| /linux/security/ |
| H A D | security.c | 993 * Return: Return 0 if permission is granted.
1007 * Return: Returns 0 if permission is granted.
1022 * Return: Returns 0 if permission is granted.
1038 * Return: Returns 0 if permission is granted.
1051 * Check permission before allowing the current process to trace the @child
1058 * Return: Returns 0 if permission is granted.
1069 * Check that the @parent process has sufficient permission to trace the
1073 * Return: Returns 0 if permission is granted.
1088 * @target process. The hook may also perform permission checking to determine
1113 * Return: Returns 0 and update @new if permission is granted.
[all …]
|
| /linux/fs/afs/ |
| H A D | afs.h | 110 #define AFS_ACE_READ 0x00000001U /* - permission to read a file/dir */
111 #define AFS_ACE_WRITE 0x00000002U /* - permission to write/chmod a file */
112 #define AFS_ACE_INSERT 0x00000004U /* - permission to create dirent in a dir */
113 #define AFS_ACE_LOOKUP 0x00000008U /* - permission to lookup a file/dir in a dir */
114 #define AFS_ACE_DELETE 0x00000010U /* - permission to delete a dirent from a dir */
115 #define AFS_ACE_LOCK 0x00000020U /* - permission to lock a file */
116 #define AFS_ACE_ADMINISTER 0x00000040U /* - permission to change ACL */
117 #define AFS_ACE_USER_A 0x01000000U /* - 'A' user-defined permission */
118 #define AFS_ACE_USER_B 0x02000000U /* - 'B' user-defined permission */
119 #define AFS_ACE_USER_C 0x04000000U /* - 'C' user-defined permission */
[all …]
|
| /linux/Documentation/arch/x86/ |
| H A D | xstate.rst | 49 has permission in userspace storage of type uint64_t. The second argument
56 ARCH_REQ_XCOMP_PERM allows to request permission for a dynamically enabled
63 When requesting permission for a feature, the kernel checks the
72 Permission, when granted, is valid per process. Permissions are inherited
77 permission to use the feature. If the process has no permission then the
78 kernel sends SIGILL to the application. If the process has permission then
123 explicitly ask permission to use it::
150 The permission for the guest state component needs to be managed separately
152 are extended to control the guest permission:
167 same semantics for the guest permission. While providing a similar
[all …]
|
| /linux/net/sunrpc/auth_gss/ |
| H A D | gss_krb5_unseal.c | 15 * Permission to use, copy, modify, distribute, and sell this software
18 * that both that copyright notice and this permission notice appear in
21 * without specific, written prior permission. OpenVision makes no
44 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
48 * this permission notice appear in supporting documentation, and that
51 * permission. FundsXpress makes no representations about the suitability of
|
| H A D | gss_krb5_seal.c | 16 * Permission to use, copy, modify, distribute, and sell this software
19 * that both that copyright notice and this permission notice appear in
22 * without specific, written prior permission. OpenVision makes no
45 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
49 * this permission notice appear in supporting documentation, and that
52 * permission. FundsXpress makes no representations about the suitability of
|
| /linux/security/apparmor/ |
| H A D | file.c | 176 * TODO: convert from dfa + state to permission entry
178 * Returns: a pointer to a file permission set
195 * aa_str_perms - find permission that match @name
199 * @cond: conditions to consider for permission set computation (NOT NULL)
295 * @link: link permission set
296 * @target: target permission set
371 /* Do link perm subset test requiring allowed permission on link are in profile_path_link()
402 * aa_path_link - Handle hard link permission check
409 * Handle the permission test for a link & target pair. Permission
410 * is encoded as a pair where the link permission is determined
[all …]
|
| H A D | policy_compat.c | 23 /* remap old accept table embedded permissions to separate permission table */
74 * @old: permission set in old mapping
76 * Returns: new permission mapping
146 * @size: Returns the permission table size
227 * supports treating policydb permission bits different. in compute_perms_entry()
279 * there is a permission table and the accept table is an index into
280 * the permission table.
|
| /linux/security/tomoyo/ |
| H A D | file.c | 241 * tomoyo_check_path_acl - Check permission for path operation.
268 * tomoyo_check_path_number_acl - Check permission for path number operation.
289 * tomoyo_check_path2_acl - Check permission for path path operation.
309 * tomoyo_check_mkdev_acl - Check permission for path number number number operation.
339 * Returns true if @a == @b except permission bits, false otherwise.
379 * @perm: Permission.
411 * Returns true if @a == @b except permission bits, false otherwise.
455 * @perm: Permission.
493 * Returns true if @a == @b except permission bits, false otherwise.
534 * @perm: Permission.
[all …]
|
| H A D | tomoyo.c | 97 * Execute permission is checked against pathname passed to execve() in tomoyo_bprm_check_security()
108 * Read permission is checked against interpreters using next domain. in tomoyo_bprm_check_security()
170 * @mode: DAC permission mode.
220 * @mode: DAC permission mode.
330 /* Don't check read permission here if called from execve(). */ in tomoyo_file_open()
357 * @mode: DAC permission mode.
447 * tomoyo_socket_listen - Check permission for listen().
460 * tomoyo_socket_connect - Check permission for connect().
475 * tomoyo_socket_bind - Check permission for bind().
490 * tomoyo_socket_sendmsg - Check permission for sendmsg().
|
| H A D | network.c | 190 * Returns true if @a == @b except permission bits, false otherwise.
209 * Returns true if @a == @b except permission bits, false otherwise.
412 * tomoyo_check_inet_acl - Check permission for inet domain socket operation.
442 * tomoyo_check_unix_acl - Check permission for unix domain socket operation.
461 * tomoyo_inet_entry - Check permission for INET network operation.
492 * tomoyo_check_inet_address - Check permission for inet domain socket's operation.
538 * tomoyo_unix_entry - Check permission for UNIX network operation.
585 * tomoyo_check_unix_address - Check permission for unix domain socket's operation.
644 * tomoyo_socket_listen_permission - Check permission for listening a socket.
678 * tomoyo_socket_connect_permission - Check permission for setting the remote address of a socket.
[all …]
|
| /linux/security/keys/ |
| H A D | keyctl.c | 156 * matching key. Keyrings must have appropriate Search permission to be
254 * The requested keyring must have search permission to be found.
282 * permission for it to be joined. Session keyrings without this permit will
318 * The key must grant the caller Write permission and the key type must support
370 * The key must be grant the caller Write or Setattr permission for this to
412 * The key must be grant the caller Invalidate permission for this to work.
464 * The keyring must grant the caller Write permission and not have
509 * The key must grant the caller Link permission and the keyring must grant
510 * the caller Write permission. Furthermore, if an additional link is created,
544 * The keyring must grant the caller Write permission for this to work; the key
[all …]
|
| /linux/security/selinux/include/ |
| H A D | avc.h | 75 * permission. Take notice that this is unrelated to the in avc_audit_required()
84 * permission was READ and the auditdeny checks were for in avc_audit_required()
112 * avc_has_perm() after a permission check, but can also be
114 * in order to separate the permission check from the auditing.
115 * For example, this separation is useful when the permission check must
|
| /linux/include/linux/ |
| H A D | key.h | 78 KEY_NEED_UNSPECIFIED, /* Needed permission unspecified */
79 KEY_NEED_VIEW, /* Require permission to view attributes */
80 KEY_NEED_READ, /* Require permission to read content */
81 KEY_NEED_WRITE, /* Require permission to update / modify */
82 KEY_NEED_SEARCH, /* Require permission to search (keyring) or find (key) */
83 KEY_NEED_LINK, /* Require permission to link */
84 KEY_NEED_SETATTR, /* Require permission to change attributes */
85 KEY_NEED_UNLINK, /* Require permission to unlink key */
88 KEY_DEFER_PERM_CHECK, /* Special: permission check is deferred */
233 #define KEY_FLAG_ROOT_CAN_CLEAR 4 /* set if key can be cleared by root without permission */
[all …]
|
| /linux/Documentation/filesystems/ |
| H A D | adfs.rst | 39 ownmask=nnn The permission mask for ADFS 'owner' permissions
41 othmask=nnn The permission mask for ADFS 'other' permissions
58 (In older versions, an 'execute' permission did exist, but this
59 does not hold the same meaning as the Linux 'execute' permission
92 You can therefore tailor the permission translation to whatever you
|
| /linux/fs/ |
| H A D | attr.c | 91 * permissions. On non-idmapped mounts or if permission checking is to be
118 * permissions. On non-idmapped mounts or if permission checking is to be
147 * in the given dentry. This includes the normal unix access permission
155 * permissions. On non-idmapped mounts or if permission checking is to be
215 /* User has permission for the change */ in setattr_prepare()
324 * in attr on idmapped mounts. Necessary permission checks to determine
326 * the correct idmapped mount permission helpers.
333 * permissions. On non-idmapped mounts or if permission checking is to be
383 * times are UTIME_NOW), then we need to check for write permission in may_setattr()
423 * permissions. On non-idmapped mounts or if permission checking is to be
[all …]
|
| /linux/drivers/net/ethernet/amd/xgbe/ |
| H A D | xgbe-ptp.c | 25 * permission notice:
33 * Product with Synopsys or any supplement thereto. Permission is hereby
41 * The above copyright notice and this permission notice shall be included
71 * derived from this software without specific prior written permission.
85 * permission notice:
93 * Product with Synopsys or any supplement thereto. Permission is hereby
101 * The above copyright notice and this permission notice shall be included
|
| H A D | xgbe-dcb.c | 25 * permission notice:
33 * Product with Synopsys or any supplement thereto. Permission is hereby
41 * The above copyright notice and this permission notice shall be included
71 * derived from this software without specific prior written permission.
85 * permission notice:
93 * Product with Synopsys or any supplement thereto. Permission is hereby
101 * The above copyright notice and this permission notice shall be included
|
| /linux/include/drm/ |
| H A D | drm_modeset_helper.h | 4 * Permission to use, copy, modify, distribute, and sell this software and its
7 * notice and this permission notice appear in supporting documentation, and
10 * written prior permission. The copyright holders make no representations
|
| H A D | drm_blend.h | 4 * Permission to use, copy, modify, distribute, and sell this software and its
7 * notice and this permission notice appear in supporting documentation, and
10 * written prior permission. The copyright holders make no representations
|
| /linux/arch/arm/mm/ |
| H A D | fsr-3level.c | 15 { do_bad, SIGBUS, 0, "reserved permission fault" },
16 { do_bad, SIGSEGV, SEGV_ACCERR, "level 1 permission fault" },
17 { do_page_fault, SIGSEGV, SEGV_ACCERR, "level 2 permission fault" },
18 { do_page_fault, SIGSEGV, SEGV_ACCERR, "level 3 permission fault" },
|
| H A D | fsr-2level.c | 20 { do_sect_fault, SIGSEGV, SEGV_ACCERR, "section permission fault" },
22 { do_page_fault, SIGSEGV, SEGV_ACCERR, "page permission fault" },
60 { do_sect_fault, SIGSEGV, SEGV_ACCERR, "section permission fault" },
62 { do_page_fault, SIGSEGV, SEGV_ACCERR, "page permission fault" },
|
| /linux/Documentation/security/keys/ |
| H A D | core.rst | 44 to it, subject to permission checking.
223 only recurse into nested keyrings that have search permission set.
228 keyring to a key, a process must have Write permission on the keyring and
229 Link permission on the key.
246 as well; SELinux is simply invoked after all basic permission checks have been
253 creation request. Tasks must be granted explicit permission to assign a
254 particular context to newly-created keys, using the "create" permission in the
284 The only keys included in the list are those that grant View permission to
389 type. The process must also have permission to write to the key to be able
396 does not have permission to write to the keyring.
[all …]
|
| /linux/ipc/ |
| H A D | util.c | 6 * Sep 1997 - Call suser() last after "normal" permission checks so we
24 * - perform initial checks (capabilities, auditing and permission,
215 * This means especially: permission checks, audit calls, allocation in ipc_idr_alloc()
266 * @new: new ipc permission set
353 * @ipcp: ipc permission set
392 * It adds a new entry if the key is not found and does some permission
545 * @ipcp: ipc permission set
546 * @flag: desired permission set
667 * @ops: operations to be called on ipc object creation, permission checks
684 * @in: the permission given as input.
[all …]
|
| /linux/arch/powerpc/include/asm/nohash/32/ |
| H A D | pte-85xx.h | 20 #define _PAGE_READ 0x00001 /* H: Read permission (SR) */
22 #define _PAGE_WRITE 0x00004 /* S: Write permission (SW) */
24 #define _PAGE_EXEC 0x00010 /* H: SX permission */
|
| /linux/fs/cachefiles/ |
| H A D | security.c | 33 pr_err("Security denies permission to nominate security context: error %d\n", in cachefiles_get_security_ID()
56 pr_err("Security denies permission to make dirs: error %d", in cachefiles_check_cache_dir()
63 pr_err("Security denies permission to create files: error %d", in cachefiles_check_cache_dir()
|