| /Linux-v4.19/security/apparmor/ |
| D | file.c | 105 int aa_audit_file(struct aa_profile *profile, struct aa_perms *perms, in aa_audit_file() argument
124 u32 mask = perms->audit; in aa_audit_file()
137 aad(&sa)->request = aad(&sa)->request & ~perms->allow; in aa_audit_file()
140 if (aad(&sa)->request & perms->kill) in aa_audit_file()
144 if ((aad(&sa)->request & perms->quiet) && in aa_audit_file()
147 aad(&sa)->request &= ~perms->quiet; in aa_audit_file()
153 aad(&sa)->denied = aad(&sa)->request & ~perms->allow; in aa_audit_file()
236 struct aa_perms perms = { }; in aa_compute_fperms() local
239 perms.allow = map_old_perms(dfa_user_allow(dfa, state)); in aa_compute_fperms()
240 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in aa_compute_fperms()
[all …]
|
| D | lib.c | 292 void aa_apply_modes_to_perms(struct aa_profile *profile, struct aa_perms *perms) in aa_apply_modes_to_perms() argument
296 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
299 perms->quiet = 0; in aa_apply_modes_to_perms()
302 perms->audit = 0; in aa_apply_modes_to_perms()
305 perms->quiet = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
310 perms->kill = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
312 perms->complain = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
328 struct aa_perms *perms) in aa_compute_perms() argument
330 *perms = (struct aa_perms) { in aa_compute_perms()
339 perms->allow |= map_other(dfa_other_allow(dfa, state)); in aa_compute_perms()
[all …]
|
| D | domain.c | 139 struct aa_perms *perms) in label_compound_match() argument
156 *perms = allperms; in label_compound_match()
168 *perms = aa_compute_fperms(profile->file.dfa, state, &cond); in label_compound_match()
169 aa_apply_modes_to_perms(profile, perms); in label_compound_match()
170 if ((perms->allow & request) != request) in label_compound_match()
176 *perms = nullperms; in label_compound_match()
199 struct aa_perms *perms) in label_components_match() argument
223 aa_perms_accum(perms, &tmp); in label_components_match()
232 aa_perms_accum(perms, &tmp); in label_components_match()
235 if ((perms->allow & request) != request) in label_components_match()
[all …]
|
| D | mount.c | 137 struct aa_perms *perms, const char *info, int error) in audit_mount() argument
143 u32 mask = perms->audit; in audit_mount()
156 request = request & ~perms->allow; in audit_mount()
158 if (request & perms->kill) in audit_mount()
162 if ((request & perms->quiet) && in audit_mount()
165 request &= ~perms->quiet; in audit_mount()
176 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount()
219 struct aa_perms perms = { in compute_mnt_perms() local
226 return perms; in compute_mnt_perms()
245 void *data, bool binary, struct aa_perms *perms) in do_match_mnt() argument
[all …]
|
| D | ipc.c | 73 struct aa_perms perms = { }; in profile_ptrace_perm() local
77 &perms); in profile_ptrace_perm()
78 aa_apply_modes_to_perms(profile, &perms); in profile_ptrace_perm()
79 return aa_check_perms(profile, &perms, request, sa, audit_ptrace_cb); in profile_ptrace_perm()
194 struct aa_perms perms; in profile_signal_perm() local
206 aa_label_match(profile, peer, state, false, request, &perms); in profile_signal_perm()
207 aa_apply_modes_to_perms(profile, &perms); in profile_signal_perm()
208 return aa_check_perms(profile, &perms, request, sa, audit_signal_cb); in profile_signal_perm()
|
| D | net.c | 112 struct aa_perms perms = { }; in aa_profile_af_perm() local
129 aa_compute_perms(profile->policy.dfa, state, &perms); in aa_profile_af_perm()
130 aa_apply_modes_to_perms(profile, &perms); in aa_profile_af_perm()
132 return aa_check_perms(profile, &perms, request, sa, audit_net_cb); in aa_profile_af_perm()
|
| D | label.c | 1280 struct aa_perms *perms) in label_compound_match() argument
1296 *perms = allperms; in label_compound_match()
1308 aa_compute_perms(profile->policy.dfa, state, perms); in label_compound_match()
1309 aa_apply_modes_to_perms(profile, perms); in label_compound_match()
1310 if ((perms->allow & request) != request) in label_compound_match()
1316 *perms = nullperms; in label_compound_match()
1338 struct aa_perms *perms) in label_components_match() argument
1361 aa_perms_accum(perms, &tmp); in label_components_match()
1370 aa_perms_accum(perms, &tmp); in label_components_match()
1373 if ((perms->allow & request) != request) in label_components_match()
[all …]
|
| /Linux-v4.19/security/apparmor/include/ |
| D | file.h | 160 int aa_audit_file(struct aa_profile *profile, struct aa_perms *perms,
188 struct aa_perms *perms);
192 int flags, struct aa_perms *perms);
220 u32 perms = 0; in aa_map_file_to_perms() local
223 perms |= MAY_WRITE; in aa_map_file_to_perms()
225 perms |= MAY_READ; in aa_map_file_to_perms()
227 if ((flags & O_APPEND) && (perms & MAY_WRITE)) in aa_map_file_to_perms()
228 perms = (perms & ~MAY_WRITE) | MAY_APPEND; in aa_map_file_to_perms()
231 perms |= MAY_WRITE; in aa_map_file_to_perms()
233 perms |= AA_MAY_CREATE; in aa_map_file_to_perms()
[all …]
|
| D | perms.h | 147 struct aa_perms *perms);
149 struct aa_perms *perms);
153 int type, u32 request, struct aa_perms *perms);
157 int aa_check_perms(struct aa_profile *profile, struct aa_perms *perms,
|
| /Linux-v4.19/drivers/soc/qcom/ |
| D | rmtfs_mem.c | 41 unsigned int perms; member
156 struct qcom_scm_vmperm perms[2]; in qcom_rmtfs_mem_probe() local
215 perms[0].vmid = QCOM_SCM_VMID_HLOS; in qcom_rmtfs_mem_probe()
216 perms[0].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
217 perms[1].vmid = vmid; in qcom_rmtfs_mem_probe()
218 perms[1].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe()
220 rmtfs_mem->perms = BIT(QCOM_SCM_VMID_HLOS); in qcom_rmtfs_mem_probe()
222 &rmtfs_mem->perms, perms, 2); in qcom_rmtfs_mem_probe()
246 if (rmtfs_mem->perms) { in qcom_rmtfs_mem_remove()
251 &rmtfs_mem->perms, &perm, 1); in qcom_rmtfs_mem_remove()
|
| /Linux-v4.19/scripts/selinux/genheaders/ |
| D | genheaders.c | 16 const char *perms[sizeof(unsigned) * 8 + 1]; member
70 for (j = 0; map->perms[j]; j++) in main()
71 map->perms[j] = stoupperx(map->perms[j]); in main()
132 for (j = 0; map->perms[j]; j++) { in main()
135 map->name, map->perms[j]); in main()
139 map->perms[j]); in main()
140 for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++) in main()
|
| /Linux-v4.19/arch/arm/mm/ |
| D | init.c | 676 void set_section_perms(struct section_perm *perms, int n, bool set, in set_section_perms() argument
686 if (!IS_ALIGNED(perms[i].start, SECTION_SIZE) || in set_section_perms()
687 !IS_ALIGNED(perms[i].end, SECTION_SIZE)) { in set_section_perms()
689 perms[i].name, perms[i].start, perms[i].end, in set_section_perms()
694 for (addr = perms[i].start; in set_section_perms()
695 addr < perms[i].end; in set_section_perms()
697 section_update(addr, perms[i].mask, in set_section_perms()
698 set ? perms[i].prot : perms[i].clear, mm); in set_section_perms()
708 static void update_sections_early(struct section_perm perms[], int n) in update_sections_early() argument
716 set_section_perms(perms, n, true, s->mm); in update_sections_early()
[all …]
|
| /Linux-v4.19/fs/orangefs/ |
| D | orangefs-utils.c | 105 if (attrs->perms & ORANGEFS_O_EXECUTE) in orangefs_inode_perms()
107 if (attrs->perms & ORANGEFS_O_WRITE) in orangefs_inode_perms()
109 if (attrs->perms & ORANGEFS_O_READ) in orangefs_inode_perms()
112 if (attrs->perms & ORANGEFS_G_EXECUTE) in orangefs_inode_perms()
114 if (attrs->perms & ORANGEFS_G_WRITE) in orangefs_inode_perms()
116 if (attrs->perms & ORANGEFS_G_READ) in orangefs_inode_perms()
119 if (attrs->perms & ORANGEFS_U_EXECUTE) in orangefs_inode_perms()
121 if (attrs->perms & ORANGEFS_U_WRITE) in orangefs_inode_perms()
123 if (attrs->perms & ORANGEFS_U_READ) in orangefs_inode_perms()
126 if (attrs->perms & ORANGEFS_G_SGID) in orangefs_inode_perms()
[all …]
|
| /Linux-v4.19/fs/nfsd/ |
| D | nfs4acl.c | 431 struct posix_ace_state perms; member
526 low_mode_from_nfs4(state->users->aces[i].perms.allow, in posix_state_to_acl()
529 add_to_mask(state, &state->users->aces[i].perms); in posix_state_to_acl()
540 low_mode_from_nfs4(state->groups->aces[i].perms.allow, in posix_state_to_acl()
543 add_to_mask(state, &state->groups->aces[i].perms); in posix_state_to_acl()
582 a->aces[i].perms.allow = state->everyone.allow; in find_uid()
583 a->aces[i].perms.deny = state->everyone.deny; in find_uid()
599 a->aces[i].perms.allow = state->everyone.allow; in find_gid()
600 a->aces[i].perms.deny = state->everyone.deny; in find_gid()
610 deny_bits(&a->aces[i].perms, mask); in deny_bits_array()
[all …]
|
| /Linux-v4.19/fs/hfsplus/ |
| D | catalog.c | 81 void hfsplus_cat_set_perms(struct inode *inode, struct hfsplus_perm *perms) in hfsplus_cat_set_perms() argument
84 perms->rootflags |= HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
86 perms->rootflags &= ~HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms()
88 perms->rootflags |= HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
90 perms->rootflags &= ~HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms()
92 perms->userflags = HFSPLUS_I(inode)->userflags; in hfsplus_cat_set_perms()
93 perms->mode = cpu_to_be16(inode->i_mode); in hfsplus_cat_set_perms()
94 perms->owner = cpu_to_be32(i_uid_read(inode)); in hfsplus_cat_set_perms()
95 perms->group = cpu_to_be32(i_gid_read(inode)); in hfsplus_cat_set_perms()
98 perms->dev = cpu_to_be32(inode->i_nlink); in hfsplus_cat_set_perms()
[all …]
|
| D | inode.c | 182 struct hfsplus_perm *perms, int dir) in hfsplus_get_perms() argument
187 mode = be16_to_cpu(perms->mode); in hfsplus_get_perms()
189 i_uid_write(inode, be32_to_cpu(perms->owner)); in hfsplus_get_perms()
193 i_gid_write(inode, be32_to_cpu(perms->group)); in hfsplus_get_perms()
204 HFSPLUS_I(inode)->userflags = perms->userflags; in hfsplus_get_perms()
205 if (perms->rootflags & HFSPLUS_FLG_IMMUTABLE) in hfsplus_get_perms()
209 if (perms->rootflags & HFSPLUS_FLG_APPEND) in hfsplus_get_perms()
|
| /Linux-v4.19/scripts/selinux/mdp/ |
| D | mdp.c | 46 const char *perms[sizeof(unsigned) * 8 + 1]; member
92 for (j = 0; map->perms[j]; j++) in main()
93 fprintf(fout, "\t%s\n", map->perms[j]); in main()
|
| /Linux-v4.19/include/linux/ |
| D | kernel.h | 1024 #define VERIFY_OCTAL_PERMISSIONS(perms) \ argument
1025 (BUILD_BUG_ON_ZERO((perms) < 0) + \
1026 BUILD_BUG_ON_ZERO((perms) > 0777) + \
1028 BUILD_BUG_ON_ZERO((((perms) >> 6) & 4) < (((perms) >> 3) & 4)) + \
1029 BUILD_BUG_ON_ZERO((((perms) >> 3) & 4) < ((perms) & 4)) + \
1031 BUILD_BUG_ON_ZERO((((perms) >> 6) & 2) < (((perms) >> 3) & 2)) + \
1033 BUILD_BUG_ON_ZERO((perms) & 2) + \
1034 (perms))
|
| /Linux-v4.19/tools/testing/selftests/vm/ |
| D | mlock2.h | 31 char perms[5]; in seek_to_smaps_entry() local
45 &start, &end, perms, &offset, dev, &inode, path) < 6) in seek_to_smaps_entry()
|
| /Linux-v4.19/security/selinux/include/ |
| D | security.h | 202 #define security_xperm_set(perms, x) (perms[x >> 5] |= 1 << (x & 0x1f)) argument
203 #define security_xperm_test(perms, x) (1 & (perms[x >> 5] >> (x & 0x1f))) argument
315 char *class, char ***perms, int *nperms);
|
| D | avc_ss.h | 18 const char *perms[sizeof(u32) * 8 + 1]; member
|
| /Linux-v4.19/security/selinux/ |
| D | avc.c | 139 const char **perms; in avc_dump_av() local
148 perms = secclass_map[tclass-1].perms; in avc_dump_av()
154 if ((perm & av) && perms[i]) { in avc_dump_av()
155 audit_log_format(ab, " %s", perms[i]); in avc_dump_av()
848 u32 event, u32 perms, u8 driver, u8 xperm, u32 ssid, in avc_update_node() argument
905 node->ae.avd.allowed |= perms; in avc_update_node()
911 node->ae.avd.allowed &= ~perms; in avc_update_node()
914 node->ae.avd.auditallow |= perms; in avc_update_node()
917 node->ae.avd.auditallow &= ~perms; in avc_update_node()
920 node->ae.avd.auditdeny |= perms; in avc_update_node()
[all …]
|
| /Linux-v4.19/tools/testing/selftests/mqueue/ |
| D | mq_open_tests.c | 203 int perms = DEFFILEMODE; in test_queue() local
205 if ((queue = mq_open(queue_path, flags, perms, attr)) == -1) in test_queue()
225 int perms = DEFFILEMODE; in test_queue_fail() local
227 if ((queue = mq_open(queue_path, flags, perms, attr)) == -1) in test_queue_fail()
|
| /Linux-v4.19/security/selinux/ss/ |
| D | avtab.c | 400 __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; in avtab_read_item()
527 rc = next_entry(buf32, fp, sizeof(u32)*ARRAY_SIZE(xperms.perms.p)); in avtab_read_item()
532 for (i = 0; i < ARRAY_SIZE(xperms.perms.p); i++) in avtab_read_item()
533 xperms.perms.p[i] = le32_to_cpu(buf32[i]); in avtab_read_item()
604 __le32 buf32[ARRAY_SIZE(cur->datum.u.xperms->perms.p)]; in avtab_write_item()
623 for (i = 0; i < ARRAY_SIZE(cur->datum.u.xperms->perms.p); i++) in avtab_write_item()
624 buf32[i] = cpu_to_le32(cur->datum.u.xperms->perms.p[i]); in avtab_write_item()
626 ARRAY_SIZE(cur->datum.u.xperms->perms.p), fp); in avtab_write_item()
|
| D | services.c | 149 while (p_in->perms[k]) { in selinux_set_mapping()
151 if (!*p_in->perms[k]) { in selinux_set_mapping()
155 p_out->perms[k] = string_to_av_perm(pol, p_out->value, in selinux_set_mapping()
156 p_in->perms[k]); in selinux_set_mapping()
157 if (!p_out->perms[k]) { in selinux_set_mapping()
159 p_in->perms[k], p_in->name); in selinux_set_mapping()
219 if (avd->allowed & mapping->perms[i]) in map_decision()
221 if (allow_unknown && !mapping->perms[i]) in map_decision()
227 if (avd->auditallow & mapping->perms[i]) in map_decision()
232 if (avd->auditdeny & mapping->perms[i]) in map_decision()
[all …]
|
