Home
last modified time | relevance | path

Searched refs:audit (Results 1 – 25 of 62) sorted by relevance

123

/Linux-v6.1/tools/perf/scripts/python/Perf-Trace-Util/lib/Perf/Trace/
DUtil.py54 import audit
56 'x86_64': audit.MACH_86_64,
57 'alpha' : audit.MACH_ALPHA,
58 'ia64' : audit.MACH_IA64,
59 'ppc' : audit.MACH_PPC,
60 'ppc64' : audit.MACH_PPC64,
61 'ppc64le' : audit.MACH_PPC64LE,
62 's390' : audit.MACH_S390,
63 's390x' : audit.MACH_S390X,
64 'i386' : audit.MACH_X86,
[all …]
/Linux-v6.1/Documentation/ABI/stable/
Dprocfs-audit_loginuid3 KernelVersion: 2.6.11-rc2 1e2d1492e178 ("[PATCH] audit: handle loginuid through proc")
4 Contact: linux-audit@redhat.com
5 Users: audit and login applications
8 read to get the audit login UID of process $pid as a
20 Contact: linux-audit@redhat.com
21 Users: audit and login applications
24 audit login session ID of process $pid as a decimal
/Linux-v6.1/arch/x86/ia32/
DMakefile8 audit-class-$(CONFIG_AUDIT) := audit.o
9 obj-$(CONFIG_IA32_EMULATION) += $(audit-class-y)
/Linux-v6.1/security/apparmor/
Dlib.c294 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
300 perms->audit = 0; in aa_apply_modes_to_perms()
347 .audit = dfa_user_audit(dfa, state), in aa_compute_perms()
356 perms->audit |= map_other(dfa_other_audit(dfa, state)); in aa_compute_perms()
369 accum->audit |= addend->audit & addend->allow; in aa_perms_accum_raw()
388 accum->audit |= addend->audit & accum->allow; in aa_perms_accum()
455 request &= perms->audit; in aa_check_perms()
Dfile.c111 u32 mask = perms->audit; in aa_audit_file()
227 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in aa_compute_fperms()
232 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in aa_compute_fperms()
373 goto audit; in profile_path_link()
379 goto audit; in profile_path_link()
387 goto audit; in profile_path_link()
396 lperms.audit = perms.audit; in profile_path_link()
403 goto audit; in profile_path_link()
422 goto audit; in profile_path_link()
428 goto audit; in profile_path_link()
[all …]
Ddomain.c294 perms->audit = perms->quiet = perms->kill = 0; in change_profile_perms()
649 goto audit; in profile_transition()
671 goto audit; in profile_transition()
697 goto audit; in profile_transition()
710 audit: in profile_transition()
755 goto audit; in profile_onexec()
762 goto audit; in profile_onexec()
773 goto audit; in profile_onexec()
786 audit: in profile_onexec()
924 goto audit; in apparmor_bprm_creds_for_exec()
[all …]
Dmount.c140 u32 mask = perms->audit; in audit_mount()
173 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount()
218 .audit = dfa_user_audit(dfa, state), in compute_mnt_perms()
335 goto audit; in match_mnt_path_str()
340 goto audit; in match_mnt_path_str()
349 goto audit; in match_mnt_path_str()
353 audit: in match_mnt_path_str()
599 goto audit; in profile_umount()
608 audit: in profile_umount()
662 goto audit; in build_pivotroot()
[all …]
Dnet.c237 if (profile->secmark[i].audit) in aa_secmark_perm()
238 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
DMakefile6 apparmor-y := apparmorfs.o audit.o capability.o task.o ipc.o lib.o match.o \
Dcapability.c75 !cap_raised(profile->caps.audit, cap))) in audit_caps()
/Linux-v6.1/security/integrity/
Dintegrity_audit.c20 unsigned long audit; in integrity_audit_setup() local
22 if (!kstrtoul(str, 0, &audit)) in integrity_audit_setup()
23 integrity_audit_info = audit ? 1 : 0; in integrity_audit_setup()
/Linux-v6.1/security/tomoyo/
DKconfig32 int "Default maximal count for audit log"
38 audit logs that the kernel can hold on memory.
39 You can read the log via /sys/kernel/security/tomoyo/audit.
40 If you don't need audit logs, you may set this value to 0.
DMakefile2 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
/Linux-v6.1/arch/sparc/kernel/
DMakefile115 obj-$(CONFIG_AUDIT) += audit.o
116 audit--$(CONFIG_AUDIT) := compat_audit.o
117 obj-$(CONFIG_COMPAT) += $(audit--y)
/Linux-v6.1/tools/perf/Documentation/
Dsecurity.txt140 monitoring and observability operations. Inspect system audit records for
155 audit records using journalctl command or /var/log/audit/audit.log so the
163audit[1318098]: AVC avc: denied { open } for pid=1318098 comm="perf" scontext=unconfined_u:unco…
168 be generated using the system audit records about blocking perf_event access.
/Linux-v6.1/security/apparmor/include/
Dcapability.h30 kernel_cap_t audit; member
Dpolicy.h143 enum audit_mode audit; member
305 return profile->audit; in AUDIT_MODE()
Dnet.h83 u8 audit; member
Dperms.h68 u32 audit; /* set only when allow is set */ member
Dfile.h109 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
/Linux-v6.1/drivers/comedi/
DTODO5 - audit userspace interface
/Linux-v6.1/tools/perf/
Dcommand-list.txt34 perf-trace mainporcelain audit
/Linux-v6.1/arch/parisc/kernel/
DMakefile30 obj-$(CONFIG_AUDIT) += audit.o
/Linux-v6.1/arch/ia64/kernel/
DMakefile31 obj-$(CONFIG_AUDIT) += audit.o
/Linux-v6.1/arch/s390/kernel/
DMakefile53 obj-$(CONFIG_AUDIT) += audit.o

123