Home
last modified time | relevance | path

Searched refs:audit (Results 1 – 25 of 66) sorted by relevance

123

/Linux-v6.6/tools/perf/scripts/python/Perf-Trace-Util/lib/Perf/Trace/
DUtil.py54 import audit
56 'x86_64': audit.MACH_86_64,
57 'aarch64': audit.MACH_AARCH64,
58 'alpha' : audit.MACH_ALPHA,
59 'ia64' : audit.MACH_IA64,
60 'ppc' : audit.MACH_PPC,
61 'ppc64' : audit.MACH_PPC64,
62 'ppc64le' : audit.MACH_PPC64LE,
63 's390' : audit.MACH_S390,
64 's390x' : audit.MACH_S390X,
[all …]
/Linux-v6.6/Documentation/ABI/stable/
Dprocfs-audit_loginuid3 KernelVersion: 2.6.11-rc2 1e2d1492e178 ("[PATCH] audit: handle loginuid through proc")
4 Contact: linux-audit@redhat.com
5 Users: audit and login applications
8 read to get the audit login UID of process $pid as a
20 Contact: linux-audit@redhat.com
21 Users: audit and login applications
24 audit login session ID of process $pid as a decimal
/Linux-v6.6/arch/x86/ia32/
DMakefile6 audit-class-$(CONFIG_AUDIT) := audit.o
7 obj-$(CONFIG_IA32_EMULATION) += $(audit-class-y)
/Linux-v6.6/security/integrity/
Dintegrity_audit.c20 unsigned long audit; in integrity_audit_setup() local
22 if (!kstrtoul(str, 0, &audit)) in integrity_audit_setup()
23 integrity_audit_info = audit ? 1 : 0; in integrity_audit_setup()
/Linux-v6.6/security/apparmor/
Ddomain.c282 perms->audit = perms->quiet = perms->kill = 0; in change_profile_perms()
650 goto audit; in profile_transition()
672 goto audit; in profile_transition()
698 goto audit; in profile_transition()
711 audit: in profile_transition()
758 goto audit; in profile_onexec()
765 goto audit; in profile_onexec()
776 goto audit; in profile_onexec()
789 audit: in profile_onexec()
927 goto audit; in apparmor_bprm_creds_for_exec()
[all …]
Dfile.c111 u32 mask = perms->audit; in aa_audit_file()
321 goto audit; in profile_path_link()
327 goto audit; in profile_path_link()
336 goto audit; in profile_path_link()
345 lperms.audit = perms.audit; in profile_path_link()
352 goto audit; in profile_path_link()
371 goto audit; in profile_path_link()
377 goto audit; in profile_path_link()
383 audit: in profile_path_link()
Dmount.c140 u32 mask = perms->audit; in audit_mount()
173 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount()
320 goto audit; in match_mnt_path_str()
325 goto audit; in match_mnt_path_str()
334 goto audit; in match_mnt_path_str()
338 audit: in match_mnt_path_str()
588 goto audit; in profile_umount()
597 audit: in profile_umount()
653 goto audit; in build_pivotroot()
658 goto audit; in build_pivotroot()
[all …]
Dpolicy_compat.c118 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_fperms_user()
133 perms.audit = map_old_perms(dfa_other_audit(dfa, state)); in compute_fperms_other()
216 perms.audit = dfa_user_audit(dfa, state); in compute_perms_entry()
240 perms.audit |= map_other(dfa_other_audit(dfa, state)); in compute_perms_entry()
Dlib.c313 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms()
319 perms->audit = 0; in aa_apply_modes_to_perms()
396 request &= perms->audit; in aa_check_perms()
Dnet.c241 if (rules->secmark[i].audit) in aa_secmark_perm()
242 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm()
DMakefile6 apparmor-y := apparmorfs.o audit.o capability.o task.o ipc.o lib.o match.o \
Dcapability.c77 !cap_raised(rules->caps.audit, cap))) in audit_caps()
/Linux-v6.6/security/apparmor/include/
Dperms.h77 u32 audit; /* set only when allow is set */ member
109 accum->audit |= addend->audit & addend->allow; in aa_perms_accum_raw()
136 accum->audit |= addend->audit & accum->allow; in aa_perms_accum()
Dcapability.h30 kernel_cap_t audit; member
Dpolicy.h205 enum audit_mode audit; member
370 return profile->audit; in AUDIT_MODE()
Dnet.h84 u8 audit; member
Dfile.h109 #define COMBINED_PERM_MASK(X) ((X).allow | (X).audit | (X).quiet | (X).kill)
/Linux-v6.6/security/tomoyo/
DKconfig30 int "Default maximal count for audit log"
36 audit logs that the kernel can hold on memory.
37 You can read the log via /sys/kernel/security/tomoyo/audit.
38 If you don't need audit logs, you may set this value to 0.
DMakefile2 obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o …
/Linux-v6.6/arch/sparc/kernel/
DMakefile115 obj-$(CONFIG_AUDIT) += audit.o
116 audit--$(CONFIG_AUDIT) := compat_audit.o
117 obj-$(CONFIG_COMPAT) += $(audit--y)
/Linux-v6.6/tools/perf/Documentation/
Dsecurity.txt140 monitoring and observability operations. Inspect system audit records for
155 audit records using journalctl command or /var/log/audit/audit.log so the
163audit[1318098]: AVC avc: denied { open } for pid=1318098 comm="perf" scontext=unconfined_u:unco…
168 be generated using the system audit records about blocking perf_event access.
/Linux-v6.6/drivers/comedi/
DTODO5 - audit userspace interface
/Linux-v6.6/tools/perf/
Dcommand-list.txt34 perf-trace mainporcelain audit
/Linux-v6.6/arch/parisc/kernel/
DMakefile33 obj-$(CONFIG_AUDIT) += audit.o
/Linux-v6.6/arch/ia64/kernel/
DMakefile31 obj-$(CONFIG_AUDIT) += audit.o

123