| /linux/security/apparmor/ |
| H A D | policy_compat.c | 100 static void compute_fperms_allow(struct aa_perms *perms, struct aa_dfa *dfa, in compute_fperms_allow() argument 103 perms->allow |= AA_MAY_GETATTR; in compute_fperms_allow() 107 perms->allow |= AA_MAY_CHANGE_PROFILE; in compute_fperms_allow() 109 perms->allow |= AA_MAY_ONEXEC; in compute_fperms_allow() 115 struct aa_perms perms = { }; in compute_fperms_user() local 117 perms.allow = map_old_perms(dfa_user_allow(dfa, state)); in compute_fperms_user() 118 perms.audit = map_old_perms(dfa_user_audit(dfa, state)); in compute_fperms_user() 119 perms.quiet = map_old_perms(dfa_user_quiet(dfa, state)); in compute_fperms_user() 120 perms.xindex = dfa_user_xindex(dfa, state); in compute_fperms_user() 122 compute_fperms_allow(&perms, dfa, state); in compute_fperms_user() [all …]
|
| H A D | file.c | 96 struct aa_profile *profile, struct aa_perms *perms, in aa_audit_file() argument 106 ad.tags = perms->tag; in aa_audit_file() 116 u32 mask = perms->audit; in aa_audit_file() 129 ad.request = ad.request & ~perms->allow; in aa_audit_file() 132 if (ad.request & perms->kill) in aa_audit_file() 136 if ((ad.request & perms->quiet) && in aa_audit_file() 139 ad.request &= ~perms->quiet; in aa_audit_file() 145 ad.denied = ad.request & ~perms->allow; in aa_audit_file() 192 if (!(rules->perms)) in aa_lookup_condperms() 197 return &(rules->perms[index]); in aa_lookup_condperms() [all …]
|
| H A D | domain.c | 131 struct aa_perms *perms) in label_compound_match() argument 149 *perms = allperms; in label_compound_match() 161 *perms = *(aa_lookup_condperms(current_fsuid(), rules->file, state, in label_compound_match() 163 aa_apply_modes_to_perms(profile, perms); in label_compound_match() 164 if ((perms->allow & request) != request) in label_compound_match() 170 *perms = nullperms; in label_compound_match() 193 struct aa_perms *perms) in label_components_match() argument 219 aa_perms_accum(perms, &tmp); in label_components_match() 229 aa_perms_accum(perms, &tmp); in label_components_match() 232 if ((perms->allow & request) != request) in label_components_match() [all …]
|
| H A D | lib.c | 363 void aa_apply_modes_to_perms(struct aa_profile *profile, struct aa_perms *perms) in aa_apply_modes_to_perms() argument 367 perms->audit = ALL_PERMS_MASK; in aa_apply_modes_to_perms() 370 perms->quiet = 0; in aa_apply_modes_to_perms() 373 perms->audit = 0; in aa_apply_modes_to_perms() 376 perms->quiet = ALL_PERMS_MASK; in aa_apply_modes_to_perms() 381 perms->kill = ALL_PERMS_MASK; in aa_apply_modes_to_perms() 383 perms->complain = ALL_PERMS_MASK; in aa_apply_modes_to_perms() 385 perms->prompt = ALL_PERMS_MASK; in aa_apply_modes_to_perms() 391 int type, u32 request, struct aa_perms *perms) in aa_profile_match_label() argument 399 aa_label_match(profile, rules, label, state, false, request, perms); in aa_profile_match_label() [all …]
|
| H A D | capability.c | 130 struct aa_perms perms = { }; in profile_capable() local 136 perms = *aa_lookup_perms(rules->policy, state); in profile_capable() 137 aa_apply_modes_to_perms(profile, &perms); in profile_capable() 140 if (perms.complain & request) in profile_capable() 145 return aa_check_perms(profile, &perms, request, ad, in profile_capable() 206 struct aa_perms perms = { }; in aa_profile_capget() local 210 perms = *aa_lookup_perms(rules->policy, tmp); in aa_profile_capget() 211 aa_apply_modes_to_perms(profile, &perms); in aa_profile_capget() 212 caps.val |= ((u64)(perms.allow)) << (i * 5); in aa_profile_capget() 213 caps.val |= ((u64)(perms.complain)) << (i * 5); in aa_profile_capget()
|
| H A D | mount.c | 139 struct aa_perms *perms, const char *info, int error) in audit_mount() argument 145 u32 mask = perms->audit; in audit_mount() 158 request = request & ~perms->allow; in audit_mount() 160 if (request & perms->kill) in audit_mount() 164 if ((request & perms->quiet) && in audit_mount() 167 request &= ~perms->quiet; in audit_mount() 179 if (data && (perms->audit & AA_AUDIT_DATA)) in audit_mount() 229 void *data, bool binary, struct aa_perms *perms) in do_match_mnt() argument 235 AA_BUG(!policy->perms); in do_match_mnt() 236 AA_BUG(!perms); in do_match_mnt() [all …]
|
| H A D | task.c | 233 struct aa_perms perms = { }; in profile_ptrace_perm() local 238 &perms); in profile_ptrace_perm() 239 aa_apply_modes_to_perms(profile, &perms); in profile_ptrace_perm() 240 return aa_check_perms(profile, &perms, request, ad, audit_ptrace_cb); in profile_ptrace_perm() 351 struct aa_perms perms = { }; in aa_profile_ns_perm() local 365 perms = *aa_lookup_perms(rules->policy, state); in aa_profile_ns_perm() 366 aa_apply_modes_to_perms(profile, &perms); in aa_profile_ns_perm() 367 error = aa_check_perms(profile, &perms, request, ad, in aa_profile_ns_perm()
|
| H A D | net.c | 169 struct aa_perms perms; in aa_do_perms() local 177 perms = *p; in aa_do_perms() 178 aa_apply_modes_to_perms(profile, &perms); in aa_do_perms() 179 return aa_check_perms(profile, &perms, request, ad, in aa_do_perms() 365 struct aa_perms perms = { }; in aa_secmark_perm() local 381 perms.deny = ALL_PERMS_MASK; in aa_secmark_perm() 383 perms.allow = ALL_PERMS_MASK; in aa_secmark_perm() 386 perms.audit = ALL_PERMS_MASK; in aa_secmark_perm() 390 aa_apply_modes_to_perms(profile, &perms); in aa_secmark_perm() 392 return aa_check_perms(profile, &perms, request, ad, audit_net_cb); in aa_secmark_perm()
|
| H A D | ipc.c | 84 struct aa_perms perms; in profile_signal_perm() local 97 aa_label_match(profile, rules, peer, state, false, request, &perms); in profile_signal_perm() 98 aa_apply_modes_to_perms(profile, &perms); in profile_signal_perm() 99 return aa_check_perms(profile, &perms, request, ad, audit_signal_cb); in profile_signal_perm()
|
| H A D | policy_unpack.c | 906 static ssize_t unpack_perms_table(struct aa_ext *e, struct aa_perms **perms) in unpack_perms_table() argument 911 AA_BUG(!perms); in unpack_perms_table() 924 *perms = kzalloc_objs(struct aa_perms, size); in unpack_perms_table() 925 if (!*perms) { in unpack_perms_table() 930 if (!unpack_perm(e, version, &(*perms)[i])) in unpack_perms_table() 938 *perms = NULL; in unpack_perms_table() 943 kfree(*perms); in unpack_perms_table() 968 size = unpack_perms_table(e, &pdb->perms); in unpack_pdb() 971 pdb->perms = NULL; in unpack_pdb() 977 if (pdb->perms) { in unpack_pdb() [all …]
|
| H A D | label.c | 1291 struct aa_perms *perms) in label_compound_match() argument 1307 *perms = allperms; in label_compound_match() 1319 *perms = *aa_lookup_perms(rules->policy, state); in label_compound_match() 1323 *perms = nullperms; in label_compound_match() 1347 struct aa_perms *perms) in label_components_match() argument 1369 aa_perms_accum(perms, &tmp); in label_components_match() 1377 aa_perms_accum(perms, &tmp); in label_components_match() 1380 if ((perms->allow & request) != request) in label_components_match() 1386 *perms = nullperms; in label_components_match() 1404 u32 request, struct aa_perms *perms) in aa_label_match() argument [all …]
|
| /linux/security/apparmor/include/ |
| H A D | file.h | 75 struct aa_profile *profile, struct aa_perms *perms, 85 struct aa_perms *perms); 90 struct aa_perms *perms); 115 u32 perms = 0; in aa_map_file_to_perms() local 118 perms |= MAY_WRITE; in aa_map_file_to_perms() 120 perms |= MAY_READ; in aa_map_file_to_perms() 122 if ((flags & O_APPEND) && (perms & MAY_WRITE)) in aa_map_file_to_perms() 123 perms = (perms & ~MAY_WRITE) | MAY_APPEND; in aa_map_file_to_perms() 126 perms |= MAY_WRITE; in aa_map_file_to_perms() 128 perms |= AA_MAY_CREATE; in aa_map_file_to_perms() [all …]
|
| /linux/drivers/s390/crypto/ |
| H A D | zcrypt_api.c | 123 struct ap_perms perms; member 168 for (i = 0; i < sizeof(zcdndev->perms.ioctlm) / sizeof(long); i++) in ioctlmask_show() 169 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.ioctlm[i]); in ioctlmask_show() 184 rc = ap_parse_mask_str(buf, zcdndev->perms.ioctlm, in ioctlmask_store() 205 for (i = 0; i < sizeof(zcdndev->perms.apm) / sizeof(long); i++) in apmask_show() 206 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.apm[i]); in apmask_show() 221 rc = ap_parse_mask_str(buf, zcdndev->perms.apm, in apmask_store() 242 for (i = 0; i < sizeof(zcdndev->perms.aqm) / sizeof(long); i++) in aqmask_show() 243 n += sysfs_emit_at(buf, n, "%016lx", zcdndev->perms.aqm[i]); in aqmask_show() 258 rc = ap_parse_mask_str(buf, zcdndev->perms.aqm, in aqmask_store() [all …]
|
| /linux/drivers/soc/qcom/ |
| H A D | rmtfs_mem.c | 34 u64 perms; member 174 struct qcom_scm_vmperm perms[NUM_MAX_VMIDS + 1]; in qcom_rmtfs_mem_probe() local 264 perms[0].vmid = QCOM_SCM_VMID_HLOS; in qcom_rmtfs_mem_probe() 265 perms[0].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe() 268 perms[i + 1].vmid = vmid[i]; in qcom_rmtfs_mem_probe() 269 perms[i + 1].perm = QCOM_SCM_PERM_RW; in qcom_rmtfs_mem_probe() 272 rmtfs_mem->perms = BIT(QCOM_SCM_VMID_HLOS); in qcom_rmtfs_mem_probe() 274 &rmtfs_mem->perms, perms, num_vmids + 1); in qcom_rmtfs_mem_probe() 298 if (rmtfs_mem->perms) { in qcom_rmtfs_mem_remove() 303 &rmtfs_mem->perms, &perm, 1); in qcom_rmtfs_mem_remove()
|
| /linux/drivers/infiniband/sw/siw/ |
| H A D | siw_mem.c | 74 mem->perms = rights & IWARP_ACCESS_MASK; in siw_mr_add_mem() 137 enum ib_access_flags perms, int len) in siw_check_mem() argument 150 if ((mem->perms & perms) < perms) { in siw_check_mem() 152 mem->perms, perms); in siw_check_mem() 191 enum ib_access_flags perms, u32 off, int len) in siw_check_sge() argument 216 rv = siw_check_mem(pd, *mem, sge->laddr + off, perms, len); in siw_check_sge()
|
| H A D | siw_mem.h | 17 enum ib_access_flags perms, int len); 19 struct siw_mem *mem[], enum ib_access_flags perms,
|
| /linux/fs/orangefs/ |
| H A D | orangefs-utils.c | 106 if (attrs->perms & ORANGEFS_O_EXECUTE) in orangefs_inode_perms() 108 if (attrs->perms & ORANGEFS_O_WRITE) in orangefs_inode_perms() 110 if (attrs->perms & ORANGEFS_O_READ) in orangefs_inode_perms() 113 if (attrs->perms & ORANGEFS_G_EXECUTE) in orangefs_inode_perms() 115 if (attrs->perms & ORANGEFS_G_WRITE) in orangefs_inode_perms() 117 if (attrs->perms & ORANGEFS_G_READ) in orangefs_inode_perms() 120 if (attrs->perms & ORANGEFS_U_EXECUTE) in orangefs_inode_perms() 122 if (attrs->perms & ORANGEFS_U_WRITE) in orangefs_inode_perms() 124 if (attrs->perms & ORANGEFS_U_READ) in orangefs_inode_perms() 127 if (attrs->perms & ORANGEFS_G_SGID) in orangefs_inode_perms() [all …]
|
| /linux/fs/hfsplus/ |
| H A D | catalog.c | 81 void hfsplus_cat_set_perms(struct inode *inode, struct hfsplus_perm *perms) in hfsplus_cat_set_perms() argument 84 perms->rootflags |= HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms() 86 perms->rootflags &= ~HFSPLUS_FLG_IMMUTABLE; in hfsplus_cat_set_perms() 88 perms->rootflags |= HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms() 90 perms->rootflags &= ~HFSPLUS_FLG_APPEND; in hfsplus_cat_set_perms() 92 perms->userflags = HFSPLUS_I(inode)->userflags; in hfsplus_cat_set_perms() 93 perms->mode = cpu_to_be16(inode->i_mode); in hfsplus_cat_set_perms() 94 perms->owner = cpu_to_be32(i_uid_read(inode)); in hfsplus_cat_set_perms() 95 perms->group = cpu_to_be32(i_gid_read(inode)); in hfsplus_cat_set_perms() 98 perms->dev = cpu_to_be32(inode->i_nlink); in hfsplus_cat_set_perms() [all …]
|
| /linux/security/selinux/include/ |
| H A D | security.h | 252 #define security_xperm_set(perms, x) ((perms)[(x) >> 5] |= 1 << ((x)&0x1f)) 253 #define security_xperm_test(perms, x) (1 & ((perms)[(x) >> 5] >> ((x)&0x1f))) 343 char ***perms, u32 *nperms); 246 security_xperm_set(perms,x) global() argument 247 security_xperm_test(perms,x) global() argument
|
| /linux/security/selinux/ss/ |
| H A D | avtab.c | 317 __le32 buf32[ARRAY_SIZE(xperms.perms.p)]; in avtab_read_item() 447 sizeof(u32) * ARRAY_SIZE(xperms.perms.p)); in avtab_read_item() 452 for (i = 0; i < ARRAY_SIZE(xperms.perms.p); i++) in avtab_read_item() 453 xperms.perms.p[i] = le32_to_cpu(buf32[i]); in avtab_read_item() 523 __le32 buf32[ARRAY_SIZE(cur->datum.u.xperms->perms.p)]; in avtab_write_item() 543 for (i = 0; i < ARRAY_SIZE(cur->datum.u.xperms->perms.p); i++) in avtab_write_item() 544 buf32[i] = cpu_to_le32(cur->datum.u.xperms->perms.p[i]); in avtab_write_item() 546 ARRAY_SIZE(cur->datum.u.xperms->perms.p), fp); in avtab_write_item()
|
| H A D | services.c | 140 while (p_in->perms[k]) { in selinux_set_mapping() 142 if (!*p_in->perms[k]) { in selinux_set_mapping() 146 p_out->perms[k] = string_to_av_perm(pol, p_out->value, in selinux_set_mapping() 147 p_in->perms[k]); in selinux_set_mapping() 148 if (!p_out->perms[k]) { in selinux_set_mapping() 150 p_in->perms[k], p_in->name); in selinux_set_mapping() 210 if (avd->allowed & mapping->perms[i]) in map_decision() 212 if (allow_unknown && !mapping->perms[i]) in map_decision() 218 if (avd->auditallow & mapping->perms[i]) in map_decision() 223 if (avd->auditdeny & mapping->perms[i]) in map_decision() [all …]
|
| /linux/tools/testing/selftests/mm/ |
| H A D | mlock2.h | 24 char perms[5]; in seek_to_smaps_entry() local 36 &start, &end, perms, &offset, dev, &inode, path) < 6) in seek_to_smaps_entry()
|
| /linux/security/selinux/ |
| H A D | avc.c | 656 const char *const *perms; in avc_audit_pre_callback() local 666 perms = secclass_map[sad->tclass-1].perms; in avc_audit_pre_callback() 672 if ((perm & av) && perms[i]) { in avc_audit_pre_callback() 673 audit_log_format(ab, " %s", perms[i]); in avc_audit_pre_callback() 830 static int avc_update_node(u32 event, u32 perms, u8 driver, u8 base_perm, in avc_update_node() argument 887 node->ae.avd.allowed |= perms; in avc_update_node() 893 node->ae.avd.allowed &= ~perms; in avc_update_node() 896 node->ae.avd.auditallow |= perms; in avc_update_node() 899 node->ae.avd.auditallow &= ~perms; in avc_update_node() 902 node->ae.avd.auditdeny |= perms; in avc_update_node() [all …]
|
| /linux/tools/testing/selftests/mqueue/ |
| H A D | mq_open_tests.c | 203 int perms = DEFFILEMODE; in test_queue() local 205 if ((queue = mq_open(queue_path, flags, perms, attr)) == -1) in test_queue() 225 int perms = DEFFILEMODE; in test_queue_fail() local 227 if ((queue = mq_open(queue_path, flags, perms, attr)) == -1) in test_queue_fail()
|
| /linux/drivers/tee/qcomtee/ |
| H A D | mem_obj.c | 155 u64 *mem_size, u32 *perms) in qcomtee_mem_object_map() argument 165 *perms = QCOM_SCM_PERM_RW; in qcomtee_mem_object_map()
|