Home
last modified time | relevance | path

Searched full:denied (Results 1 – 25 of 200) sorted by relevance

12345678

/Linux-v6.1/security/selinux/include/
Davc.h53 u32 denied; member
70 u32 denied, audited; in avc_audit_required() local
71 denied = requested & ~avd->allowed; in avc_audit_required()
72 if (unlikely(denied)) { in avc_audit_required()
73 audited = denied & avd->auditdeny; in avc_audit_required()
79 * actual permissions that were denied. As an example lets in avc_audit_required()
82 * denied == READ in avc_audit_required()
86 * We will NOT audit the denial even though the denied in avc_audit_required()
93 audited = denied = requested; in avc_audit_required()
96 *deniedp = denied; in avc_audit_required()
[all …]
/Linux-v6.1/include/trace/events/
Davc.h26 __field(u32, denied)
36 __entry->denied = sad->denied;
44 TP_printk("requested=0x%x denied=0x%x audited=0x%x result=%d scontext=%s tcontext=%s tclass=%s",
45 __entry->requested, __entry->denied, __entry->audited, __entry->result,
/Linux-v6.1/security/apparmor/
Dlib.c272 if (aad(sa)->denied) { in aa_audit_perms_cb()
274 aa_audit_perm_mask(ab, aad(sa)->denied, aa_file_perm_chrs, in aa_audit_perms_cb()
451 u32 denied = request & (~perms->allow | perms->deny); in aa_check_perms() local
453 if (likely(!denied)) { in aa_check_perms()
464 if (denied & perms->kill) in aa_check_perms()
466 else if (denied == (denied & perms->complain)) in aa_check_perms()
471 if (denied == (denied & perms->hide)) in aa_check_perms()
474 denied &= ~perms->quiet; in aa_check_perms()
475 if (!sa || !denied) in aa_check_perms()
482 aad(sa)->denied = denied; in aa_check_perms()
Dfile.c55 if (aad(sa)->denied & AA_AUDIT_FILE_MASK) { in file_audit_cb()
57 map_mask_to_chr_mask(aad(sa)->denied)); in file_audit_cb()
123 /* only report permissions that were denied */ in aa_audit_file()
140 aad(&sa)->denied = aad(&sa)->request & ~perms->allow; in aa_audit_file()
313 * Returns: %0 else error if access denied or other error
509 u32 request, u32 denied, bool in_atomic) in __file_path_perm() argument
521 if (!denied && aa_label_is_subset(flabel, label)) in __file_path_perm()
534 if (denied && !error) { in __file_path_perm()
564 u32 request, u32 denied) in __file_sock_perm() argument
572 if (!denied && aa_label_is_subset(flabel, label)) in __file_sock_perm()
[all …]
Dipc.c59 if (aad(sa)->denied & AA_SIGNAL_PERM_MASK) { in audit_signal_cb()
61 audit_signal_mask(aad(sa)->denied)); in audit_signal_cb()
Dtask.c216 if (aad(sa)->denied & AA_PTRACE_PERM_MASK) { in audit_ptrace_cb()
218 audit_ptrace_mask(aad(sa)->denied)); in audit_ptrace_cb()
281 * Returns: %0 else error code if permission denied or error
Dnet.c94 if (aad(sa)->denied & NET_PERMS_MASK) { in audit_net_cb()
96 aa_audit_perm_mask(ab, aad(sa)->denied, NULL, 0, in audit_net_cb()
/Linux-v6.1/security/selinux/
Davc.c394 u32 denied, audited; in avc_xperms_audit_required() local
396 denied = requested & ~avd->allowed; in avc_xperms_audit_required()
397 if (unlikely(denied)) { in avc_xperms_audit_required()
398 audited = denied & avd->auditdeny; in avc_xperms_audit_required()
404 audited = denied = requested; in avc_xperms_audit_required()
413 *deniedp = denied; in avc_xperms_audit_required()
424 u32 audited, denied; in avc_xperms_audit() local
427 requested, avd, xpd, perm, result, &denied); in avc_xperms_audit()
431 audited, denied, result, ad); in avc_xperms_audit()
674 audit_log_format(ab, "avc: %s ", sad->denied ? "denied" : "granted"); in avc_audit_pre_callback()
[all …]
/Linux-v6.1/Documentation/ABI/stable/
Dsysfs-hypervisor-xen7 Might return "<denied>" in case of special security settings
16 Might return "<denied>" in case of special security settings
25 Might return "<denied>" in case of special security settings
56 Might return "<denied>" in case of special security settings
105 Might return "<denied>" in case of special security settings
/Linux-v6.1/security/apparmor/include/
Dcapability.h23 * @denied: caps that are explicitly denied
31 kernel_cap_t denied; member
Daudit.h27 AUDIT_QUIET_DENIED, /* quiet all denied access messages */
115 u32 denied; member
/Linux-v6.1/Documentation/admin-guide/cgroup-v1/
Ddevices.rst19 never receive a device access which is denied by its parent.
77 If a device is denied in group A::
84 group whitelist entries denied devices
97 group whitelist entries denied devices
107 group whitelist entries denied devices
/Linux-v6.1/security/landlock/
Dptrace.c83 * the same rules. Else denied.
86 * granted, -errno if denied.
101 * or more rules. Else denied.
104 * process, returning 0 if permission is granted, -errno if denied.
/Linux-v6.1/include/uapi/linux/
Dlandlock.h125 * such a way that reparenting a file hierarchy is always denied by default.
130 * handle this access right, such actions are denied by default with errno
134 * directory) parent. Otherwise, such actions are denied with errno set to
/Linux-v6.1/arch/um/os-Linux/
Dexecvp.c92 /* Record the we got a `Permission denied' error. If we end in execvp_noalloc()
94 that we did find one but were denied access. */ in execvp_noalloc()
/Linux-v6.1/tools/testing/selftests/landlock/
Dfs_test.c374 /* Tests with denied-by-default access right. */ in TEST_F_FORK()
1064 * denied. in TEST_F_FORK()
1103 /* Checks read access is now denied with layer 7. */ in TEST_F_FORK()
1205 * now denied because the new rule mask the rule previously inherited in TEST_F_FORK()
1241 /* Readdir access is denied for dir_s1d2. */ in TEST_F_FORK()
1256 /* Readdir access is still denied for dir_s1d2. */ in TEST_F_FORK()
1409 /* Checks denied access (on a directory). */ in TEST_F_FORK()
1429 /* Checks denied access (on a directory). */ in TEST_F_FORK()
2071 * renames and links are denied, thus making the layer handling in refer_denied_by_default()
2106 * Tests precedence over renames: denied by default for different parent
[all …]
/Linux-v6.1/security/
Dcommoncap.c110 * information, returning 0 if permission granted, -ve if denied.
129 * Else denied.
132 * granted, -ve if denied.
166 * Else denied.
169 * process, returning 0 if permission is granted, -ve if denied.
992 * permission is granted, -ve if denied.
1027 * permission is granted, -ve if denied.
1201 * Return: 0 if permission is granted, -ve if denied.
1216 * Return: 0 if permission is granted, -ve if denied.
1231 * Return: 0 if permission is granted, -ve if denied.
/Linux-v6.1/tools/testing/selftests/damon/
D_chk_dependency.sh35 echo "Permission for reading $DBGFS/$f denied; maybe secureboot enabled?"
/Linux-v6.1/include/linux/sunrpc/
Dsvcauth.h103 * DENIED - authp holds reason for denial.
117 * DENIED - authp holds a reason for MSG_DENIED
/Linux-v6.1/drivers/nvme/host/
Dconstants.c79 [NVME_SC_OP_DENIED] = "Operation Denied",
155 [NVME_SC_ACCESS_DENIED] = "Access Denied",
/Linux-v6.1/drivers/gpu/drm/nouveau/nvkm/subdev/mmu/
Duvmm.c125 VMM_DEBUG(vmm, "denied %016llx: %d", addr, vma->busy); in nvkm_uvmm_mthd_unmap()
175 VMM_DEBUG(vmm, "denied %016llx: %d", addr, vma->busy); in nvkm_uvmm_mthd_map()
244 VMM_DEBUG(vmm, "denied %016llx: %d", addr, vma->busy); in nvkm_uvmm_mthd_put()
/Linux-v6.1/Documentation/ABI/testing/
Dsysfs-class-power-wilco26 be denied by Wilco EC when Long Life mode is enabled.
/Linux-v6.1/Documentation/userspace-api/
Dlandlock.rst41 actions will be denied. The ruleset then needs to handle both of these kind of
44 the need to be explicit about the denied-by-default access rights.
99 denied by the ruleset. To add ``/usr`` to the ruleset, we open it with the
348 :manpage:`pivot_root(2)`. However, :manpage:`chroot(2)` calls are not denied.
/Linux-v6.1/drivers/hid/amd-sfh-hid/hid_descriptor/
Damd_sfh_hid_report_desc.h72 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
127 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
239 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
294 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
400 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
467 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
573 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
619 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
706 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
732 0x0A, 0x05, 0x08, /* HID usage sensor state access denied sel */
/Linux-v6.1/Documentation/admin-guide/LSM/
DSmack.rst482 1. Any access requested by a task labeled "*" is denied.
492 7. Any other access is denied.
621 be denied otherwise. CAP_MAC_ADMIN allows a process to change
832 By default, all denied events will be audited. You can change this behavior by
836 1 : log denied (default)
838 3 : log denied & accepted

12345678