Lines Matching full:if
40 if (ad->iface.ns) { in audit_cb()
44 if (ad->name) { in audit_cb()
48 if (ad->iface.pos) in audit_cb()
54 * @new: profile if it has been allocated (MAYBE NULL)
69 if (e) in audit_iface()
72 if (new) in audit_iface()
90 if ((data->dents[AAFS_LOADDATA_REVISION])) { in __aa_loaddata_update()
103 if (l->size != r->size) in aa_rawdata_eq()
105 if (l->compressed_size != r->compressed_size) in aa_rawdata_eq()
107 if (aa_g_hash_policy && memcmp(l->hash, r->hash, aa_hash_size()) != 0) in aa_rawdata_eq()
121 if (ns) { in do_loaddata_free()
138 if (d) { in aa_loaddata_kref()
149 if (d == NULL) in aa_loaddata_alloc()
152 if (!d->data) { in aa_loaddata_alloc()
162 /* test if read will be in packed data bounds */
181 if (!aa_inbounds(e, sizeof(u16))) in aa_unpack_u16_chunk()
185 if (!aa_inbounds(e, size)) in aa_unpack_u16_chunk()
200 if (!aa_inbounds(e, 1)) in aa_unpack_X()
202 if (*(u8 *) e->pos != code) in aa_unpack_X()
216 * name @name. If @name is specified then there must be a matching
217 * name element in the stream. If @name is NULL any name element will be
223 * Returns: false if either match fails, the read head does not move
228 * May need to reset pos if name or type doesn't match in aa_unpack_nameX()
232 * Check for presence of a tagname, and if present name size in aa_unpack_nameX()
235 if (aa_unpack_X(e, AA_NAME)) { in aa_unpack_nameX()
238 /* if a name is specified it must match. otherwise skip tag */ in aa_unpack_nameX()
239 if (name && (!size || tag[size-1] != '\0' || strcmp(name, tag))) in aa_unpack_nameX()
241 } else if (name) { in aa_unpack_nameX()
242 /* if a name is specified and there is no name tag fail */ in aa_unpack_nameX()
246 /* now check if type code matches */ in aa_unpack_nameX()
247 if (aa_unpack_X(e, code)) in aa_unpack_nameX()
260 if (aa_unpack_nameX(e, AA_U8, name)) { in unpack_u8()
261 if (!aa_inbounds(e, sizeof(u8))) in unpack_u8()
263 if (data) in unpack_u8()
278 if (aa_unpack_nameX(e, AA_U32, name)) { in aa_unpack_u32()
279 if (!aa_inbounds(e, sizeof(u32))) in aa_unpack_u32()
281 if (data) in aa_unpack_u32()
297 if (aa_unpack_nameX(e, AA_U64, name)) { in aa_unpack_u64()
298 if (!aa_inbounds(e, sizeof(u64))) in aa_unpack_u64()
300 if (data) in aa_unpack_u64()
316 if (!aa_unpack_u32(e, &val, name)) in aa_unpack_cap_low()
326 if (!aa_unpack_u32(e, &val, name)) in aa_unpack_cap_high()
336 if (aa_unpack_nameX(e, AA_ARRAY, name)) { in aa_unpack_array()
337 if (!aa_inbounds(e, sizeof(u16))) in aa_unpack_array()
354 if (aa_unpack_nameX(e, AA_BLOB, name)) { in aa_unpack_blob()
356 if (!aa_inbounds(e, sizeof(u32))) in aa_unpack_blob()
360 if (aa_inbounds(e, (size_t) size)) { in aa_unpack_blob()
379 if (aa_unpack_nameX(e, AA_STRING, name)) { in aa_unpack_str()
381 if (size) { in aa_unpack_str()
383 if (src_str[size - 1] != 0) in aa_unpack_str()
404 if (!res) in aa_unpack_strdup()
408 if (!*string) { in aa_unpack_strdup()
423 * returns dfa or ERR_PTR or NULL if no dfa
432 if (size) { in unpack_dfa()
441 if (aa_g_paranoid_load) in unpack_dfa()
445 if (IS_ERR(dfa)) in unpack_dfa()
458 * Returns: true if table successfully unpacked or not present
466 if (aa_unpack_nameX(e, AA_STRUCT, "xtable")) { in unpack_trans_table()
470 if (!aa_unpack_array(e, NULL, &size)) in unpack_trans_table()
479 if (!table) in unpack_trans_table()
490 if (!size2) in unpack_trans_table()
494 if (isspace(*str)) in unpack_trans_table()
499 if (!str[j]) { in unpack_trans_table()
504 if (*str == ':') { in unpack_trans_table()
506 if (!str[1]) in unpack_trans_table()
514 if (c == 1) in unpack_trans_table()
516 else if (c > 1) in unpack_trans_table()
518 } else if (c) in unpack_trans_table()
522 if (!aa_unpack_nameX(e, AA_ARRAYEND, NULL)) in unpack_trans_table()
524 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_trans_table()
539 if (aa_unpack_nameX(e, AA_STRUCT, "xattrs")) { in unpack_xattrs()
543 if (!aa_unpack_array(e, NULL, &size)) in unpack_xattrs()
547 if (!profile->attach.xattrs) in unpack_xattrs()
550 if (!aa_unpack_strdup(e, &profile->attach.xattrs[i], NULL)) in unpack_xattrs()
553 if (!aa_unpack_nameX(e, AA_ARRAYEND, NULL)) in unpack_xattrs()
555 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_xattrs()
572 if (aa_unpack_nameX(e, AA_STRUCT, "secmark")) { in unpack_secmark()
573 if (!aa_unpack_array(e, NULL, &size)) in unpack_secmark()
578 if (!rules->secmark) in unpack_secmark()
584 if (!unpack_u8(e, &rules->secmark[i].audit, NULL)) in unpack_secmark()
586 if (!unpack_u8(e, &rules->secmark[i].deny, NULL)) in unpack_secmark()
588 if (!aa_unpack_strdup(e, &rules->secmark[i].label, NULL)) in unpack_secmark()
591 if (!aa_unpack_nameX(e, AA_ARRAYEND, NULL)) in unpack_secmark()
593 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_secmark()
600 if (rules->secmark) { in unpack_secmark()
617 if (aa_unpack_nameX(e, AA_STRUCT, "rlimits")) { in unpack_rlimits()
621 if (!aa_unpack_u32(e, &tmp, NULL)) in unpack_rlimits()
625 if (!aa_unpack_array(e, NULL, &size) || in unpack_rlimits()
631 if (!aa_unpack_u64(e, &tmp2, NULL)) in unpack_rlimits()
635 if (!aa_unpack_nameX(e, AA_ARRAYEND, NULL)) in unpack_rlimits()
637 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_rlimits()
651 if (version != 1) in unpack_perm()
681 if (aa_unpack_nameX(e, AA_STRUCT, "perms")) { in unpack_perms_table()
685 if (!aa_unpack_u32(e, &version, "version")) in unpack_perms_table()
687 if (!aa_unpack_array(e, NULL, &size)) in unpack_perms_table()
690 if (!*perms) in unpack_perms_table()
693 if (!unpack_perm(e, version, &(*perms)[i])) in unpack_perms_table()
696 if (!aa_unpack_nameX(e, AA_ARRAYEND, NULL)) in unpack_perms_table()
698 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_perms_table()
723 if (!pdb) in unpack_pdb()
727 if (size < 0) { in unpack_pdb()
735 if (pdb->perms) { in unpack_pdb()
738 if (aa_unpack_u32(e, &version, "permsv") && version > 2) in unpack_pdb()
748 if (IS_ERR(pdb->dfa)) { in unpack_pdb()
753 } else if (!pdb->dfa) { in unpack_pdb()
754 if (required_dfa) { in unpack_pdb()
760 * only unpack the following if a dfa is present in unpack_pdb()
765 if (!aa_unpack_u32(e, &pdb->start[0], "start")) in unpack_pdb()
768 if (!aa_unpack_u32(e, &pdb->start[AA_CLASS_FILE], "dfa_start")) { in unpack_pdb()
779 if (pdb->perms && !pdb->dfa->tables[YYTD_ID_ACCEPT2]) { in unpack_pdb()
786 if (!pdb->dfa->tables[YYTD_ID_ACCEPT2]) { in unpack_pdb()
798 if (!unpack_trans_table(e, &pdb->trans) && required_trans) { in unpack_pdb()
803 if (!pdb->dfa && pdb->trans.table) in unpack_pdb()
842 * NOTE: unpack profile sets audit struct if there is a failure
861 if (!aa_unpack_nameX(e, AA_STRUCT, "profile")) in unpack_profile()
863 if (!aa_unpack_str(e, &name, NULL)) in unpack_profile()
865 if (*name == '\0') in unpack_profile()
869 if (tmpns) { in unpack_profile()
870 if (!tmpname) { in unpack_profile()
875 if (!*ns_name) { in unpack_profile()
884 if (!profile) { in unpack_profile()
899 if (error) { in unpack_profile()
904 /* neither xmatch_len not xmatch_perms are optional if xmatch is set */ in unpack_profile()
905 if (profile->attach.xmatch->dfa) { in unpack_profile()
906 if (!aa_unpack_u32(e, &tmp, NULL)) { in unpack_profile()
912 if (!profile->attach.xmatch->perms) { in unpack_profile()
914 if (error) { in unpack_profile()
927 if (profile->signal < 1 || profile->signal > MAXMAPPED_SIG) { in unpack_profile()
932 if (!aa_unpack_nameX(e, AA_STRUCT, "flags")) { in unpack_profile()
937 if (!aa_unpack_u32(e, &tmp, NULL)) in unpack_profile()
939 if (tmp & PACKED_FLAG_HAT) in unpack_profile()
941 if (tmp & PACKED_FLAG_DEBUG1) in unpack_profile()
943 if (tmp & PACKED_FLAG_DEBUG2) in unpack_profile()
945 if (!aa_unpack_u32(e, &tmp, NULL)) in unpack_profile()
947 if (tmp == PACKED_MODE_COMPLAIN || (e->version & FORCE_COMPLAIN_FLAG)) { in unpack_profile()
949 } else if (tmp == PACKED_MODE_ENFORCE) { in unpack_profile()
951 } else if (tmp == PACKED_MODE_KILL) { in unpack_profile()
953 } else if (tmp == PACKED_MODE_UNCONFINED) { in unpack_profile()
956 } else if (tmp == PACKED_MODE_USER) { in unpack_profile()
961 if (!aa_unpack_u32(e, &tmp, NULL)) in unpack_profile()
963 if (tmp) in unpack_profile()
966 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_profile()
970 if (aa_unpack_u32(e, &profile->path_flags, "path_flags")) in unpack_profile()
974 /* set a default value if path_flags field is not present */ in unpack_profile()
978 if (!aa_unpack_cap_low(e, &rules->caps.allow, NULL)) in unpack_profile()
980 if (!aa_unpack_cap_low(e, &rules->caps.audit, NULL)) in unpack_profile()
982 if (!aa_unpack_cap_low(e, &rules->caps.quiet, NULL)) in unpack_profile()
984 if (!aa_unpack_cap_low(e, &tmpcap, NULL)) in unpack_profile()
988 if (aa_unpack_nameX(e, AA_STRUCT, "caps64")) { in unpack_profile()
990 if (!aa_unpack_cap_high(e, &rules->caps.allow, NULL)) in unpack_profile()
992 if (!aa_unpack_cap_high(e, &rules->caps.audit, NULL)) in unpack_profile()
994 if (!aa_unpack_cap_high(e, &rules->caps.quiet, NULL)) in unpack_profile()
996 if (!aa_unpack_cap_high(e, &tmpcap, NULL)) in unpack_profile()
998 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_profile()
1003 if (aa_unpack_nameX(e, AA_STRUCT, "capsx")) { in unpack_profile()
1005 if (!aa_unpack_cap_low(e, &rules->caps.extended, NULL)) in unpack_profile()
1007 if (!aa_unpack_cap_high(e, &rules->caps.extended, NULL)) in unpack_profile()
1009 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_profile()
1013 if (!unpack_xattrs(e, profile)) { in unpack_profile()
1018 if (!unpack_rlimits(e, rules)) { in unpack_profile()
1023 if (!unpack_secmark(e, rules)) { in unpack_profile()
1028 if (aa_unpack_nameX(e, AA_STRUCT, "policydb")) { in unpack_profile()
1033 if (error) in unpack_profile()
1036 if (aa_dfa_next(rules->policy->dfa, rules->policy->start[0], in unpack_profile()
1042 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) in unpack_profile()
1044 if (!rules->policy->perms) { in unpack_profile()
1047 if (error) { in unpack_profile()
1057 if (error) { in unpack_profile()
1059 } else if (rules->file->dfa) { in unpack_profile()
1060 if (!rules->file->perms) { in unpack_profile()
1062 if (error) { in unpack_profile()
1067 } else if (rules->policy->dfa && in unpack_profile()
1076 if (aa_unpack_nameX(e, AA_STRUCT, "data")) { in unpack_profile()
1079 if (!profile->data) { in unpack_profile()
1090 if (rhashtable_init(profile->data, ¶ms)) { in unpack_profile()
1097 if (!data) { in unpack_profile()
1106 if (data->size && !data->data) { in unpack_profile()
1113 if (rhashtable_insert_fast(profile->data, &data->head, in unpack_profile()
1123 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) { in unpack_profile()
1129 if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) { in unpack_profile()
1139 if (error == 0) in unpack_profile()
1142 if (*ns_name) { in unpack_profile()
1146 if (profile) in unpack_profile()
1148 else if (!name) in unpack_profile()
1160 * @ns: Returns - namespace if one is specified else NULL (NOT NULL)
1162 * Returns: error or 0 if header is good
1171 if (!aa_unpack_u32(e, &e->version, "version")) { in verify_header()
1172 if (required) { in verify_header()
1180 * if not specified use previous version in verify_header()
1183 if (VERSION_LT(e->version, v5) || VERSION_GT(e->version, v9)) { in verify_header()
1189 /* read the namespace if present */ in verify_header()
1190 if (aa_unpack_str(e, &name, "namespace")) { in verify_header()
1191 if (*name == '\0') { in verify_header()
1196 if (*ns && strcmp(*ns, name)) { in verify_header()
1199 } else if (!*ns) { in verify_header()
1201 if (!*ns) in verify_header()
1218 if (ACCEPT_TABLE(dfa)[i] >= table_size) in verify_dfa_accept_index()
1227 if (perm->allow & perm->deny) in verify_perm()
1229 if (perm->subtree & ~perm->allow) in verify_perm()
1231 if (perm->cond & (perm->allow | perm->deny)) in verify_perm()
1233 if (perm->kill & perm->allow) in verify_perm()
1235 if (perm->complain & (perm->allow | perm->deny)) in verify_perm()
1237 if (perm->prompt & (perm->allow | perm->deny)) in verify_perm()
1239 if (perm->complain & perm->prompt) in verify_perm()
1241 if (perm->hide & perm->allow) in verify_perm()
1253 if (!verify_perm(&pdb->perms[i])) in verify_perms()
1256 if ((pdb->perms[i].xindex & AA_X_TYPE_MASK) == AA_X_TABLE) { in verify_perms()
1258 if (xidx >= pdb->trans.size) in verify_perms()
1260 if (xmax < xidx) in verify_perms()
1263 if (pdb->perms[i].tag && pdb->perms[i].tag >= pdb->trans.size) in verify_perms()
1265 if (pdb->perms[i].label && in verify_perms()
1270 if (xmax == -1) { in verify_perms()
1272 } else if (pdb->trans.size > xmax + 1) { in verify_perms()
1273 if (!aa_resize_str_table(&pdb->trans, xmax + 1, GFP_KERNEL)) in verify_perms()
1283 * Returns: 0 if passes verification else error
1291 if (!rules) in verify_profile()
1294 if (rules->file->dfa && !verify_dfa_accept_index(rules->file->dfa, in verify_profile()
1301 if (rules->policy->dfa && in verify_profile()
1309 if (!verify_perms(rules->file)) { in verify_profile()
1314 if (!verify_perms(rules->policy)) { in verify_profile()
1319 if (!verify_perms(profile->attach.xmatch)) { in verify_profile()
1330 if (ent) { in aa_load_ent_free()
1342 if (ent) in aa_load_ent_alloc()
1360 if (!out) { in compress_zstd()
1366 if (!wksp) { in compress_zstd()
1372 if (!ctx) { in compress_zstd()
1378 if (zstd_is_error(out_len) || out_len >= slen) { in compress_zstd()
1383 if (is_vmalloc_addr(out)) { in compress_zstd()
1385 if (*dst) { in compress_zstd()
1392 * If the staging buffer was kmalloc'd, then using krealloc is in compress_zstd()
1399 if (!*dst) { in compress_zstd()
1407 if (ret) { in compress_zstd()
1428 if (aa_g_rawdata_compression_level != 0) { in compress_loaddata()
1432 if (error) { in compress_loaddata()
1436 if (udata != data->data) in compress_loaddata()
1448 * @ns: Returns namespace profile is in if specified else NULL (NOT NULL)
1454 * Returns: profile(s) on @lh else error pointer if fails to unpack
1473 if (error) in aa_unpack()
1478 if (IS_ERR(profile)) { in aa_unpack()
1484 if (error) in aa_unpack()
1487 if (aa_g_hash_policy) in aa_unpack()
1490 if (error) in aa_unpack()
1494 if (!ent) { in aa_unpack()
1505 if (aa_g_hash_policy) { in aa_unpack()
1507 if (IS_ERR(udata->hash)) { in aa_unpack()
1514 if (aa_g_export_binary) { in aa_unpack()
1516 if (error) in aa_unpack()