Lines Matching refs:action

76 	int action;  member
124 {.action = DONT_MEASURE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
125 {.action = DONT_MEASURE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
126 {.action = DONT_MEASURE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
127 {.action = DONT_MEASURE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
128 {.action = DONT_MEASURE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
129 {.action = DONT_MEASURE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
130 {.action = DONT_MEASURE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
131 {.action = DONT_MEASURE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
132 {.action = DONT_MEASURE, .fsmagic = SMACK_MAGIC, .flags = IMA_FSMAGIC},
133 {.action = DONT_MEASURE, .fsmagic = CGROUP_SUPER_MAGIC,
135 {.action = DONT_MEASURE, .fsmagic = CGROUP2_SUPER_MAGIC,
137 {.action = DONT_MEASURE, .fsmagic = NSFS_MAGIC, .flags = IMA_FSMAGIC},
138 {.action = DONT_MEASURE, .fsmagic = EFIVARFS_MAGIC, .flags = IMA_FSMAGIC}
142 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
144 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
146 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
149 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
150 {.action = MEASURE, .func = FIRMWARE_CHECK, .flags = IMA_FUNC},
154 {.action = MEASURE, .func = MMAP_CHECK, .mask = MAY_EXEC,
156 {.action = MEASURE, .func = BPRM_CHECK, .mask = MAY_EXEC,
158 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
161 {.action = MEASURE, .func = FILE_CHECK, .mask = MAY_READ,
164 {.action = MEASURE, .func = MODULE_CHECK, .flags = IMA_FUNC},
165 {.action = MEASURE, .func = FIRMWARE_CHECK, .flags = IMA_FUNC},
166 {.action = MEASURE, .func = POLICY_CHECK, .flags = IMA_FUNC},
170 {.action = DONT_APPRAISE, .fsmagic = PROC_SUPER_MAGIC, .flags = IMA_FSMAGIC},
171 {.action = DONT_APPRAISE, .fsmagic = SYSFS_MAGIC, .flags = IMA_FSMAGIC},
172 {.action = DONT_APPRAISE, .fsmagic = DEBUGFS_MAGIC, .flags = IMA_FSMAGIC},
173 {.action = DONT_APPRAISE, .fsmagic = TMPFS_MAGIC, .flags = IMA_FSMAGIC},
174 {.action = DONT_APPRAISE, .fsmagic = RAMFS_MAGIC, .flags = IMA_FSMAGIC},
175 {.action = DONT_APPRAISE, .fsmagic = DEVPTS_SUPER_MAGIC, .flags = IMA_FSMAGIC},
176 {.action = DONT_APPRAISE, .fsmagic = BINFMTFS_MAGIC, .flags = IMA_FSMAGIC},
177 {.action = DONT_APPRAISE, .fsmagic = SECURITYFS_MAGIC, .flags = IMA_FSMAGIC},
178 {.action = DONT_APPRAISE, .fsmagic = SELINUX_MAGIC, .flags = IMA_FSMAGIC},
179 {.action = DONT_APPRAISE, .fsmagic = SMACK_MAGIC, .flags = IMA_FSMAGIC},
180 {.action = DONT_APPRAISE, .fsmagic = NSFS_MAGIC, .flags = IMA_FSMAGIC},
181 {.action = DONT_APPRAISE, .fsmagic = EFIVARFS_MAGIC, .flags = IMA_FSMAGIC},
182 {.action = DONT_APPRAISE, .fsmagic = CGROUP_SUPER_MAGIC, .flags = IMA_FSMAGIC},
183 {.action = DONT_APPRAISE, .fsmagic = CGROUP2_SUPER_MAGIC, .flags = IMA_FSMAGIC},
185 {.action = APPRAISE, .func = POLICY_CHECK,
189 {.action = APPRAISE, .fowner = GLOBAL_ROOT_UID, .fowner_op = &uid_eq,
193 {.action = APPRAISE, .fowner = GLOBAL_ROOT_UID, .fowner_op = &uid_eq,
200 {.action = APPRAISE, .func = MODULE_CHECK,
204 {.action = APPRAISE, .func = FIRMWARE_CHECK,
208 {.action = APPRAISE, .func = KEXEC_KERNEL_CHECK,
212 {.action = APPRAISE, .func = POLICY_CHECK,
218 {.action = APPRAISE, .func = MODULE_CHECK,
220 {.action = APPRAISE, .func = FIRMWARE_CHECK,
222 {.action = APPRAISE, .func = KEXEC_KERNEL_CHECK,
224 {.action = APPRAISE, .func = POLICY_CHECK,
229 {.action = MEASURE, .func = CRITICAL_DATA, .flags = IMA_FUNC},
697 int action = 0, actmask = flags | (flags << 1); in ima_match_policy() local
707 if (!(entry->action & actmask)) in ima_match_policy()
714 action |= entry->flags & IMA_NONACTION_FLAGS; in ima_match_policy()
716 action |= entry->action & IMA_DO_MASK; in ima_match_policy()
717 if (entry->action & IMA_APPRAISE) { in ima_match_policy()
718 action |= get_subaction(entry, func); in ima_match_policy()
719 action &= ~IMA_HASH; in ima_match_policy()
721 action |= IMA_FAIL_UNVERIFIABLE_SIGS; in ima_match_policy()
728 if (entry->action & IMA_DO_MASK) in ima_match_policy()
729 actmask &= ~(entry->action | entry->action << 1); in ima_match_policy()
731 actmask &= ~(entry->action | entry->action >> 1); in ima_match_policy()
744 return action; in ima_match_policy()
790 if (entry->action & IMA_DO_MASK) in ima_update_policy_flags()
791 new_policy_flag |= entry->action; in ima_update_policy_flags()
834 if (entries[i].action == APPRAISE) { in add_rules()
1195 if (entry->action == UNKNOWN) in ima_validate_rule()
1198 if (entry->action != MEASURE && entry->flags & IMA_PCR) in ima_validate_rule()
1201 if (entry->action != APPRAISE && in ima_validate_rule()
1253 if (entry->action & ~(MEASURE | DONT_MEASURE)) in ima_validate_rule()
1264 if (entry->action & ~(MEASURE | DONT_MEASURE)) in ima_validate_rule()
1276 if (entry->action & ~(MEASURE | DONT_MEASURE)) in ima_validate_rule()
1289 if (entry->action != APPRAISE) in ima_validate_rule()
1320 if (entry->action == APPRAISE && in ima_validate_rule()
1376 entry->action = UNKNOWN; in ima_parse_rule()
1391 if (entry->action != UNKNOWN) in ima_parse_rule()
1394 entry->action = MEASURE; in ima_parse_rule()
1399 if (entry->action != UNKNOWN) in ima_parse_rule()
1402 entry->action = DONT_MEASURE; in ima_parse_rule()
1407 if (entry->action != UNKNOWN) in ima_parse_rule()
1410 entry->action = APPRAISE; in ima_parse_rule()
1415 if (entry->action != UNKNOWN) in ima_parse_rule()
1418 entry->action = DONT_APPRAISE; in ima_parse_rule()
1423 if (entry->action != UNKNOWN) in ima_parse_rule()
1426 entry->action = AUDIT; in ima_parse_rule()
1431 if (entry->action != UNKNOWN) in ima_parse_rule()
1434 entry->action = HASH; in ima_parse_rule()
1439 if (entry->action != UNKNOWN) in ima_parse_rule()
1442 entry->action = DONT_HASH; in ima_parse_rule()
1816 if (entry->action != MEASURE) { in ima_parse_rule()
1844 else if (entry->action == APPRAISE) in ima_parse_rule()
1854 if (!result && entry->action == MEASURE && in ima_parse_rule()
2039 if (entry->action & MEASURE) in ima_policy_show()
2041 if (entry->action & DONT_MEASURE) in ima_policy_show()
2043 if (entry->action & APPRAISE) in ima_policy_show()
2045 if (entry->action & DONT_APPRAISE) in ima_policy_show()
2047 if (entry->action & AUDIT) in ima_policy_show()
2049 if (entry->action & HASH) in ima_policy_show()
2051 if (entry->action & DONT_HASH) in ima_policy_show()
2259 if (entry->action != APPRAISE) in ima_appraise_signature()