audit.c - OpenGrok cross reference for /linux/security/ipe/audit.c

Lines Matching +full:kernel +full:- +full:policy
1 // SPDX-License-Identifier: GPL-2.0
3  * Copyright (C) 2020-2024 Microsoft Corporation. All rights reserved.
14 #include "policy.h"
40 	"POLICY",
65  * audit_dmv_roothash() - audit the roothash of a dmverity_roothash property.
76  * audit_fsv_digest() - audit the digest of a fsverity_digest property.
87  * audit_rule() - audit an IPE policy rule.
95 	audit_log_format(ab, " rule=\"op=%s ", audit_op_names[r->op]);  in audit_rule()
97 	list_for_each_entry(ptr, &r->props, next) {  in audit_rule()
98 		switch (ptr->type) {  in audit_rule()
100 			audit_dmv_roothash(ab, ptr->value);  in audit_rule()
103 			audit_fsv_digest(ab, ptr->value);  in audit_rule()
106 			audit_log_format(ab, "%s", audit_prop_names[ptr->type]);  in audit_rule()
113 	audit_log_format(ab, "action=%s\"", ACTSTR(r->action));  in audit_rule()
117  * ipe_audit_match() - Audit a rule match in a policy evaluation.
129 	const char *op = audit_op_names[ctx->op];  in ipe_audit_match()
130 	char comm[sizeof(current->comm)];  in ipe_audit_match()
143 			 op, audit_hook_names[ctx->hook], READ_ONCE(enforce),  in ipe_audit_match()
147 	if (ctx->file) {  in ipe_audit_match()
148 		audit_log_d_path(ab, " path=", &ctx->file->f_path);  in ipe_audit_match()
149 		inode = file_inode(ctx->file);  in ipe_audit_match()
152 			audit_log_untrustedstring(ab, inode->i_sb->s_id);  in ipe_audit_match()
153 			audit_log_format(ab, " ino=%lu", inode->i_ino);  in ipe_audit_match()
174  * audit_policy() - Audit a policy's name, version and thumbprint to @ab.
177  * @p: Supplies a pointer to the policy to audit.
191 	desc->tfm = tfm;  in audit_policy()
200 	if (crypto_shash_update(desc, p->pkcs7, p->pkcs7len))  in audit_policy()
206 	audit_log_format(ab, audit_format, p->parsed->name,  in audit_policy()
207 			 p->parsed->version.major, p->parsed->version.minor,  in audit_policy()
208 			 p->parsed->version.rev);  in audit_policy()
217  * ipe_audit_policy_activation() - Audit a policy being activated.
218  * @op: Supplies a pointer to the previously activated policy to audit.
219  * @np: Supplies a pointer to the newly activated policy to audit.
236 		 * old active policy can be NULL if there is no kernel  in ipe_audit_policy_activation()
237 		 * built-in policy  in ipe_audit_policy_activation()
251  * ipe_audit_policy_load() - Audit a policy being loaded into the kernel.
252  * @p: Supplies a pointer to the policy to audit.
272  * ipe_audit_enforce() - Audit a change in IPE's enforcement state.
286 		  " enabled=1 old-enabled=1 lsm=ipe res=1",  in ipe_audit_enforce()
In current file

In project "undefined"

On Google
