map->perms[j]); in main()
|
| /linux/fs/hfsplus/ |
| A D | catalog.c | 84 perms->rootflags |= HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
86 perms->rootflags &= ~HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
88 perms->rootflags |= HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
90 perms->rootflags &= ~HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
92 perms->userflags = HFSPLUS_I(inode)->userflags; in hfsplus_cat_set_perms()
93 perms->mode = cpu_to_be16(inode->i_mode); in hfsplus_cat_set_perms()
94 perms->owner = cpu_to_be32(i_uid_read(inode)); in hfsplus_cat_set_perms()
95 perms->group = cpu_to_be32(i_gid_read(inode)); in hfsplus_cat_set_perms()
98 perms->dev = cpu_to_be32(inode->i_nlink); in hfsplus_cat_set_perms()
100 perms->dev = cpu_to_be32(inode->i_rdev); in hfsplus_cat_set_perms()
[all …]
|
| /linux/scripts/selinux/genheaders/ |
| A D | genheaders.c | 15 const char *perms[sizeof(unsigned) * 8 + 1]; member
132 for (j = 0; map->perms[j]; j++) { in main()
137 map->name, map->perms[j]); in main()
140 permname = stoupperx(map->perms[j]); in main()
|
| /linux/tools/testing/selftests/mm/ |
| A D | mlock2.h | 19 char perms[5]; in seek_to_smaps_entry() local
31 &start, &end, perms, &offset, dev, &inode, path) < 6) in seek_to_smaps_entry()
|
| /linux/security/selinux/include/ |
| A D | security.h | 227 #define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x)&0x1f)) argument
228 #define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x)&0x1f))) argument
314 char ***perms, u32 *nperms);
|
| /linux/security/selinux/ss/ |
| A D | avtab.c | 350 __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; in avtab_read_item()
473 sizeof(u32) * ARRAY_SIZE(xperms.perms.p)); in avtab_read_item()
478 for (i = 0; i < ARRAY_SIZE(xperms.perms.p); i++) in avtab_read_item()
479 xperms.perms.p[i] = le32_to_cpu(buf32[i]); in avtab_read_item()
549 __le32 buf32[ARRAY_SIZE(cur->datum.u.xperms->perms.p)]; in avtab_write_item()
569 for (i = 0; i < ARRAY_SIZE(cur->datum.u.xperms->perms.p); i++) in avtab_write_item()
570 buf32[i] = cpu_to_le32(cur->datum.u.xperms->perms.p[i]); in avtab_write_item()
572 ARRAY_SIZE(cur->datum.u.xperms->perms.p), fp); in avtab_write_item()
|
| /linux/security/selinux/ |
| A D | avc.c | 650 const char *const *perms; in avc_audit_pre_callback() local
660 perms = secclass_map[sad->tclass-1].perms; in avc_audit_pre_callback()
666 if ((perm & av) && perms[i]) { in avc_audit_pre_callback()
667 audit_log_format(ab, " %s", perms[i]); in avc_audit_pre_callback()
823 static int avc_update_node(u32 event, u32 perms, u8 driver, u8 xperm, u32 ssid, in avc_update_node() argument
881 node->ae.avd.allowed |= perms; in avc_update_node()
887 node->ae.avd.allowed &= ~perms; in avc_update_node()
890 node->ae.avd.auditallow |= perms; in avc_update_node()
893 node->ae.avd.auditallow &= ~perms; in avc_update_node()
896 node->ae.avd.auditdeny |= perms; in avc_update_node()
[all …]
|